Splunk Search

Community Activity

On the Fly KV Generation for Search Language Testing I am hacking away at some searches, and having some difficulties with strings and ints. I would like to set up some ... by muebel SplunkTrust in Splunk Search 09-17-2010 1 1	1	1
Searching for large groups of hosts (or any other field), i.e. host=box[100-200].domain.com Hi, We want to search for hundreds of hosts at a time. The question is similar to these: http://answers.splunk.com/... by parallaxed Path Finder in Splunk Search 09-17-2010 0 10	0	10
Extracting fields for a report with regex not working Hi I'm trying to "extract fields" with regular expressions for a specific position on a comma separated log file tha... by henrikb New Member in Splunk Search 09-17-2010 0 2	0	2
Create charts from SNMP Counter data type I am collecting snmpget data from a SAN switch. A few of the SNMP elements use counters where I get the accumalated v... by rasingh Path Finder in Splunk Search 09-16-2010 2 7	2	7
Counting Your searches Is there anyway to count the number of searches ran on an indexer in a 24 hour period? by carmackd Communicator in Splunk Search 09-16-2010 0 2	0	2
Google map set default search? Hi, how to set default search string for Google map splunk app so that when app is opened default search is run and d... by gljiva Path Finder in Splunk Search 09-16-2010 0 4	0	4
working with large data sets, seem to be hitting limits I have what I think is a routine problem, but I don't know how to solve it. I have a log file that has mixed content... by richard_whiffen Explorer in Splunk Search 09-16-2010 4 3	4	3
Windows 2003 64Bit version of Flash V9 or V10 I have installed the 64 bit version of splunk onto a 2003 64 bit OS. It is asking me to install flash 9 or better....... by berniefieldhous Engager in Splunk Search 09-16-2010 0 2	0	2
Slow Search Performance on AIX Hello everybody, I just started with Splunk and I ‘am having already some large performance problems. my System : *... by Christian Path Finder in Splunk Search 09-16-2010 1 16	1	16
Why can't I search for my extracted field? I have a store field brought in by a scripted lookup. it shows up when i do a search for sourcetype=foo, I can even s... by mctester Communicator in Splunk Search 09-16-2010 2 2	2	2
Indexing speed of Splunk whats the indexing rate of splunk (GB/Hr)? by pvannalath New Member in Splunk Search 09-16-2010 0 1	0	1
Can I prevent the default index-time extraction for the "host" field to occur for events of the "syslog" sourcetype? I have several lightweight forwarders collecting syslog data from files in their respective /var/log/ directories and... by hexx Splunk Employee in Splunk Search 09-16-2010 5 1	5	1
Lookup Issues - windows_name_lookup does not exist Hi, Some background, We have Splunk 4.1.4 on Redhat Linux. We also have the PCI Compliance Suite Installed Everyti... by joshuar New Member in Splunk Search 09-15-2010 0 2	0	2
Threaded-applog event coalescing and searching I have a multithreaded application that writes out intermingled logs and having performance issues searching with tra... by mhunt15 New Member in Splunk Search 09-15-2010 0 2	0	2
Is there a way to make lookup NOT case sensitive Let's say I have a lookup table that looks like this: host,tmoapp somehost01,app01 somehost02,app01 anotherhost01,ap... by Jaci Splunk Employee in Splunk Search 09-15-2010 5 6	5	6
search command to select specific fields What is the search command to search for a disk monitor log such you do in a database. for example, I would like to p... by Caio_Santos Path Finder in Splunk Search 09-15-2010 0 6	0	6
How to force "eval" to cast an expression as numeric value? Let's say you have two fields like so: a=0001L b=0002L What's the best way to force the eval command to see these ... by Lowell Super Champion in Splunk Search 09-15-2010 1 9	1	9
Regular expression in Search Hello, i want all records from some hosts. How can i find records from hosts that match: host=chvj[34]04ld8[246] ? ... by JensT Communicator in Splunk Search 09-15-2010 1 2	1	2
Search Macro Question Hey, I have the following saved search in my Splunk instance which I saved as a search macro: sourcetype="log-file-... by Ant1D Motivator in Splunk Search 09-15-2010 1 6	1	6
avg of number of events by day Hi all, i need to search the average number from the count by day of an event. for example if i have 3 5 and 4 event... by pinzer Path Finder in Splunk Search 09-15-2010 1 6	1	6
TimeRangePicker Charting Question Hey, I have written the following advanced dashboard that allows me to view results in a simple table based on what ... by Ant1D Motivator in Splunk Search 09-15-2010 0 4	0	4
Best way to create a transaction of three events? I've got data that looks (functionally) like this: Event 1 contains String-A Field-X Event 2 contains String-B Field... by dnolan Explorer in Splunk Search 09-15-2010 0 4	0	4
Search for percent symbol in log entries Our web server logs have percent symbols in the entries. I am able to search for certain logs by using REGEX (e.g. RE... by castle1126 Communicator in Splunk Search 09-14-2010 0 4	0	4
how to train Splunk to recognize a character set Hello. My logs contain Simple Chinese characters. After setting CHARSET = GB2312 in the props.conf, some Chinese char... by alextsui Path Finder in Splunk Search 09-14-2010 0 2	0	2
Is there a search that a user can execute to view search history We have a users that would like to see their search history, however this user does not have admin rights and does no... by kbecker Communicator in Splunk Search 09-13-2010 2 3	2	3