Hi All, I have a csv looks like below Name, Description, 1960,1961,1962,1963,1964,....,2013 test, testdescription, 5.3, 5.6, 5.8,5.9,6.2, 6.4, ....., 4.5 test2, testdesc2, 11.3, 11.9, 12.7, 15.8, 19.2, ....., 20.1 When I import to splunk, the field "Name", "Description" extract very well, however, all the field name with only numbers didn't extract. How to handle such a case? ... View more

I mean a situation and cannot figure out how to solve. I have a task to calculate accurate transaction count totals into summary index. Each transaction has 2 events (let's say one begin event and another end event). Caused by scheduled search time range, there are always few transactions are broken at the beginning and end of the time range of a search which means some transactions are only seen the end event and others only seen begin event. Actually in the log, those transaction are completed if search in a broader time range. In an interactive search mode, it does not bring too much trouble as I can filter out all eventcount=1 to get all completed transaction. However, when I try to build a summary index to calculate the exact count, it bring me some confusion. If I filter out eventcount=1, then those transactions has events cross 2 time range will be missing for ever. If I calculate all eventcount=1, then the transaction total counts will be larger than actual as the eventcount=1 transactions will be counted twice in former and latter scheduled search. And I cannot just pick the beginning event as the count because I still need the return code from the end event and calculate duration into the summary index too. I tried to think about closed_txn, it seems not working in this scenario either. Any suggestion for how to conquer this? ... View more