×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
mihe
Engager
Member since: ‎06-04-2011
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎06-04-2011
Activity Feed
View All

Re: Pie Chart report with two field counts

by in Splunk Search
‎06-06-2011 01:42 PM
‎06-06-2011 01:42 PM
Thank you so much, it worked out. I already have my shiny IPV6 pie chart 🙂 ... View more

IPV6 address field extraction issue

by in Splunk Search
‎06-06-2011 05:31 AM
1 Karma
‎06-06-2011 05:31 AM
1 Karma
Hi everybody, I am trying to use splunk> to extract some information from a set of IIS log files. Basically, I am working on a IPV6 vs IPV4 report. Yesterday, I did some tests at home, and everything worked fine. However, today at customer site, I have detected an strange behavior on splunk> I have attached a picture so you can easily see what I am talking about: Here it is the picture if does not fit on your browser: http://i55.tinypic.com/mhx5i.png Apparently, splunk> tries to shrink the IPV6 address, but it uses :: even though the real address is not filled with zeros. And therefore, my regExp does not work fine, because it is for fully fledged IPV6 addresses. Anyway, I could work in other regExp but the main point is that I am afraid splunk> is not indexing the information properly, shrinking IPV6 addresses when is not allowed. Thanks in advance ... View more

Pie Chart report with two field counts

by in Splunk Search
‎06-05-2011 01:54 PM
‎06-05-2011 01:54 PM
Hi Cloud of wisdom 🙂 I am starting with splunk> , and I am stucked trying to create a simple report. Basically, I have a set of IIS log files, and I am trying to create a pie chart based on the number of events IPV6 vs IPV4 I do already have the search, but I am struggling trying to create the pie chart. I went through the documentation, but I am not able to see it clearly of to do it. This is my search: source="C:\wamp\logipv6\." | rex field=c_ip "(? [0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4}:[0-9A-Fa-f]{1,4})" | rex field=c_ip "(? (([01]?[0-9][0-9]?|2[0-4][0-9]|25[0-5]).){3}([01]?[0-9][0-9]?|2[0-4][0-9]|25[0-5]))" I have create two fields, ipv6 and ipv4. The search works like a charm, but I am not able to create that simple pie chart with the count of those fields on it. would you mind to help me with this issue? Thanks in advance! ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma from
View All