Activity Feed
- Karma Re: How to build search query in Sideview Utils to utilize values chosen from 2 pull-down menus? for linu1988. 06-05-2020 12:47 AM
- Karma Re: How to build search query in Sideview Utils to utilize values chosen from 2 pull-down menus? for markthompson. 06-05-2020 12:47 AM
- Got Karma for How to calculate the average number of events with errors by field name?. 06-05-2020 12:47 AM
- Got Karma for Sideview Utils app design : Why is new panel "Waiting for search to finish..."?. 06-05-2020 12:47 AM
- Got Karma for Sideview Utils: How to find hidden default value of a pull-down?. 06-05-2020 12:47 AM
- Posted Sideview Utils: How to find hidden default value of a pull-down? on All Apps and Add-ons. 10-21-2014 07:34 AM
- Tagged Sideview Utils: How to find hidden default value of a pull-down? on All Apps and Add-ons. 10-21-2014 07:34 AM
- Tagged Sideview Utils: How to find hidden default value of a pull-down? on All Apps and Add-ons. 10-21-2014 07:34 AM
- Tagged Sideview Utils: How to find hidden default value of a pull-down? on All Apps and Add-ons. 10-21-2014 07:34 AM
- Posted How to build search query in Sideview Utils to utilize values chosen from 2 pull-down menus? on All Apps and Add-ons. 10-07-2014 06:11 AM
- Tagged How to build search query in Sideview Utils to utilize values chosen from 2 pull-down menus? on All Apps and Add-ons. 10-07-2014 06:11 AM
- Tagged How to build search query in Sideview Utils to utilize values chosen from 2 pull-down menus? on All Apps and Add-ons. 10-07-2014 06:11 AM
- Tagged How to build search query in Sideview Utils to utilize values chosen from 2 pull-down menus? on All Apps and Add-ons. 10-07-2014 06:11 AM
- Posted Re: How to filter errors relevant to the specific source? on Splunk Search. 10-02-2014 09:13 AM
- Posted what is log4j format and why it is important on Splunk Search. 10-02-2014 08:43 AM
- Tagged what is log4j format and why it is important on Splunk Search. 10-02-2014 08:43 AM
- Posted How to filter errors relevant to the specific source? on Splunk Search. 10-02-2014 07:29 AM
- Tagged How to filter errors relevant to the specific source? on Splunk Search. 10-02-2014 07:29 AM
- Tagged How to filter errors relevant to the specific source? on Splunk Search. 10-02-2014 07:29 AM
- Tagged How to filter errors relevant to the specific source? on Splunk Search. 10-02-2014 07:29 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 1 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 1 |
10-21-2014
07:34 AM
1 Karma
Scenario : I have 4 pull downs , where 2 pull downs are primary and other 2 pull downs(usually hidden) opens up on choosing primary pull downs.
so, when I write a query from the options chosen, default values are not replaced in the query , Let me know how to set the default value when not chosen.
In short: I want to have a hidden default value of a pull down.
Thanks.
... View more
10-07-2014
06:11 AM
Scenario : I have multiple pulldowns, that is A ---> B(On choosing value in A, it will open pull down B), similarly C--->D (on choosing value in C, it will pull down D). Now I will have write one search query taking values from B&D. I am not sure how I have to build hierarchy in sideview utils to accommodate one search query for values of B&D together.
Any suggestions or references will be helpful.
Thank you.
... View more
10-02-2014
09:13 AM
I am guessing tagging based on host name will help ! is that so ?
... View more
10-02-2014
07:29 AM
I am trying to visualize stats of exceptions for different sources. All sources are aggregated and saved into one node.
Issue : I am able to index the sourcetype that node for all the exceptions but I am not able to filter the errors relevant to the source.
Any references or suggestions can help us a lot.
... View more
10-01-2014
12:38 PM
Thanks for the hint Sideview. I was able to figure out the error with the syntax error thrown. It was very very simple tweak.
... View more
09-30-2014
01:44 PM
1 Karma
I am working on adding a panel to a dashboard which already has 5 panels.
Here is the hierarchy,
TimeRangePicker
|
Pulldown
|
Switcher
|
NullModule(5)
|
GenericHeader(6)
|
search(6)
|
JobProgressIndicator|Pager
|
Table
And here is my Advanced XML for the 6th Panel
<module name="GenericHeader" layoutPanel="panel_row6_col1">
<param name="label">... </param>
<module name="Search">
<param name="search"><![CDATA[
index=... sourcetype=... Exception | rex ".*?( ?(?:\w+\.)+\w*?Exception).*"| stats count by Exception|sort –count
]]>
<module name="JobProgressIndicator" />
<module name="Pager">
<module name="Table">
<module name="ConvertToDrilldownSearch">
<module name="ViewRedirector">
<param name="viewTarget">flashtimeline</param>
</module>
<!-- ViewRedirector -->
</module>
<!-- ConvertToDrilldownSearch -->
</module>
<!-- Table -->
</module>
<!-- Pager -->
</module>
<!-- Search -->
</module>
<!-- GenericHeader -->
Current Result :
Waiting for search to finish...
Expected Result:
Panel with Results
Note: All other 5 panels are working.
Thank you.
... View more
09-29-2014
11:34 AM
Can you point out the mistake in my query and the thought process that went when writing yours.
... View more
09-29-2014
09:09 AM
1 Karma
I am trying to calculate the average number of errors by calculating events(with error)/total events.
Here is my query
...| stats count(_raw) as Total| appendcols[search .... error|rex "(?i)^[^\\.]*\\.\\w+:\\s+(?P.+)"|stats count as errors by FIELDNAME ]|eval average = errors/Total|sort -errors
Result:
FIELDNAME | errors | Total| average
================================
abc 10
def 2
ghi 2 30 0.0666
jkl 1
mno 1
Expected Result
FIELDNAME errors Total average
================================
abc 10 30 3.3
def 2 30 0.66
ghi 2 30 0.0666
jkl 1 30 0.33
mno 1 30 0.33
my question is why total is not calculated for all the events? what logic I am missing here.
Thank you so much.
... View more
