Splunk Search

Community Activity

Top by a value inside the query Within each record in a query I have two fields, c_ip and cs_bytes which is numeric. How can I get the top 10 c_ip v... by timbCFCA Path Finder in Splunk Search 09-24-2010 1 1	1	1
Purging Extra Source Types & related data? Hello, I have a couple issues. First off, my Splunk server blue screened (yay for Windows!) and now I have a source... by kholleran Communicator in Splunk Search 09-24-2010 0 3	0	3
Eval rounding error too big Hi, I'm getting a big rounding error when evaluating floating expressions. Here is the search that is evaluating the ... by gljiva Path Finder in Splunk Search 09-24-2010 0 1	0	1
Input Latitude & Longtitude directly Dear ziegfried, Firstly, I really like your Google Maps App. but I have question about input. When I search with geo... by materaj New Member in Splunk Search 09-24-2010 0 3	0	3
extracting a data field I have one event viewer log and I'm tryng to capture the data fields, since Splunk cannot recognize the timstamp by i... by Caio_Santos Path Finder in Splunk Search 09-24-2010 1 2	1	2
How to draw a complex column chart Hi, Splunk noob question: I defined and saved 3 searches: a. Users visiting my page. b. Users attempting to do acti... by barryv Explorer in Splunk Search 09-23-2010 0 2	0	2
Generate report of top n search queries I'd like to generate a report of N top search queries from my apache weblogs. Log entry for a search looks like: 1... by staze Path Finder in Splunk Search 09-23-2010 0 5	0	5
stats sum(duration) by user date_month date_year - Not really Addition of duration? Splunkers... I am looking at a VPN logs from a Cisco ASA and trying to calculate the amount of time per day per user ... by starks951 Explorer in Splunk Search 09-23-2010 0 4	0	4
How to put SearchBar & HiddenSearch module to work together ? Hello, I want to design an Form Seach which has a SearchBar on it to let user input their search keyords. And in thi... by leo_wang Path Finder in Splunk Search 09-23-2010 1 2	1	2
Limit result of a search query Hi all, how can i limit this search query to the top 5 rows? eventtype="searchDC" Type="Audit Success" CategoryStrin... by pinzer Path Finder in Splunk Search 09-23-2010 0 2	0	2
Time Picker, Search Picker for a Line Chart: Help with Advanced XML I have been digging into the advanced xml stuff lately, and have come across a hurdle with simply figuring out the co... by muebel SplunkTrust in Splunk Search 09-23-2010 1 2	1	2
List sum of fields across events This seems like it would be easy. Maybe it is, and I'm being thick today.  Log lines look like ... server1 qs_queu... by twinspop Influencer in Splunk Search 09-23-2010 1 2	1	2
Monitor a file or directory indexing no longer working The "monitor a file or directory" data input option is no longer working. When I add a new file this way, the source ... by hoffmandirt Explorer in Splunk Search 09-22-2010 0 1	0	1
Charting values from performance record I've got a log file that contains, time, controller, and CPU % used. I need to create a time chart that plots the CPU... by snowmizer Communicator in Splunk Search 09-22-2010 0 3	0	3
Search results not displayed when using certain fields in the initial search string This is probably pretty straightforward but on my search head the following will not return any results: index=train... by Blu3fish Path Finder in Splunk Search 09-21-2010 1 1	1	1
Having REGEX Problems Sorry for the cross post but after posting i saw a recommendation to use this forum instead of splunk.com I am havin... by usersnation Explorer in Splunk Search 09-21-2010 1 6	1	6
Crossing multivalued fields Got the following: One field with 4 types of values/functions and another field that is the status of those functions... by Caio_Santos Path Finder in Splunk Search 09-21-2010 0 2	0	2
startminutesago/endminutesago vs earliest/latest I know that from version 4 onward, use of the earliest and latest time parameters are preferred over the older startm... by southeringtonp Motivator in Splunk Search 09-21-2010 1 1	1	1
External lookups: lookup not found error I'm following the instructions here and can't get it to even recognize the lookup. Did I miss something? My transfor... by twinspop Influencer in Splunk Search 09-21-2010 1 8	1	8
Search with 3 fields and count I'm trying to create a table which shows the following: - Domain Client_IP Client_User Cou... by manwin Path Finder in Splunk Search 09-21-2010 0 4	0	4
Bucket Search Command Question Hey, How would I go about writing a search that is able to show me how many events are found in a particular index (... by Ant1D Motivator in Splunk Search 09-21-2010 0 6	0	6
help to capture with rex an event hello everybody, following is the event that i'm trying to capture with rex. [2010-08-05 17:51:11,661][info] INFO c... by Caio_Santos Path Finder in Splunk Search 09-20-2010 0 8	0	8
Adding intention to second drilldown search Hi, I've got the advanced view below, which has the aim of producing a search-by-domain page for some Apache-like lo... by blinken Explorer in Splunk Search 09-20-2010 3 4	3	4
Stop search when user leaves dashboard Hi, I'm sure I've come across it, but I didn't bookmark at the time. What is the parameter to stop the search behin... by garfieldconnoll Explorer in Splunk Search 09-19-2010 3 1	3	1
What does a anomalies command report mean when giving error: A separating field was not found, carring on without it. The anomalies command reports this error: "A separating field was not found. Carrying on without it." What does that... by rsimmons Splunk Employee in Splunk Search 09-17-2010 0 2	0	2