I have the following query which almost does what I want: sourcetype="cisco_wsa_squid" | lookup teamlookup cs_userna... by cmeo Contributor in Splunk Search 09-29-2010 0 4 | 0 | 4 | ||
For the AMMAP application for the map, I followed the instruction and installed MAXMIND and the AMMAP app, but I can'... by clyde772 Communicator in Splunk Search 09-28-2010 0 6 | 0 | 6 | ||
I was reading the docs here http://www.splunk.com/base/Documentation/4.1.4/user/UnderstandTableandChartDrilldownActi... by caphrim007 Path Finder in Dashboards & Visualizations 09-28-2010 0 2 | 0 | 2 | ||
I have the following: <module name="HiddenSearch" layoutPanel="panel_row1_col1" autoRun="True"> <param na... by pde Path Finder in Dashboards & Visualizations 09-28-2010 0 1 | 0 | 1 | ||
I have a chart in a dashboard that shows a graph of paging space usage across all of our hosts. Or at least that's wh... by Branden Builder in Splunk Search 09-28-2010 2 2 | 2 | 2 | ||
Hi, I have just installed Splunk as want to get some reports out of a Barracuda Spam firewall we have installed that... by pshankland New Member in Splunk Search 09-28-2010 0 4 | 0 | 4 | ||
Hey, On the http://www.splunk.com/product page, there is an image on the right showing example dashboards. One of th... by Ant1D Motivator in Dashboards & Visualizations 09-28-2010 0 2 | 0 | 2 | ||
If I save the following search as mysearch (sources and rule numbers changed to protect the innocent) ((sourcetype="... 1 9 | 1 | 9 | ||
[1] I would like to know if I can tar an index from a Splunk instance and then untar it into other Splunk instance? ... by Nicholas_Key Splunk Employee ![]() 0 2 | 0 | 2 | ||
Every 5 minutes, one of our systems dumps out data on connected users. There is one line per connected user as follow... by sajbutler Path Finder in Splunk Search 09-28-2010 0 7 | 0 | 7 | ||
If I do this: index="foo" sourcetype="bar" | sort _time | streamstats dc(userid) as dcusers | delta dcusers as delta... by mctester Communicator in Splunk Search 09-28-2010 1 3 | 1 | 3 | ||
Is there any way to get popup or lite mode AccountBar WITH the logo clickable? This would be very useful for turning ... by cmeo Contributor in Splunk Search 09-27-2010 0 1 | 0 | 1 | ||
I pushed multiple saved searches from the deployment head to many production deployment clients. On the clients, I ca... 2 3 | 2 | 3 | ||
Hi all, i need to change the color of a bar of the column chart if the value is higher than a number. How can i do th... by pinzer Path Finder in Splunk Search 09-26-2010 2 1 | 2 | 1 | ||
I have a pile of stats i am gathering on apache access logs. I haven't pulled a field out to determine whether the b... by Michael_Wilde Splunk Employee ![]() 2 6 | 2 | 6 | ||
Hello, I currently am doing a search that uses a unix time as a field. What I want to do, is do something like this... by kholleran Communicator in Splunk Search 09-26-2010 0 2 | 0 | 2 | ||
Within each record in a query I have two fields, c_ip and cs_bytes which is numeric. How can I get the top 10 c_ip v... by timbCFCA Path Finder in Splunk Search 09-24-2010 1 1 | 1 | 1 | ||
Hello, I have a couple issues. First off, my Splunk server blue screened (yay for Windows!) and now I have a source... by kholleran Communicator in Splunk Search 09-24-2010 0 3 | 0 | 3 | ||
I have a search that checks to see if a process particular process is running. Simple enough. In my dashboard, I wa... by Branden Builder in Dashboards & Visualizations 09-24-2010 0 5 | 0 | 5 | ||
Hello, I would like to populate a dropdown in a form with all sourcetypes I have indexed. I remember something like "... by cafissimo Communicator in Dashboards & Visualizations 09-24-2010 0 1 | 0 | 1 | ||
Hi, I'm getting a big rounding error when evaluating floating expressions. Here is the search that is evaluating the ... by gljiva Path Finder in Splunk Search 09-24-2010 0 1 | 0 | 1 | ||
Dear ziegfried, Firstly, I really like your Google Maps App. but I have question about input. When I search with geo... by materaj New Member in Splunk Search 09-24-2010 0 3 | 0 | 3 | ||
I have one event viewer log and I'm tryng to capture the data fields, since Splunk cannot recognize the timstamp by i... by Caio_Santos Path Finder in Splunk Search 09-24-2010 1 2 | 1 | 2 | ||
Hi, Splunk noob question: I defined and saved 3 searches: a. Users visiting my page. b. Users attempting to do acti... by barryv Explorer in Splunk Search 09-23-2010 0 2 | 0 | 2 | ||
I've loaded the Cisco Security App in splunk. I like some of the reports that they provide under views but I need to ... by strueblood Explorer in Dashboards & Visualizations 09-23-2010 1 2 | 1 | 2 |
Splunk has training and education options for everyone, whether it's your first or fiftieth deployment.