Thread Info | |||||
---|---|---|---|---|---|
How can I filter events based on two things being true in transforms.conf?
Specifically, let's say that I want to ...
by
gowen
Path Finder
in
Splunk Search
04-05-2012
|
0
|
4
| |||
Hi im trying to extract domain usernames from my juniper log files using regex however depending on the log message t...
by
ifsuser
New Member
in
Splunk Search
04-04-2012
|
0
|
6
| |||
Essentailly I'm trying to create a form that uses a wildcard by default so users can just hit search on page load and...
by
jsb22
Path Finder
in
Splunk Search
04-05-2012
|
0
|
6
| |||
Why it is not possible to install PDF printing in Splunk server on Windows host?
We have licensed Splunk and we ha...
by
andrzejwasilews
Explorer
in
Splunk Search
04-05-2012
|
0
|
4
| |||
v4.3.1 on sles 11.1
i have some syslog-ng data, written to file as template("$DATE $TZ $WEEKDAY $ISODATE $HOST $FA...
by
cvajs
Contributor
in
Splunk Search
04-03-2012
|
0
|
3
| |||
How do i format a log message with a timestamp so that when i send the log message to the splunk server i am able to ...
by
misteryuku
Communicator
in
Splunk Search
03-25-2012
|
0
|
4
| |||
Hello,
I would like to correalte events from 2 sources by using a field where there's a hostanme. If i find a matc...
by
rbw78
Communicator
in
Splunk Search
04-05-2012
|
0
|
1
| |||
I have a sourcetype A - which has a field by the name of MOD_SN I have another index B ( I can only use the name of t...
by
asarolkar
Builder
in
Splunk Search
04-04-2012
|
0
|
3
| |||
Hi,
I would appreciate some orientation on the best way to use regular expressions to define transforms. I guess m...
by
peterweinstein
Explorer
in
Splunk Search
04-04-2012
|
3
|
3
| |||
After performing a search with basic filtering parameters and obtaining a list of events, I know one can click a reco...
by
megreddy
Engager
in
Splunk Search
04-03-2012
|
0
|
2
| |||
Hi,
My log contains below entries:
activated=true productid=8432 userid=123 email=abc@abc.com
activated=false p...
by
freephoneid
Path Finder
in
Splunk Search
04-03-2012
|
0
|
4
| |||
I have a query regarding the use of the strcat functionality. The following search is used to generate and alarm cond...
by
mcwomble
Path Finder
in
Splunk Search
04-02-2012
|
0
|
3
| |||
I am trying to calculate the percentage usage of disk from an application based on it's perfmon counters. Unfortunate...
by
chrismor
Explorer
in
Splunk Search
04-02-2012
|
0
|
1
| |||
Currently I am using splunk like this one splunk server(machine) that having search head, indexes(in one splunk serve...
by
kml_uvce
Builder
in
Splunk Search
03-29-2012
|
0
|
3
| |||
How do I schedule splunk cron search to run Sunday's at 11:00 pm?
I thought it would be this
00 23 ? * 0
Bu...
by
cneberg
Explorer
in
Splunk Search
04-03-2012
|
0
|
1
| |||
How do i search for data from other indexes in the Splunk's search app?
by
misteryuku
Communicator
in
Splunk Search
04-01-2012
|
0
|
3
| |||
My client has a conversion program that takes ISO8859 text from round the world and converts it to UTF-8. Another one...
by
BobM
Builder
in
Splunk Search
04-02-2012
|
2
|
1
| |||
I wanted to add my converted Time to a timechart, but don't know how.
|convert ctime(_time) AS Time
|eval Time=str...
by
sflunk
Engager
in
Splunk Search
04-02-2012
|
0
|
2
| |||
Hi,
I'm just starting to work with Splunk. I am trying to change the definition of events in an input file by edit...
by
peterweinstein
Explorer
in
Splunk Search
04-02-2012
|
0
|
1
| |||
I read in splunk doc that we should not use splunk in virtual machine because splunk require more input and outpur. B...
by
kml_uvce
Builder
in
Splunk Search
03-29-2012
|
2
|
5
| |||
I'm getting the error "Timed out while waiting for a response" when attempting to generate the test preview on the PD...
by
mrenfr0
Explorer
in
Splunk Search
02-24-2012
|
1
|
7
| |||
I have the following search string:
index=other_gomez sourcetype=other_gomez_avail http://myreports.yellowpages.ca...
by
acabrera1
Explorer
in
Splunk Search
03-30-2012
|
0
|
2
| |||
I have data that is using a different charset.
When displaying this data in a simple table, Splunk parses it as st...
by
bojanz
Communicator
in
Splunk Search
03-31-2012
|
1
|
4
| |||
I have a search query that reads as follows:
.....| eval time_sec = round(time_taken/1000) | chart max(time_sec) a...
by
subhadipc
Explorer
in
Splunk Search
04-02-2012
|
0
|
1
| |||
What is the purpose of creating a search time extracted field while i still can use search commands to retrieve he fi...
by
misteryuku
Communicator
in
Splunk Search
04-01-2012
|
0
|
3
|