Search Top value of a previuos Top Result
Hi,I'm trying to create a table of data which draws upon a subsearch and a join in order to have more completely representation of my data. first, I created a table that shows the TOP 5 Destination IP,...
View ArticleProblem running "search" example in c# SDK
Hi,I have a question about the Splunk C# SDK. I have successfully built the SDK and can use the example submit() program to submit test data to my splunk instance. When I invoke the example search()...
View ArticleTimeout error in ResultsReaderXML c# SDK example search program
When I invoke the C# SDK example search() program to retrieve the same test data I submitted, I get some of my results printed to the command window, but then an exception is thrown:Unhandled...
View ArticleGetting Column averages
Hi,I know we have addcoltotals if we want to get total for the specified column. Do we have any function or any way of getting the average of the columns? So the output should be like below. Thanks for...
View ArticleCISCO 1841 Syslog
Hello,I´have configured a router (CISCO 1841) to send syslog messages to my workstation that i´have install the splunk.The problem is that who APP i need to install to receive the syslog messages? I...
View ArticleHow to find the remove the decimal places of an 2 averages and display each...
For the following data,Date=4 June 2013, Result=Win,Ticks=11,Setup=Range Fade, Risk=10, Target=11 .....and moreI would like to find the average for the Risk and Target fields each and to remove the...
View ArticleWhat's the main differents between splunk App Framework and "new Framework...
I want develop a app for splunk,but after visit the dev.splunk.com.I notice that there are two app frameworks which makes me confusing. One is the App Framework which is ship with splunk...
View Article0x0 and carriage return appending to field
Here is my search:EventCode=4624 OR EventCode=4634 NOT (Account_Name=*$* OR Account_Name=*Anonymous* OR Account_Name=SYSTEM) | table _time, Account_Name, host, TaskCategory, Logon_ID All of my Logoff...
View ArticleDBConnect not working with Oracle
I have installed both ojdbc5 and 6. I have tried to manually enter in the entry to the databases.conf file. I am still getting the ORA-12514 error. The credentials work as I can connect with other...
View Articlewhy doesn't splunk provide a advanced xml editor like sideviews editor
Recently I found a very good app for splunk called sideview.There are many modules implemented by sideview makes developing apps really simple.I wonder why splunk doesn't have these useful modules and...
View Articlexyseries vs chart over by
Are there any differences between the following queries other than my observation (below):xyseries Foo Bar Valuechart latest(Value) over Foo by BarI have noticed that chart last(Value) does not return...
View ArticleHow to rollover python logs in splunk
Hi,I could not find settings to roll over python logs in splunk. In our systems, the python.log size is increasing day by day. When the log file size grows exponentially, neither customers can send us...
View ArticlePowershell expand strings
I have two files. File1.txt and String1.txtContents of File1.txtSome text ABCD123X Execute String1 Some text Contents of String1.txtString1 Procedure ABCD EFGH Output :Some text ABCD123X Execute...
View ArticleURL Monitoring using Webmon
I am trying splunk and wanted to see the URL monitoring using Webmon. I have installed Webmon and added the following into urls.conf file. I am using IE 8.0[Google] url = <url> indexResults =...
View ArticleSplunk replace host name with application name in search query
Hi Team,I am new to Splunk portal. I have to search on multiple hosts for HTTP hits and display the result in single graph by application names hosted on the hosts. Not to display hostname.Query is...
View ArticleHow can Oracle database activities be monitored by Splunk 4.1?
I am looking for a way to monitor oracle database activities using Splunk v4.1. Can I get some help in this regard?
View ArticleDBX tail monitor timestamping Oracle
I have added a couple of queries to extract information from Oracle databases.The DB Info shows that I have a field that is a DATE object. In oracle thevalue is actually , which is actually a timestamp...
View ArticleWhat happens when 'HotDBManager - Creating New hot' & 'Search execution'...
Hi,We noticed an issue in one of our developers system. He setup the application 30 days back, but did not pump any data. On 26th of this month he put log files of 24th in forwarder and started running...
View ArticleForce plot empty columns
I am trying to plot a 4 column chart, say 'A, B, C, D', where each column value is actually a single value series (so that we can color code each column consistently).I have set 4 pre-defined column...
View Article