Thread Info | |||||
---|---|---|---|---|---|
THis might be a bit difficult, but i want to try anyways... I am trying to aggrgate source and destination IP address...
by
EricPartington
Communicator
in
Splunk Search
07-10-2010
|
0
|
2
| |||
Hello,
Sorry, I am new to Splunk and having problems.
I have loaded IIS logs (total 21 files) to splunk and wan...
by
andrejus7
New Member
in
Splunk Search
07-23-2010
|
0
|
1
| |||
I am using the following in my search options: index="my_site_hosts" "hostABC" "failed"
The results displays send...
by
subhap
Engager
in
Splunk Search
07-23-2010
|
1
|
2
| |||
Hi all,
Is it possible to change the display of Flashtimeline (for example, the one used in the "search" app) to d...
by
bojanz
Communicator
in
Splunk Search
07-22-2010
|
2
|
3
| |||
I'm trying to get my results into a single field called Percent_CPU_Load. However, since the field is defined twice, ...
by
Beth
Engager
in
Splunk Search
07-21-2010
|
0
|
2
| |||
So on the main page of the Search app you have the 'Global Summary' and 'All indexed data' section which has the sour...
by
skippylou
Communicator
in
Splunk Search
07-21-2010
|
1
|
2
| |||
i have one question I want to search time Daily from 9 am to 6:00 pm How can to use search command ?
Thank you for...
by
shirolu
Explorer
in
Splunk Search
05-06-2010
|
3
|
8
| |||
Hi, I'd like to do a report that tells me how long a forwarder hasn't been active. I use transaction to join similar ...
by
gljiva
Path Finder
in
Splunk Search
07-21-2010
|
2
|
5
| |||
Is there a search string that would report on the status of splunkweb on each forwarding host?
by
muebel
SplunkTrust
in
Splunk Search
07-19-2010
|
3
|
2
| |||
Is there a command via splunk.exe or some other /bin tool that would output all scheduled searches in a particular in...
by
muebel
SplunkTrust
in
Splunk Search
07-20-2010
|
2
|
2
| |||
Hi, I'm having problem with evaluating expression using lookup field. I create a lookup fileld by executing this sear...
by
gljiva
Path Finder
in
Splunk Search
07-20-2010
|
0
|
2
| |||
Hello,
I have two searches that use transactions to get part of a table of results that I want.
Firstly,
in...
by
Hazel
Communicator
in
Splunk Search
04-27-2010
|
1
|
5
| |||
I want my table to show a column with what time a username connected to the network and another column showing when t...
by
riderofyamaha
Explorer
in
Splunk Search
07-12-2010
|
0
|
6
| |||
Im fairly new to splunk (and linux for that matter) but I am trying to find a Web Page or Manual or whaeter that will...
by
ljeffery
New Member
in
Splunk Search
07-19-2010
|
0
|
1
| |||
Hi,
I would like to rewrite bogus field values that are negative to 0. For example I would like to run the followi...
by
mcwomble
Path Finder
in
Splunk Search
07-17-2010
|
0
|
1
| |||
I just set up a new splunk forwarder on a linux host. One of the inputs is a monitor of the /var/log/messages file. I...
by
muebel
SplunkTrust
in
Splunk Search
07-16-2010
|
1
|
3
| |||
I'm running Splunk 4.1.3 on Windows 2008 R2 x64 and had a poweroutage. The splunkd service will not restart.
Crash...
by
meatago
Explorer
in
Splunk Search
07-15-2010
|
0
|
1
| |||
I have a REGEX configured (in transforms.conf) that works with my single line events, but appears to be failing on al...
by
the_wolverine
Champion
in
Splunk Search
07-16-2010
|
1
|
3
| |||
Which search below is better or optimal from a performance perspective and why?
sourcetype="mysoucetype" AND field...
by
maverick
Splunk Employee
in
Splunk Search
07-16-2010
|
4
|
3
| |||
I've noticed that on Splunk 4.1.3 the timechart and chart commands, when used with "limit=0", the "count" aggregation...
by
Paolo_Prigione
Builder
in
Splunk Search
07-14-2010
|
0
|
2
| |||
I have a field in some events that contains a time as a string. The times are in the format "2010-07-15-13", which th...
by
npt05001
Engager
in
Splunk Search
07-15-2010
|
0
|
2
| |||
I've tried to delete events for a particular source,say source="tcp:1234" | delete
The operation was successful.Ho...
by
remy06
Contributor
in
Splunk Search
07-14-2010
|
2
|
4
| |||
I am building a search to find the average amount of time an action takes:
sourcetype="timelog" | stats avg(r...
by
isnoop
New Member
in
Splunk Search
07-15-2010
|
0
|
1
| |||
I run a metadata search that populates a summary page to link to all of my tags. The goal of the summary page is to i...
by
Simeon
Splunk Employee
in
Splunk Search
07-14-2010
|
1
|
1
| |||
We have a log line that looks like:
Jul 14 15:47:34 127.0.0.1 1 [000004ff000216970000489c] Serv foo.com 158578_40d...
by
Oren
Explorer
in
Splunk Search
07-14-2010
|
0
|
1
|