The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.

Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.

Forums: Posted by osuosl

Topics 1–8 of 8

Topic	Author	Replies	Latest Post
Reference sheet for beginners In: SplunkGeneral Tags: splunk reference search syntax Joe, Please do! Do you have Omnigraffle? I can send you the doc.. That is what I made it in. ... Something I threw together for my coworkers yesterday, a Splunk beginner's reference sheet: <a href="http://staff.osuosl.org/~cshields/?p=140">http://staff.osuosl.org/~cshields/?p=140</a> Enjoy, ...	osuosl Posts	6	74 months ago...
counts of particular log lines? In: SplunkGeneral (Not tagged) report:: is awesome! One thing to note, this modifier can not (yet) be used with cli or SOAP based ...	pthomsen Posts	4	75 months ago...
Merging event types In: SplunkRequest (Not tagged) Splunk Professional version 1.2.4 build 5672 Cheers! In trying to tag a lot of our events, I've found quite a few events are duplicates of other events (not ...	osuosl Posts	2	75 months ago...
Faster "all" splunk In: SplunkGeneral (Not tagged) Yeah, that is how we ended up doing our livesplunks (as the assumed meta:all was killing it). Makes ... I use the quick saved "all" as a starting point quite often. For dozens of servers this can take a while. ...	osuosl Posts	2	75 months ago...
Faster "all" splunk In: SplunkSearchAndAlert (Not tagged) I use the quick saved "all" as a starting point quite often. For dozens of servers this can take a while. ...	boo Posts	1	75 months ago...
live splunk problems In: SplunkGeneral (Not tagged) Think I found my problem. I assumed that setting "rise by" to 1 means "at least 1".. It acts as ... I saved a splunk which returns a couple hundred to a thousand results per hour. Trying to get a live ...	osuosl Posts	2	75 months ago...
Using saved Splunks adds quotes? In: SplunkGeneral (Not tagged) Ok, a follow-up to my own topic here. When I first saved the splunk I had quoted it. Yet after editing ... Tried my first saved Splunk tonight (after noticing a DoS that paged me out of bed) but I am unable ...	osuosl Posts	2	75 months ago...
Tailing files with a dated filename In: SplunkGeneral (Not tagged) Yup! Got Joe's email. Setup the fifo pipe and that seems to be the way to go! So far, so good. The ... Well, it was my knee-jerk reaction for setting splunk up with our current loghost setup, which pulls ... Is there a way to specify a date paremeter within the filename setting in the tailing processor? fex, ...	osuosl Posts	5	76 months ago...

Forums: Posted by osuosl

Description:

Permalink:

Splunk.com

Product:

Solutions:

Industries:

Partners:

About_us:

Support:

Services:

Resources:

Download