| | Our office has a specific TRANSACTION search we do frequently to track all events related to a particular user. The s... 0 5 | 0 | 5 | |
| | I'd like to provide a table where the event count for today and yesterday are displayed. For example, count by statu... 0 2 | 0 | 2 | |
| | I know that in general, regular expressions in Splunk use PCRE (or a modified PCRE for matching in props.conf source ... 3 1 | 3 | 1 | |
| | I would like to use a lookup into an external database to add fields to my events, but need some advice about perform... 2 3 | 2 | 3 | |
| | On the Search App > Status > Index activity dashboard, there is an Index health report showing the bucket spread over... 1 1 | 1 | 1 | |
| | I'm trying to throw out search results from a couple of different ip ranges. Currently I'm working with 2, but I mig... 3 4 | 3 | 4 | |
| | It is a subtlety of the search language that keyword searches run against the raw event data only. To search metadat... 1 2 | 1 | 2 | |
| | I'd like to limit certain users from running expensive searches by limiting the number of results that can be returne... 2 1 | 2 | 1 | |
| | How do I change the default granularity on a chart? It appears I'm hitting a limit somewhere and I'm not getting as ... 5 2 | 5 | 2 | |
| | While I browse my local drive in Explorer I would like to add and search some log files with Splunk without opening a... 1 1 | 1 | 1 | |
| | There are some who are really good at regular expression, some okay, and the rest who downright are lost beyond a spl... 2 1 | 2 | 1 | |
| | Does maxresults in limits.conf have an effect when piping results to the stats command? For example, if I run a sear... 2 1 | 2 | 1 | |
| | I have millions of events being indexed by Splunk now and I suspect something is happening within my IT environment a... 1 1 | 1 | 1 | |
| | Hi Splunkers, I have a sample Perforce log file and I'm trying to extract the code contributors. Here is an example:... 2 2 | 2 | 2 | |
| | I created a snazzy new report that generates a chart, how can I add this to my dashboard? 1 3 | 1 | 3 | |
| | How do i use the same search strings in splunks UI on the command line? 0 4 | 0 | 4 | |
| | There are plenty of ways to specify the exact time range or maximum range between two events in a search. But I need ... 3 1 | 3 | 1 | |
| | explain the significance of the connected flag in transaction 2 1 | 2 | 1 | |
| | Dan Goldburt asks: I'm consistently getting the following request from customers: "can I see where each event came fr... 1 1 | 1 | 1 | |
| | When attempting to make a Simple Form Search using the Developer Manual documentation, I encounter the error: Not... 0 1 | 0 | 1 | |
| | On the page 'Manager > Searches and reports,' enabled scheduled searches have a 'View Recent' link. I have 2 schedul... 1 9 | 1 | 9 | |
| | Such a helpful command, and yet doesn't work for me... 1 3 | 1 | 3 | |
| | When I run this search - source="*conn.log" | rex field=_raw "\.IP = '(?<connectionIp>[^']+)" | fields host, connect... 4 1 | 4 | 1 | |
| | We are attempting to create a report that compares message traffic for the past two complete weeks. We have this as... 0 2 | 0 | 2 | |
| | Any recommended best practices for managing eventtypes and their corresponding tags? I've found the Splunk Common In... 0 2 | 0 | 2 | |
