Splunk Search

Community Activity

Drilldown problem I have a problem where I have a table that has a _time column and two other columns, I have a search that sorts that ... by Dark_Ichigo Builder in Splunk Search 09-02-2011 1 6	1	6
Add Data: A text file is being interpreted as a binary file I do realize there is another thread where someone asks the same question, but he solved his problem when he checked ... by jchensor Communicator in Splunk Search 09-01-2011 0 1	0	1
comparing files We have a flat file that contains user data. Changes made to this file are not audited. I'd like Splunk to report o... by JovanMilosevic Path Finder in Splunk Search 09-01-2011 1 2	1	2
Search results don't show extracted field I created a search time that works as expected when I do a search on only the sourcetype that I created the extractio... by cpenkert Path Finder in Splunk Search 09-01-2011 1 5	1	5
Transactions with different field names Hi, Hoping this is something simple that I'm not understanding. Example Data: Sourcetype=A Sport1=baseball SourceT... by cramasta Builder in Splunk Search 08-31-2011 0 5	0	5
Search Field Extraction help I have an _raw event with data that I would like to break out into key value pairs. I was wondering if anyone had any... by lisaac Path Finder in Splunk Search 08-31-2011 0 1	0	1
Creating usage reports from logfiles Hi, I am new to splunk and heard it can do nearly every type of reporting. I have an ADSL router creating logs in th... by huaraz Explorer in Splunk Search 08-31-2011 0 4	0	4
error piping commands I'm getting error an on piping one command into another. The result is a "Search operation 'earliest' is unknown. You... by DTERM Contributor in Splunk Search 08-31-2011 0 3	0	3
Custom fields How can I check if my custom fields work ? How can I list the content of custom fields ? Thank you Markus by huaraz Explorer in Splunk Search 08-31-2011 0 3	0	3
addtotal/addcoltotals issue Hello fellow Splunkers! ipc=ipc1-r6c10 Intake-Temperature=70 Exhaust-Temperature=82 Humidity=44% Amps=6 Voltage=351... by zachvida Path Finder in Splunk Search 08-31-2011 0 2	0	2
Reinventing the wheel I just setup my test forefront proxy server to forward logs to my test Splunk indexer. Is there a stash of existing q... by mikefoti Communicator in Splunk Search 08-31-2011 1 6	1	6
Received event for unconfigured/disabled index... : When was this event received? I have blue bar notification in each view informing me that an event was received "for unconfigured/disabled index='s... by muebel SplunkTrust in Splunk Search 08-30-2011 2 7	2	7
make extract command overwrite fields I have a field that looks like this: key1=value1key2=value2key3=value3 I put in a stanza in transforms that looks ... by kkalmbach Path Finder in Splunk Search 08-30-2011 0 3	0	3
how to calculate multiple stats count? i have following data playdate, adid, store, 2011-08-23, 1 , s1 2011-08-23, 2, s2 2011-08-23, 1, s2 2011-08-25, 2, ... by desi New Member in Splunk Search 08-29-2011 0 1	0	1
Quadruple backslash required... bug or feature? I'm encountering something that seemed non-intuitive to me in my Search app through the web interface. I'm trying to... by phatfingers Explorer in Splunk Search 08-29-2011 1 2	1	2
Exporting views and searches. Hello. I have a set of advanced views, dashboards, searches, etc for the search app, which i have developed using my... by smtnw666 Engager in Splunk Search 08-29-2011 3 1	3	1
Splunk app for Web Intelligence : missing saved search? I installed the beta web intelligence app and I'm trying to load data and check it out. I've run the backfill script... by chrispayne Engager in Splunk Search 08-29-2011 1 3	1	3
Use role's "restrict search terms" in complex search Hi everyone, I'm having different roles with different restrict search terms. However, in my dashboards, a drop down ... by afaraino Explorer in Splunk Search 08-29-2011 0 4	0	4
Regex Error Hi, I am trying to use simple regex to find clients with specific IPs. My regex looks like status=404 \| regex host... by rahiparikh Explorer in Splunk Search 08-27-2011 1 5	1	5
valid search?? lastOccurrence=2011/08/25 03:29:25\|firstOccurrence=2011/08/25 01:44:11 My logs contain data similar to the notes abo... by DTERM Contributor in Splunk Search 08-26-2011 0 3	0	3
Is there a way to format results? I was wondering if there's some configuration that I can apply process the results that are saved on disk to follow a... by samiomer Path Finder in Splunk Search 08-26-2011 0 1	0	1
Remove splunk server from splunk search I have about 15 network devices I have sending to splunk perfectly. But the splunk server is also showing up there, a... by thanson Engager in Splunk Search 08-26-2011 1 2	1	2
Eval a distinct count I've been trying to determine the # of free dhcp leases. I can calculate the total current leases with: index=os ho... by Blu3fish Path Finder in Splunk Search 08-25-2011 1 4	1	4
replace or hide aggregate 0s in timechart I have a search that returns number of apache processes per host: sourcetype="ps" earliest="-7m" \| multikv filter ap... by zdavitiani_splu Splunk Employee in Splunk Search 08-25-2011 4 2	4	2
Host name extraction from syslog repository Greetings, I have inherited a Splunk 4.1 infrastructure and while I am getting up to speed on Splunk, I need assista... by jkfritcher Engager in Splunk Search 08-25-2011 0 2	0	2