Thread Info | |||||
---|---|---|---|---|---|
Hi, I have created a saved search that removes all text but the value I want to chart, ie. host="machine" "uniquesear...
by
drewbfl
Path Finder
in
Splunk Search
02-22-2011
|
0
|
6
| |||
I need to set the owner and permissions on saved searches after upgrading to 4.1.5 - where can I set these?
by
yazapage
Explorer
in
Splunk Search
01-25-2011
|
1
|
1
| |||
In some conditions the head command knows that the search has completed all the information that the user asked for, ...
by
sideview
SplunkTrust
in
Splunk Search
02-22-2011
|
1
|
1
| |||
Greetings fellow Splunkers,
I'm having some issues with extracting the correct host name from log file names on in...
by
rturk
Builder
in
Splunk Search
02-22-2011
|
0
|
3
| |||
I'm setting the timezone for hundreds of forwarders at once by using props.conf wildcards on host:
[host::DN*]
# D...
by
Jason
Motivator
in
Splunk Search
02-22-2011
|
1
|
3
| |||
Hello,
I set up Active Directory monitoring with Splunk a couple weeks ago. I am running a search that searches fo...
by
kholleran
Communicator
in
Splunk Search
09-24-2010
|
0
|
3
| |||
Hi All,
Here are some log entries from cisco ironport email security appliance:
Feb 21 10:16:55 212.167.24.57 F...
by
dikaye
Path Finder
in
Splunk Search
02-21-2011
|
0
|
4
| |||
Hopefully this is just a stupid regex error:
I'm using SplunkLightForwarder on AIX to send a few .sh_history logs ...
by
mikel8
Explorer
in
Splunk Search
02-21-2011
|
3
|
10
| |||
I have a ton of useragent type fields, like MacOutlook/some_version_x_os_version_etc and Entourage/other_version_x_os...
by
the_wolverine
Champion
in
Splunk Search
02-18-2011
|
1
|
2
| |||
Is it possible to start a new search in a new window or tab just by clicking on part of an entry in my current result...
by
thepocketwade
Path Finder
in
Splunk Search
02-11-2011
|
1
|
4
| |||
Hey,
I try to figure out if it is possible to have splunk to build a result for my special needings:
I have 2 d...
by
StefanB
Explorer
in
Splunk Search
02-18-2011
|
0
|
4
| |||
I am creating several event types and have found when adding searches longer than 98 char it trims the rest off. Is t...
by
vlapeintuit
Explorer
in
Splunk Search
02-17-2011
|
0
|
1
| |||
I'm hoping this doesn't stretch the bounds of "no question is too 'newbie'" part of the FAQ:
I'm attempting to per...
by
dang
Path Finder
in
Splunk Search
02-17-2011
|
1
|
2
| |||
Hi,
I would like to build a query to compare the var1 and var2 and then determinecount.
Example lets say var1 =...
by
aahadqj
Explorer
in
Splunk Search
02-17-2011
|
0
|
1
| |||
I am trying to extract data from the Host field at search time, using a REPORT- in props.conf.
The extraction work...
by
Jason
Motivator
in
Splunk Search
02-17-2011
|
0
|
1
| |||
So I want to do a general field extraction of IP addresses for a sourcetype that may have them in multiple places in ...
by
Steve_Litras
Path Finder
in
Splunk Search
02-17-2011
|
2
|
2
| |||
We have situations where we just want to show what happened "today", which is defined as from Midnight to now. That's...
by
beaumaris
Communicator
in
Splunk Search
02-17-2011
|
1
|
1
| |||
I would like to create a dashboard that consists of 2 main parts:
1 - open search bar allowing any search 2 - resu...
by
splunker30039
Path Finder
in
Splunk Search
01-26-2011
|
1
|
3
| |||
so i have a log which has column/field which will be populated with "Y" if there is an ERROR, feild name is ERROR_FLA...
by
ashishv
Explorer
in
Splunk Search
02-16-2011
|
2
|
6
| |||
I got a challenging request from a customer regarding their access logs. They want to monitor access patterns across ...
by
gpburgett
Splunk Employee
in
Splunk Search
02-15-2011
|
1
|
7
| |||
Hello,
I have a case opened for this - but it seems that this forum can be quicker at times...
I run between 10...
by
briang67
Communicator
in
Splunk Search
08-17-2010
|
1
|
4
| |||
I'm trying to wrap my head around some of the more advanced/esoteric search commands. It seems like there's a lot of ...
by
mw
Splunk Employee
in
Splunk Search
02-13-2011
|
3
|
3
| |||
Suppose I have a search such as
sourcetype=apache errors
which finds errors that I care about. Now, suppose I...
by
jrodman
Splunk Employee
in
Splunk Search
02-09-2011
|
2
|
1
| |||
Hi,
For some reason, in a query that contains a transaction of some Juniper SSL VPN logs, my duration doesn't seem...
by
mtanadsk
Explorer
in
Splunk Search
02-15-2011
|
1
|
1
| |||
We have events that look like this:
edit 4
set srcintf "port1"
set dstintf "port2"
set srcaddr "0...
by
jambajuice
Communicator
in
Splunk Search
02-15-2011
|
1
|
5
|