Splunk Search

Community Activity

Custom fields How can I check if my custom fields work ? How can I list the content of custom fields ? Thank you Markus by huaraz Explorer in Splunk Search 08-31-2011 0 3	0	3
addtotal/addcoltotals issue Hello fellow Splunkers! ipc=ipc1-r6c10 Intake-Temperature=70 Exhaust-Temperature=82 Humidity=44% Amps=6 Voltage=351... by zachvida Path Finder in Splunk Search 08-31-2011 0 2	0	2
Reinventing the wheel I just setup my test forefront proxy server to forward logs to my test Splunk indexer. Is there a stash of existing q... by mikefoti Communicator in Splunk Search 08-31-2011 1 6	1	6
Received event for unconfigured/disabled index... : When was this event received? I have blue bar notification in each view informing me that an event was received "for unconfigured/disabled index='s... by muebel SplunkTrust in Splunk Search 08-30-2011 2 7	2	7
make extract command overwrite fields I have a field that looks like this: key1=value1key2=value2key3=value3 I put in a stanza in transforms that looks ... by kkalmbach Path Finder in Splunk Search 08-30-2011 0 3	0	3
how to calculate multiple stats count? i have following data playdate, adid, store, 2011-08-23, 1 , s1 2011-08-23, 2, s2 2011-08-23, 1, s2 2011-08-25, 2, ... by desi New Member in Splunk Search 08-29-2011 0 1	0	1
Quadruple backslash required... bug or feature? I'm encountering something that seemed non-intuitive to me in my Search app through the web interface. I'm trying to... by phatfingers Explorer in Splunk Search 08-29-2011 1 2	1	2
Exporting views and searches. Hello. I have a set of advanced views, dashboards, searches, etc for the search app, which i have developed using my... by smtnw666 Engager in Splunk Search 08-29-2011 3 1	3	1
Splunk app for Web Intelligence : missing saved search? I installed the beta web intelligence app and I'm trying to load data and check it out. I've run the backfill script... by chrispayne Engager in Splunk Search 08-29-2011 1 3	1	3
Use role's "restrict search terms" in complex search Hi everyone, I'm having different roles with different restrict search terms. However, in my dashboards, a drop down ... by afaraino Explorer in Splunk Search 08-29-2011 0 4	0	4
Regex Error Hi, I am trying to use simple regex to find clients with specific IPs. My regex looks like status=404 \| regex host... by rahiparikh Explorer in Splunk Search 08-27-2011 1 5	1	5
valid search?? lastOccurrence=2011/08/25 03:29:25\|firstOccurrence=2011/08/25 01:44:11 My logs contain data similar to the notes abo... by DTERM Contributor in Splunk Search 08-26-2011 0 3	0	3
Is there a way to format results? I was wondering if there's some configuration that I can apply process the results that are saved on disk to follow a... by samiomer Path Finder in Splunk Search 08-26-2011 0 1	0	1
Remove splunk server from splunk search I have about 15 network devices I have sending to splunk perfectly. But the splunk server is also showing up there, a... by thanson Engager in Splunk Search 08-26-2011 1 2	1	2
Eval a distinct count I've been trying to determine the # of free dhcp leases. I can calculate the total current leases with: index=os ho... by Blu3fish Path Finder in Splunk Search 08-25-2011 1 4	1	4
replace or hide aggregate 0s in timechart I have a search that returns number of apache processes per host: sourcetype="ps" earliest="-7m" \| multikv filter ap... by zdavitiani_splu Splunk Employee in Splunk Search 08-25-2011 4 2	4	2
Host name extraction from syslog repository Greetings, I have inherited a Splunk 4.1 infrastructure and while I am getting up to speed on Splunk, I need assista... by jkfritcher Engager in Splunk Search 08-25-2011 0 2	0	2
Help sending header and footer of CSV to nullqueue Hey everyone. The source files I am currently working with each contain a large amount of records. The problem is the... by msarro Builder in Splunk Search 08-25-2011 0 4	0	4
how to create field store permanently HI, I try to define a field name using the below statement in the search column, however I do not get this filed sto... by tailesley New Member in Splunk Search 08-24-2011 0 1	0	1
how to use scripted input for refreshing lookup data? I have two files test1.csv and test2.csv. I indexed them in Splunk and then use them as lookup. These two files are r... by desi New Member in Splunk Search 08-24-2011 0 1	0	1
Dynamically analyze fields? I have some data that looks like this: priority=INFO thread= location= line= field1=OK,field2=OK,field3=OK....fie... by sf_user_199 Path Finder in Splunk Search 08-24-2011 1 3	1	3
Using Transaction with One to Many Relationships I've something of a challenge: How to best generate a single event in a summary index that is based on a transaction ... by David Splunk Employee in Splunk Search 08-23-2011 0 11	0	11
Creating fields from trap Hi all, I may be going at this in the completely wrong way, but I'm looking at extracting information from traps sen... by jduraes Explorer in Splunk Search 08-23-2011 1 5	1	5
help need with add oneshot CLI Hello, i am trying to run add oneshot from cli but keep getting following error: C:\Program Files\Splunk\bin>splunk ... by desi New Member in Splunk Search 08-23-2011 0 2	0	2
How modify EventsViewer click actions? EventsViewers doesn't support Drilldown. How can modify default click actions? If I click on a segmentation, I would ... by houxiaoxiao Engager in Splunk Search 08-23-2011 0 1	0	1