Thread Info | |||||
---|---|---|---|---|---|
Hey guys,
I am trying to create a custom search which the question directly states. How would I go about doing tha...
by
splunkman341
Communicator
in
Splunk Search
04-01-2015
|
0
|
5
| |||
I want to see all the searches that are run on Splunk server in a given time by different users. I am using the “|His...
by
ashari
Explorer
in
Splunk Search
08-18-2014
|
0
|
3
| |||
Hi: I am looking at having greater control over our indexes. The problem I have, is that there are tons of searches t...
by
jeffreyjewitt
Explorer
in
Splunk Search
04-01-2015
|
0
|
1
| |||
I have 4 basic web services (I'll add more later) which are called throughout the day. My CalculateTax web service is...
by
skoelpin
SplunkTrust
in
Splunk Search
04-01-2015
|
0
|
5
| |||
I have a query that tells me the count of unique devices running a particular software version (major.minor.release.b...
by
dbendixen
Explorer
in
Splunk Search
04-01-2015
|
1
|
2
| |||
Hi there. Trying to join a few .ai file (created in Adobe Illustrator) to my query in Microsoft Query i get the follo...
by
Helna
Engager
in
Splunk Search
03-27-2015
|
0
|
2
| |||
0
|
1
| ||||
Hi, If i wish to find out the duration for the first event and the last event in hour, minutes and second, what would...
by
newbiesplunk
Path Finder
in
Splunk Search
04-01-2015
|
0
|
1
| |||
I have some XML data broken down into events that have multiple child attributes that share the same name but are dis...
by
bwheelock
Path Finder
in
Splunk Search
03-20-2015
|
0
|
7
| |||
I am using this search to get license use over 30 days
index="summary_indexers" | timechart partial=f span=1d sum...
by
hartfoml
Motivator
in
Splunk Search
12-27-2011
|
1
|
3
| |||
I have created a dashboard with hourly sum(added) values for all users. In the dashboard I want to give the option of...
by
sushmitha_mj
Communicator
in
Splunk Search
03-31-2015
|
0
|
5
| |||
Hi all,
I'm getting events like this:
time=11111 file=aaaa time=11111 file=bbbb time=11111 file=cccc time=11111...
by
andreas_roth
Engager
in
Splunk Search
03-31-2015
|
0
|
3
| |||
Hi,
I am writing a search:
timechart span=1h sum(Bytes) AS "MBytes "
In the same search, I want it to retu...
by
sundaresh83
Explorer
in
Splunk Search
03-31-2015
|
1
|
9
| |||
Hi,
I am working on a distributed splunk environment. I have created an app and a separate indexer for this app to...
by
sushmitha_mj
Communicator
in
Splunk Search
03-30-2015
|
2
|
5
| |||
I'd like to understand the mathematical meaning of the below search on documentation. Is this my understanding right ...
by
Shisa
Explorer
in
Splunk Search
03-30-2015
|
0
|
1
| |||
Hi everyone,
I have this search:
index=main sourcetype=WinEventLog:Security
| eval Logon_failur = case((Event...
by
Federica_92
Communicator
in
Splunk Search
03-31-2015
|
0
|
5
| |||
I have 2 searches
index=test field1=abc field2=xyc | stats dc(field3) as Devices
and
index=test field1=abc ...
by
jmonroe516
Engager
in
Splunk Search
03-30-2015
|
1
|
2
| |||
So I'm working on a new App, one that generates summary data based on eventtypes and fields. The summary data looks l...
by
alacercogitatus
SplunkTrust
in
Splunk Search
03-31-2015
|
1
|
1
| |||
Hi,
Im currently building a dashboard and one of my search strings is the one below. I currently see the values GP...
by
robertspeckmann
Explorer
in
Splunk Search
03-30-2015
|
0
|
9
| |||
Hi all, just getting started and trying to get something together quickly to show management so forgive asking what i...
by
chriselst
Engager
in
Splunk Search
03-31-2015
|
0
|
1
| |||
I have a timechart with the Duration average (ca. 16ms) per second. timespan is 4s, the timechart itself is over 1 ho...
by
hofer
Explorer
in
Splunk Search
03-30-2015
|
1
|
2
| |||
Hi everyone,
I need your help. My current search is like this:
index="ihs_test" uri_path="*.jhtml" OR uri_path...
by
dovelsh12223621
Path Finder
in
Splunk Search
03-24-2015
|
0
|
2
| |||
I have 3 tables. I want 2 things here: a) Click on Source 1, in Table 1, and Table 2 should show up b) Click on Sour...
by
kshanky143
Path Finder
in
Splunk Search
03-25-2015
|
1
|
2
| |||
I currently have a dashboard with 24 panels on it. I went ahead and set each report/panel to accelerated and also put...
by
skoelpin
SplunkTrust
in
Splunk Search
03-30-2015
|
0
|
4
| |||
Hi, For query
(SEVERE OR exception OR CRITICAL OR "[error]")|rex field=_raw "(?^\d\d-\w\w\w-\d\d\d\d\s\d\d:\d\d:\...
by
lim2
Communicator
in
Splunk Search
03-23-2015
|
0
|
4
|