Splunk Search

Community Activity

Observing Oracle Forms on the net Hi all, I want to do following task with Splunk: I want to monitor and audit if a user or customer touches an Oracl... by simuvid Splunk Employee in Splunk Search 10-28-2010 0 3	0	3
What does "PollableDescriptor:writeWithTimeout failed" error mean? Seeing the following error in LWF splunkd.log every 5 minutes: 10-28-2010 08:37:37.048 WARN NetUtils - PollableDesc... by the_wolverine Champion in Splunk Search 10-28-2010 0 1	0	1
search by specific condition within time range Hello,i would like to search the specific ip attack events within the specific time range for real time,e.g. if the a... by hjwang Contributor in Splunk Search 10-28-2010 0 2	0	2
Transaction grouping not what I expect I have a summary index that contains the following information for my Windows event logs: host, sourcetype, and count... by snowmizer Communicator in Splunk Search 10-28-2010 1 2	1	2
What does it mean for a custom search command to be streamable? The commands.conf parameters are not super well-documented online or in the spec file. From the spec file: streamin... by hulahoop Splunk Employee in Splunk Search 10-28-2010 1 2	1	2
What are the OS requirements Let's say for 2 management servers for redundancy indexing 1gb a day. choices are Linux RH 5.4 Solaris 10 Window 20... by jhallman Explorer in Splunk Search 10-28-2010 0 1	0	1
How do you organize searches in Splunk? Hello, We have been creating a lot of searches lately, and would like a way to organize them into submenus. I tried... by merritsa Path Finder in Splunk Search 10-27-2010 1 12	1	12
Sort Fields in Charts I have the following chart: City/Day \| Friday \| Monday \| Thursday \| Tuesday \| Wednesday Chicago \| Yes \| Yes ... by wyang6 Path Finder in Splunk Search 10-27-2010 2 3	2	3
Lookups - How to limit/eliminate multiple matches Hi We have a automatic csv lookup for a specific source, for the host field. Some hosts will have the lookup field... by chris Motivator in Splunk Search 10-27-2010 1 4	1	4
Form vs. View for Multiple Result Sets Hi, My event data consists of HTTP requests. My goal is to build a view that includes: 1) A drop down to choose a Ho... by Eldad Explorer in Splunk Search 10-27-2010 0 1	0	1
chart over query string Hi guys, I have an apache log. I want to be able to chart the count of occurances of a particular query string in th... by chixor New Member in Splunk Search 10-27-2010 0 2	0	2
How to move uploaded file to directory splunk is monitoring? My splunk instance monitored the directory where proxy server upload compressed access log to via ftp. However my spl... by Takajian Builder in Splunk Search 10-27-2010 0 1	0	1
Problem with Stacked Area Chart I have a stacked area chart set up with advanced XML that is giving me an issue with mouseovers. The displayed chart... by blurblebot Communicator in Splunk Search 10-26-2010 0 1	0	1
Splunk Configuration that you Would Like to Do, but Haven't had the Time? Splunk is very flexible... maybe too flexible? What is that one thing that you have been wanting to do, maybe have b... by muebel SplunkTrust in Splunk Search 10-26-2010 0 4	0	4
Timechart already bucketed logs I have a query in which I use bucket to remove some duplicates at certain intervals. I am now trying to timechart th... by christopherutz Path Finder in Splunk Search 10-26-2010 0 3	0	3
Are lookup tables indexed? So how does splunk handle static lookup tables, are they indexed? max_memtable_bytes = * maximum size of static lo... by carmackd Communicator in Splunk Search 10-26-2010 4 3	4	3
match data from 2 queries I have some log entries that look like this: (note the brackets ARE in my logs) [10/25/2010] [10:25:31.817] [SCAN_H... by mcafeesecure Explorer in Splunk Search 10-26-2010 0 1	0	1
When posting setup.xml data to a custom endpoint, is it possible to make EAI calls that are properly authenticated and namespaced? My problem seems very similar to http://answers.splunk.com/questions/4175/redirects-before-and-after-our-apps-setup-... by sideview SplunkTrust in Splunk Search 10-25-2010 1 3	1	3
Automatic hostname configuration? In regard to > http://answers.splunk.com/questions/794/how-to-change-hostname-of-a-splunk-server My question is why ... by tkrn Engager in Splunk Search 10-25-2010 0 1	0	1
Multiple events returned in a single transaction - possible to create a single row in a table/csv file? I've got a transaction that returns 2 events. Originally these are 3 events but the transaction has combined 2 of th... by the_wolverine Champion in Splunk Search 10-25-2010 0 2	0	2
Two earliest queries - want search to pick based upon newest I have a query where I need to determine the earliest time I want events from.. It is either (1) The last time jboss ... by htkhtk Path Finder in Splunk Search 10-23-2010 1 1	1	1
What is the best way to show sparse concurrent transaction counts? I'm trying to report on concurrent SSL VPN sessions over time on an F5 APM device. I've defined the fields and the tr... by zentish New Member in Splunk Search 10-22-2010 0 2	0	2
Is it possible to extract a field from a transaction event? My field extraction doesn't appear to work in my transaction event. Does Splunk just combine all the various fields ... by the_wolverine Champion in Splunk Search 10-22-2010 2 1	2	1
Lookup table Limits Is there a row or column limit for a lookup table. I currently have a lookup that has 25 columns, and 350k rows, whi... by carmackd Communicator in Splunk Search 10-22-2010 0 9	0	9
How do you change the legend value Outside of renaming(aliasing) the actual field, can you also rename the entire content of the history for charting? ... by BunnyHop Contributor in Splunk Search 10-22-2010 0 1	0	1