×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
drmed
Explorer
Member since: ‎08-01-2014
‎06-05-2020
Community Statistics
Posts 5
Solutions 0
Karma Given 1
Karma Received 2
Member Since ‎08-01-2014
Activity Feed
View All

Re: Why time range picker on default Splunk 6.1.x ...

by in Dashboards & Visualizations
‎09-29-2014 04:27 PM
1 Karma
‎09-29-2014 04:27 PM
1 Karma
There is an RSS feed you can subscribe to that will notify when the next release is available (6.1.4): http://www.splunk.com/page/release_rss ... View more

Re: How to remove events from search results for k...

by in Splunk Search
‎09-17-2014 04:46 PM
‎09-17-2014 04:46 PM
Thanks, will give this a try! ... View more

How to remove events from search results for known...

by in Splunk Search
‎09-15-2014 04:43 PM
1 Karma
‎09-15-2014 04:43 PM
1 Karma
We occasionally have infrastructure outages that result in a higher number of timeouts during the outage period. Would like to differentiate between these and everyday software usage timeouts. If there a way to remove these outages from search results if we know the date time range? There doesn't appear to be a way to search on multiple date time ranges? Maybe we could combine search results with a UNION? ... View more

Re: How to get concurrent transactions for multipl...

by in Splunk Search
‎08-18-2014 04:17 PM
‎08-18-2014 04:17 PM
Thanks. Hope we can get concurrency by clause soon. This seems like a very common use case. For now, we are going to use a dashboard with host selection in a dropdown. I tried to get the query in strive's link above working. Unfortunately it doesn't work for our data. A lot of assumptions go into how your Splunk data is setup (start / stop / other transactions) to make this work: sourcetype="*traceappender" | eval counter = if(searchmatch("Module.Begin"),1,-1) | sort 0 + _time | streamstats sum(counter) as concurrency by host | timechart span=1h count(concurrency) by host ... View more

How to get concurrent transactions for multiple ho...

by in Splunk Search
‎08-18-2014 03:04 PM
‎08-18-2014 03:04 PM
Hello, I'm having trouble getting concurrent events by host. I can get concurrent key transactions for a single host, and it appears accurate: * sourcetype="*iis" Target_Type="key" host="na5" | concurrency duration=TimeTaken | timechart span=1h count(concurrency) But when I try to get this for all hosts (Grouped by host), it’s comparing the data on all instances, artificially inflating number of concurrent transactions per host: * sourcetype="*iis" Target_Type="key" | concurrency duration=TimeTaken | timechart span=1h count(concurrency) by host Any ideas? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma from
View All
Karma given to
View All