Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
225 results
Sorted by:
11-06-2015
12:38 PM
...1-06
--/2015-11-05
--/2015-11-04
…
--/2015-10-31
We set up a main virtual index at the parent so we’re searching all logs under /logs/fwsm. An issue we’re running into is there is a need to search...
- Tags:
- hdfs
- hunk
- virtualindex
Show results in replies (5)
-
The option to capture the Regex is part of the Virtual Index UI, Select the Customize Timestamp F...
-
Yes, this will allow you to efficiently search by time within a single virtual index. The c...
-
...indowsEvent I have the following regex applied to our Firewall virtual index and I can use the t...
-
...by date/time within the main virtual index? Am I basing the regex on the file structure, or the l...
-
Have you tried to use the Time Capturing Regex as shown in this document? http://docs.splunk.com...
04-18-2019
11:58 AM
1 Karma
I'm working on making a connection to a virtual provider with a virtual index I have confirmed with some test data. I've enabled debug for the provider and executed some searches. The search just e...
02-12-2014
02:22 PM
Hi,
I have 2 virtual indexes, both return data, and both return for a specific search.
But if I try and join and get no results, and if I try an 'or' I get no results.
index=filea ID=2...
02-11-2014
10:51 PM
is there a possiblity to combine a hunk (virtual) index and a normal splunk index (for example a summary index) in one search? when a try it naiv with
index="virtualindex" index="s...
05-20-2017
12:29 AM
1 Karma
In regular Splunk I can easily search for
index=index1 OR index=index2 <search term> | stats count by index
Then I get results from either index.
When I setup a virtual index in H...
- Tags:
- hunk
03-04-2014
11:55 AM
Does this seem like a good setup for a dedicated Search head, indexer for a virtualized Splunk?
Search Head
- 8 core 16 GB Ram
Indexer
- 8 core 8 GB Ram 1 TB Hard Drive
We will h...
- Tags:
- virtual
- virtualized
04-30-2019
09:32 AM
1 Karma
...wsSecretAccessKey for the S3 properly set in hdfs-site.xml.
Looking through search.log when attempting to query the S3 data I can see it attempting to reach out to the S3 path defined in the virtual index...
06-06-2016
07:25 AM
...DFS with read/write permissions and use this as the target of a search with the collect statement such as index=syslog date_hour=12 | collect index=collect_test , no data is written to the virtual index...
11-13-2013
09:26 AM
Splunk 6
linux cluster - distributed search head/2 indexers
Monitoring of Java Virtual Machines with JMX - jmx_ta - 2.0.3
Configuring the default config.xml file and then enabling the m...
05-27-2015
08:55 AM
1 Karma
In Hunk, where is the documentation for verbose mode vs smart mode for virtual indexes (VIX)s??
Afaict, verbose mode just "drops down to" HDFS and doesn't invoke a MapReduce Job.
Whereas as l...
