Limiting precision/decimal
Hi, Have scenario, when using avg() am getting values as 15.000000 but i want it as 15 without decimal, please help me.
View ArticleHeavy Forwarder and Splunkstorm
Can I use a heavy forwarder together with SplunkStorm?Is it supported in general? From a license point of view etc.Are the credential applications compatible?Any other potential issues?
View ArticleTimechart zoom in/out similar to the flashtimeline module
For Java GC logs, which deliever events in milisecond steps, we would like to build a dashboard with a graph where you can zoom in. Is there a possibility to add zooming functionality to a timechart?...
View Articleinputs.conf -> time_before_close
Have any of you had the necessity to use time_before_close in inputs.conf. if so could you share your scenario? I am having an issue with a source log where events could be quite large. Therefore, some...
View ArticleErrors in my imAppLog file
I am getting the following errors in my imAppLog-""2013-08-08 12:08:08,780 log_level=ERROR action="GETting table" ur="htp://192.168.3.10/~export/devices.xml" message="[Errno 10054] An existing...
View ArticleSpan & timepicker
Hi All,I would like to give the users an option/control for span in a pull-down based on the value of the time-range picker. This is to prevent the users from using 5min window on 30 day search as the...
View Articleprocess control chart e.g. upper/lower control limit.
I have been asked to help a co-worker create a process control chart to understand an applications response time.The following three events are generated for each test. INFO=Signon_Screen...
View ArticleSimple X over Y chart with any statistical functions
Hi, I am trying to make this graph they are temperatures the log is a CSV from a data logger. Each entry has a unique time stamp. I would like to make this graph be overtime without having to use a...
View ArticleDoes rsyslog work well with Splunk
Does both Enterprise (supported) and free rsyslog support wildcarding?Does rsyslog work well with Splunk?Is Rsyslog supported on PowerPC running LINUX?
View ArticleApply filters to a Google Map module (Advanced XML Dashboard)
So I am having a difficult time getting the filters that I've used for my dashboard results to also filter on the search that my Google Map is running. If I insert the same search text, I get an error...
View ArticleUsing Eval where
I'm doing something wrong here.. . I have the following search...| eval SuccessRatio = (round(((succeeded_count)/(task_count)) * 100)). "%" | search SuccessRatio < 98 | sort SuccessRatio I'm trying...
View ArticleHigh availability: Splunk cluster across two datacenters
Hi all!If I set up a Splunk cluster spanning two datacenters. Machine data sent to indexers local to the datacenter. I have to make sure a copy of the machine data is replicated to the other...
View Articlereplace - search reference command questions
Please see URL that I am referring to: http://docs.splunk.com/Documentation/Splunk/5.0.2/SearchReference/ReplaceI am trying to utilize a log that has url values that have been percent encoded. I want...
View Articledashboard migration
Hello I am wanting to change my dashboard of a free version of splunk for a version with license, but this is a licensed version 4.2.3 .. even managed to migrate saved searches and visions .. I just...
View Articlebreaking lines before a regex
We have a tcp input that is merginging lines when they come in too fast.I have (inputs)[tcp://5140] connection_host = dns sourcetype=apigee source=tcp:5140 index=apigee I tried putting into props.conf...
View Articlehow do you configure third party certificates to work??
Used splunk provided directions on the following page to configure: http://wiki.splunk.com/Community:Splunk2Splunk_SSL_3rdPartyCAConfiguring Splunk forwarding to use SSL certificates signed by a third...
View ArticleSplunk App for WIndows with multiple indexes
My scenario has a Splunk indexer (linux) that receives feeds from several heavy forwarder across a multi-company network.Each Heavy forwarder resides in a subsidiary network and acts as the receiving...
View Articlereorder the grouping in timechart
I am not sure if this is the right way to do it or not, but I am trying to plot two searches on to a single timechart. I am able achieve it but I am not able to order them by action. I appreciate any...
View ArticleSplunk 4.3 -> Bug -> Actions: Export Results
In Splunk once the search completed the user has the option to export the result set by selecting the following menu "Actions: Export Results". In splunk version 4.3 seems to be broken. The user is...
View ArticleBack ground exclusion
So I have search and I would like to exclude all of those results from some future searches. Aside from specifying some by NOT, which given the length of the first search would be questionable at best....
View Article