| | I'm forwarding data from a windows splunk instance to a freebsd. I checked the index that i'm forwarding data to, so ... 0 1 | 0 | 1 | |
| | In Splunk when I click on a sourcetype in the list on the Summary page it executes a search on that sourcetype using ... 1 4 | 1 | 4 | |
| | I have a multithreaded application that writes out intermingled logs and having performance issues searching with tra... 0 2 | 0 | 2 | |
| | I'd like to know the specific version of the third-party packages (openssl, pcre, openldap, etc.) Splunk ships with. ... 0 1 | 0 | 1 | |
| | Let's say I have a lookup table that looks like this: host,tmoapp somehost01,app01 somehost02,app01 anotherhost01,ap... 5 6 | 5 | 6 | |
| | What is the search command to search for a disk monitor log such you do in a database. for example, I would like to p... 0 6 | 0 | 6 | |
| | How Can I Put Summary Data In for An Old Data? 1 2 | 1 | 2 | |
| | Let's say you have two fields like so: a=0001L b=0002L What's the best way to force the eval command to see these ... 1 9 | 1 | 9 | |
| | Hello, i want all records from some hosts. How can i find records from hosts that match: host=chvj[34]04ld8[246] ? ... 1 2 | 1 | 2 | |
| | How can I submit an Enhancement Request (ER) / Request for Enhancement (RFE) to Splunk>? 7 2 | 7 | 2 | |
| | Hey, I have the following saved search in my Splunk instance which I saved as a search macro: sourcetype="log-file-... 1 6 | 1 | 6 | |
| | I am abit new to Splunk. I have setup the ossec server with: 6.7.8.9 10002 using the IP of the SPLUNK ser... 0 4 | 0 | 4 | |
| | I am trying to run the searches that come with the Ironport Web Security portion of Cisco Security for Splunk, and no... 0 1 | 0 | 1 | |
| | Hi all, i need to search the average number from the count by day of an event. for example if i have 3 5 and 4 event... 1 6 | 1 | 6 | |
| | Hey, I have written the following advanced dashboard that allows me to view results in a simple table based on what ... 0 4 | 0 | 4 | |
| | I find myself continually mystified by Splunk's strategy for placing things like event types, saved searches etc. How... 0 1 | 0 | 1 | |
| | I've got data that looks (functionally) like this: Event 1 contains String-A Field-X Event 2 contains String-B Field... 0 4 | 0 | 4 | |
| | I was wondering if there is a switch for the MSI installation that will limit the log files to current data only on i... 0 3 | 0 | 3 | |
| | This is largely an observation unless i am missing something: on the *nix app of the free version of splunk some file... 2 1 | 2 | 1 | |
| | I am checking out a sample application where an eventtype's search contains "sourcetype=..." . I having difficulty d... 1 4 | 1 | 4 | |
| | How do I know which index forwarded data goes to receiver instance ? I'm not sure about that, but i've created 2 inde... 1 2 | 1 | 2 | |
| | Our web server logs have percent symbols in the entries. I am able to search for certain logs by using REGEX (e.g. RE... 0 4 | 0 | 4 | |
| | I've got a saved search that's emailing me results up to this morning it was sending the results in a table with the ... 1 3 | 1 | 3 | |
| | If I close my web browser with search results up, then on restart of the web browser I end up at the "flashtimeline" ... 1 4 | 1 | 4 | |
| | I have a Power user who is creating his own lookup files. This works great but he's unable to share the file for oth... 2 1 | 2 | 1 | |
