Splunk Search

Community Activity

License Percentage Used Saved Search returning odd values Greetings, I have a saved search: index=_internal sourcetype=splunkd Metrics "group=per_host_thruput" \| stats sum(k... by wwhitener Communicator in Splunk Search 12-05-2011 0 2	0	2
serach not working with input csv Hi, I have a input lookup file called "services" and I need to search all values of a field (channels) from that csv... by KarunK Contributor in Splunk Search 12-04-2011 0 5	0	5
metadata command giving different answers on different search heads I recently loaded a 4.2 search head onto my laptop in order to use it for testing some view development in a way that... by dwaddle SplunkTrust in Splunk Search 12-02-2011 2 2	2	2
Dedup on multiple fields but count the instance, and display as new field. Original Data SrcIP SrcName DstIP DstName DstPort 192.168.1.1 bob.net.net 172.16.16.1 alice... by kearnwl Engager in Splunk Search 12-02-2011 1 3	1	3
Regex Help A complete event record looks like this: Row 114005: Requester Name: "RETAIL\S2343W01$" Issued Common Name: "S2343W0... by mikefoti Communicator in Splunk Search 12-02-2011 0 2	0	2
bin examples I am looking for more bin examples other than using it for time. I have a field called seconds and I suspect a timeo... by slyskawa Engager in Splunk Search 12-02-2011 0 1	0	1
In accesslog, "status" search.. help me ^^ Hi Please help me a little "Search Command". In accesslog, I should need two results.(count) I Have a field name "sta... by khyoung7410 Communicator in Splunk Search 12-02-2011 0 3	0	3
Windows Event # 4729 How to I extract fields that have the same name: **Subject: Security ID: S-1-5-21-3421131818-2740222167-1022... by hartfoml Motivator in Splunk Search 12-02-2011 0 3	0	3
Results table no display on user's browser I'm not sure if this has been asked. I've a saved search generating reports on a weekly basis.I've just ran the sear... by remy06 Contributor in Splunk Search 12-02-2011 0 3	0	3
adding a field based on other fields Hello, I am trying to use splunk to parse nessus results. I have managed to have them loaded, parsed and I get the f... by wsw70 Communicator in Splunk Search 12-02-2011 0 2	0	2
Check for only non-numeric value in an extracted field I have following string: 2011-12-01T13:31:25-05:0063487210, TEST# 67779806 I have written the following search str... by anirbanukil Explorer in Splunk Search 12-01-2011 0 5	0	5
LookUp Table: Show event if lookup table value is NOT in the log file I have a lookup table that has the login name of customers (cs_username) and a human friendly name (Customer). It lo... by kmattern Builder in Splunk Search 12-01-2011 3 4	3	4
Date sorting Can you please tell how to sort date values ? by iamniks Explorer in Splunk Search 12-01-2011 0 2	0	2
What will happen if shared storage goes crash when search head pooling is enabled? I am thinking to use search head pooling. But I am not sure what will happen if shared storage goes crash. Can somebo... by Takajian Builder in Splunk Search 12-01-2011 0 2	0	2
Regex -or- How to cleanup field values A single event looks like this: Row 113711: Requester Name: "RETAIL\HH01-0002" User Principal Name: "HH01-0002@retai... by mikefoti Communicator in Splunk Search 11-30-2011 0 3	0	3
Return something when search doesn't return anything I want to have a table with results of a search of the SQL logs for backups. But the search I have only returns the s... by jordans Path Finder in Splunk Search 11-30-2011 0 4	0	4
problem extracting all occurrences of name values I have a reoccurring line in a multi-line event of the form: <td> someName someValue someUnits I'm trying to save ... by cwi Engager in Splunk Search 11-30-2011 0 2	0	2
To find requests which are late by 1 day Hi I have a query where i am retrieving the logs which have timestamp>field. eg: ....\| where _time>RequestActual Req... by adityapavan18 Contributor in Splunk Search 11-29-2011 0 4	0	4
How to determine which forwarder sent data without relying on host? I have a pool of identically configured rsyslog servers behind a load balancer. Each hosts' data is written to a log ... by jeff Contributor in Splunk Search 11-29-2011 0 1	0	1
stats on the presence of a field Hi, I have a set of splunk entries where it can be one of several pattern of fields. So for example: 2011-01-01T1... by Samslara Explorer in Splunk Search 11-29-2011 0 7	0	7
How to compare to searches in different indexes? How can I compare two or more source-types (each source-type has a unique index) with each other? Each source-type ha... by mkelderm Path Finder in Splunk Search 11-29-2011 0 2	0	2
Get % Uptime I am useing this search to get both up and down status "index=monitoring \| stats count by status " The Table shows ... by hartfoml Motivator in Splunk Search 11-29-2011 1 2	1	2
Lookup issues I have a table of bad IP's that I want to use in a search agnest my firewall logs in the past I have done this low t... by hartfoml Motivator in Splunk Search 11-29-2011 0 3	0	3
How to get Splunk access statistics We need to provide Splunk user access statistics: How many user accessed splunk the last month How many times a spec... by snevarezh Explorer in Splunk Search 11-29-2011 1 2	1	2
Replacing Results Rather Than Appending A script has been set up to produce a txt file every 10 mins The txt file has been set to import as follows: 'Conti... by parkerio Engager in Splunk Search 11-29-2011 0 3	0	3