Splunk Search

Community Activity

FlashTimeline - how many time bars can be displayed? I have noticed that when doing a search in the default Search view, flashtimeline, the green time bars will be a usef... by Jason Motivator in Splunk Search 11-28-2011 2 2	2	2
Speed impact of field extractions? I've got a custom log format using a format similar to an Apache access log but with different data. I've used the in... by dpadams Communicator in Splunk Search 11-28-2011 0 5	0	5
Scheduled Searches and Multiple Searchheads How are scheduled searches handled for an app if the app is installed on multiple searchheads? Will the search run o... by rmorlen Splunk Employee in Splunk Search 11-28-2011 1 1	1	1
Exclude Hosts In A Saved Search I have a saved search that is looking at the % disk space free on each drive over a number of window server. There ar... by itsomana Path Finder in Splunk Search 11-28-2011 0 4	0	4
Advanced Search I have a top ten search fpor windows Errors that I run each day. My bose want to to know how many days each of the t... by hartfoml Motivator in Splunk Search 11-28-2011 0 8	0	8
where username NOT equal to list of usernames in Lookup table i have some data indexed which is a snapshot of users who have access to a system. i have uploaded a 1 column csv wi... by r999 Path Finder in Splunk Search 11-28-2011 1 5	1	5
better field discovery with SUF I was under the impression that using SUF to forward events would some hope provide more automatically discovered fie... by mikefoti Communicator in Splunk Search 11-28-2011 0 5	0	5
rex - matching everything until a tab Hello, I am trying to parse a log from a Tipping Point IPS. An example of the log I get is (the log is cut for clari... by wsw70 Communicator in Splunk Search 11-28-2011 0 2	0	2
Search - Fields function Hello, I want to display only the specify field(s) of the logs in the results display. Using: *\|fields + ProductName... by leiniao Explorer in Splunk Search 11-28-2011 0 2	0	2
Count Consecutive Errors and alert Hi, We have some transaction logs which log business event transactions. I have a requirement to alert when a particu... by ashleyherbert Communicator in Splunk Search 11-27-2011 0 9	0	9
How I can make rows in red color of a table of a view if some condition meets How I can make rows in red color of a table of a view if some condition meets for example in table output of this vie... by kml_uvce Builder in Splunk Search 11-25-2011 0 1	0	1
Retirement and archiving period for one file We have a file which will be updated very rarely(may be once a year or so that too may be a line will be added or del... by sushildabare Path Finder in Splunk Search 11-24-2011 0 9	0	9
How do I get TimeRangePicker to revert to the default? The dropdown box for the search time-range doesn't revert to the default value after I run a search, can I make this ... by mctester Communicator in Splunk Search 11-23-2011 4 2	4	2
Merge results of two searches with transactions Hi there Is there a way to merge the results of two different searches, where I'm grouping the events with the trans... by Simon Contributor in Splunk Search 11-22-2011 0 4	0	4
Polling Interval Will changing the polling interval of my remote data help in reducing the amount of data indexed in a day? I am hopin... by tympaniplayer Path Finder in Splunk Search 11-22-2011 0 3	0	3
Field Extraction for REST API Logs The content of the log is basically API REST calls. I am facing the issue of not being able to extract the fields of ... by lpolo Motivator in Splunk Search 11-22-2011 0 9	0	9
Sum of call_duration I have a field called "call_duration" expressed as 00:00:17, and another field called "Party1Name" which is simply a... by joshftx Explorer in Splunk Search 11-22-2011 0 4	0	4
Certain REGEX strings in transforms.conf will fail I have requierement where i need to route data from certain sources to a specific index. The index name will be extra... by _d_ Splunk Employee in Splunk Search 11-22-2011 2 1	2	1
conditional event to display different static picture is there any ways to display different static picture on dashboard depends on different search result. this is sort o... by cpuppet Path Finder in Splunk Search 11-21-2011 1 4	1	4
Windows Security Logs: Regex Filtering Search time I have a windows security event that I am trying to extract a custom field for failed logon events. The problem I ha... by arrowsmith3 Path Finder in Splunk Search 11-21-2011 0 3	0	3
How to chaining queries that update lookup tables? Hi great knowledgeable splunkers! I have a number of queries that I need to chain in specific order so that static l... by ag Explorer in Splunk Search 11-20-2011 1 2	1	2
I'm currently getting a pool warnings message, can someone explain what this means? Pool warnings (1) License alerts notify you of excessive indexing warnings and licensing misconfigurations. If you ... by sfunk New Member in Splunk Search 11-18-2011 0 1	0	1
How do you use a field defined in the search as a search parameter? Hello Splunk people, I'm trying to do something that seems simple but I'm having a lot of trouble figuring it out. ... by ZikFat Engager in Splunk Search 11-18-2011 0 5	0	5
Search help: remove intersection of two sets from the first set A customer asked this search question a few days ago. I thought it was a good one for answers. Assume you have two da... by Genti Splunk Employee in Splunk Search 11-18-2011 0 2	0	2
How to re-use search query using HiddenPostProcess So I'm attempting to re-use the same search query results multiple times in the same advanced view for performance re... by dabarb1 Explorer in Splunk Search 11-18-2011 1 5	1	5