Splunk Search

Community Activity

Case sensitivity of name, in name=value pairs I would like to do a "stats distinct_count(accountID)" However, some code modules log "accountID=xxxx", while others... by NK_1 Path Finder in Splunk Search 10-29-2010 1 1	1	1
Using stats - how to correlate a value to time of day? Hello, I have an app where I'm splunking a sales price of an item that fluctuates throughout the day. Is there a way... by briang67 Communicator in Splunk Search 10-29-2010 0 3	0	3
How to specify the x axis on the timeline? I have imported a file which has more than one time and date field, splunk is using one of them, however I would like... by cooperuk New Member in Splunk Search 10-29-2010 0 4	0	4
SavedSearch containing $field_name$ Hey, I have written the following code for a form: <form> <label>Combo box test</label> <!-- <... by Ant1D Motivator in Splunk Search 10-29-2010 0 1	0	1
transform negative match I'm trying to send certain events ("IdcServerThread" stuff) to nullQueue unless there's a specific pattern in it (the... by jhedgpeth Path Finder in Splunk Search 10-28-2010 1 1	1	1
How to specify the path of a custom Database, while creating an index using command line Hi I am trying to create an index on the command line as follows (splunk 4.1.4) ./bin/splunk add index indexname -dir... by ajay_hbo Engager in Splunk Search 10-28-2010 1 2	1	2
Question about the PCI Application What is the "stash" sourcetype used for in the application? We're getting two huge spikes of events from that source... by jambajuice Communicator in Splunk Search 10-28-2010 0 3	0	3
Observing Oracle Forms on the net Hi all, I want to do following task with Splunk: I want to monitor and audit if a user or customer touches an Oracl... by simuvid Splunk Employee in Splunk Search 10-28-2010 0 3	0	3
What does "PollableDescriptor:writeWithTimeout failed" error mean? Seeing the following error in LWF splunkd.log every 5 minutes: 10-28-2010 08:37:37.048 WARN NetUtils - PollableDesc... by the_wolverine Champion in Splunk Search 10-28-2010 0 1	0	1
search by specific condition within time range Hello,i would like to search the specific ip attack events within the specific time range for real time,e.g. if the a... by hjwang Contributor in Splunk Search 10-28-2010 0 2	0	2
Transaction grouping not what I expect I have a summary index that contains the following information for my Windows event logs: host, sourcetype, and count... by snowmizer Communicator in Splunk Search 10-28-2010 1 2	1	2
What does it mean for a custom search command to be streamable? The commands.conf parameters are not super well-documented online or in the spec file. From the spec file: streamin... by hulahoop Splunk Employee in Splunk Search 10-28-2010 1 2	1	2
What are the OS requirements Let's say for 2 management servers for redundancy indexing 1gb a day. choices are Linux RH 5.4 Solaris 10 Window 20... by jhallman Explorer in Splunk Search 10-28-2010 0 1	0	1
How do you organize searches in Splunk? Hello, We have been creating a lot of searches lately, and would like a way to organize them into submenus. I tried... by merritsa Path Finder in Splunk Search 10-27-2010 1 12	1	12
Sort Fields in Charts I have the following chart: City/Day \| Friday \| Monday \| Thursday \| Tuesday \| Wednesday Chicago \| Yes \| Yes ... by wyang6 Path Finder in Splunk Search 10-27-2010 2 3	2	3
Lookups - How to limit/eliminate multiple matches Hi We have a automatic csv lookup for a specific source, for the host field. Some hosts will have the lookup field... by chris Motivator in Splunk Search 10-27-2010 1 4	1	4
Form vs. View for Multiple Result Sets Hi, My event data consists of HTTP requests. My goal is to build a view that includes: 1) A drop down to choose a Ho... by Eldad Explorer in Splunk Search 10-27-2010 0 1	0	1
chart over query string Hi guys, I have an apache log. I want to be able to chart the count of occurances of a particular query string in th... by chixor New Member in Splunk Search 10-27-2010 0 2	0	2
How to move uploaded file to directory splunk is monitoring? My splunk instance monitored the directory where proxy server upload compressed access log to via ftp. However my spl... by Takajian Builder in Splunk Search 10-27-2010 0 1	0	1
Problem with Stacked Area Chart I have a stacked area chart set up with advanced XML that is giving me an issue with mouseovers. The displayed chart... by blurblebot Communicator in Splunk Search 10-26-2010 0 1	0	1
Splunk Configuration that you Would Like to Do, but Haven't had the Time? Splunk is very flexible... maybe too flexible? What is that one thing that you have been wanting to do, maybe have b... by muebel SplunkTrust in Splunk Search 10-26-2010 0 4	0	4
Timechart already bucketed logs I have a query in which I use bucket to remove some duplicates at certain intervals. I am now trying to timechart th... by christopherutz Path Finder in Splunk Search 10-26-2010 0 3	0	3
Are lookup tables indexed? So how does splunk handle static lookup tables, are they indexed? max_memtable_bytes = * maximum size of static lo... by carmackd Communicator in Splunk Search 10-26-2010 4 3	4	3
match data from 2 queries I have some log entries that look like this: (note the brackets ARE in my logs) [10/25/2010] [10:25:31.817] [SCAN_H... by mcafeesecure Explorer in Splunk Search 10-26-2010 0 1	0	1
When posting setup.xml data to a custom endpoint, is it possible to make EAI calls that are properly authenticated and namespaced? My problem seems very similar to http://answers.splunk.com/questions/4175/redirects-before-and-after-our-apps-setup-... by sideview SplunkTrust in Splunk Search 10-25-2010 1 3	1	3