| | how do i show the average number of hits per minute for each hour? basically i have a system that will, on peak hour... 3 1 | 3 | 1 | |
| | I have a file that I need to index twice. Specifically, I need it sent/indexed to two different indexes. How could... 1 4 | 1 | 4 | |
| | Hi folks I have a directory structure on my server box (with splunk LWF) like this: /foo/bar/node1/server1/SystemOu... 1 3 | 1 | 3 | |
| | If you have a time range and certain days contain data you'd like to exclude can you drop the days from your search r... 4 2 | 4 | 2 | |
| | How should I allocate space for indexes among indexing nodes? For example, lets say I have 2 groups of servers that ... 1 1 | 1 | 1 | |
| | I've been asked to look into renaming my Splunk indexer server (don't ask why). Is there a "best" or safe method for... 1 2 | 1 | 2 | |
| | I would like to be able to see if a user logs in via ssh but doesn't log out within 30 minutes. For example 12:28:4... 2 1 | 2 | 1 | |
| | My understanding is that this is now done via a splunk config file. How? 2 1 | 2 | 1 | |
| | I see lots of reference to search heads as a way to improve search performance. I can't find a search head section o... 0 2 | 0 | 2 | |
| | I have Splunk 4.0.10 64bit version running in Windows 2008 R2 64bit. I noticed that when Splunkd service is turned o... 2 1 | 2 | 1 | |
| | My search command is ------ sourcetype="aix_" host="" | sendemail to="rsimmons@splunk.com" 3 1 | 3 | 1 | |
| | I've heard there are some REST endpoints that allow you to refresh objects (such as new dashboards, nav menus, etc...... 2 3 | 2 | 3 | |
| | I have downloaded the Splunk License Usage app and reconfigured it to resolve some searching issues. How do I repack... 1 1 | 1 | 1 | |
| | I have a number of hosts that have a certain tag on them (let's say "sensitive"). I want to look for account lockout ... 1 2 | 1 | 2 | |
| | Hi, I just installed cisco_firewall_addon for version 4.1 of splunk and I am having some issues. I have an ASA and a ... 1 5 | 1 | 5 | |
| | Is it possible with subsearch to pass a list of search results to the outside search? similar to a SQL correlated sub... 3 3 | 3 | 3 | |
| | Hello, System type: Linux We have splunk running on our centralized syslog-ng server. We then have other servers fo... 1 4 | 1 | 4 | |
| | Would someone confirm the following observations regarding data input configuration via inputs.conf? when using wild... 0 3 | 0 | 3 | |
| | We use the *Nix application to pick up all the stats from our servers (cpu, ps etc) and I see in the inputs.conf that... 1 4 | 1 | 4 | |
| | Given a sequence of general to specific events (like product browsing a pages, followed by particular product pages)... 2 2 | 2 | 2 | |
| | I'm trying to map search performance to specific searches. I have to discover if its possible to marry up a job ID t... 2 8 | 2 | 8 | |
| | The asterisk character is not matching all characters. A search for : rectype="bl*query" returns 0 matching event... 10 5 | 10 | 5 | |
| | In a dashboard we're working with we are displaying a table of events and the times always have 000 as the millisecon... 1 1 | 1 | 1 | |
| | Livetail was around in version 3.x and went away in 4.0. When is it coming back? 2 1 | 2 | 1 | |
| | Hi, I have syslog_ng server (sles 10). Everything is logged in this way: /var/log/HOSTS/xx-yy/hostname or ip/log fi... 0 2 | 0 | 2 | |
