The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.
Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.
Forums: Posted by stjack99
| Topic | Author | Replies | Latest Post |
|---|---|---|---|
|
Get time between each event in a transaction
In: SplunkSearchAndAlert
(Not tagged)
I'm trying to figure out how to calculate the time between each event in a transaction. For instance, ...
|
–
|
25 months ago... | |
|
Help with WinEventLog input
In: SplunkAdministration
(Not tagged)
I have a light forwarder that is pulling in event data from a custom windows event log. In input.conf, ...
|
–
|
26 months ago... | |
|
Timezone Weirdness
In: SplunkAdministration
(Not tagged)
I had this same problem, and finally fixed it by putting the following in props.conf:
[iis]
TZ = ...
|
8
|
26 months ago... | |
|
Return random selection of result
In: SplunkSearchAndAlert
(Not tagged)
If you search and end up with several thousand results, is it possible to return 100 randomly selected ...
|
1
|
26 months ago... | |
|
Remove overlapping eventtypes from timechart report
In: SplunkReporting
(Not tagged)
Let's say you have the following eventtypes:
eventtype=Section1
eventtype=Section2
eventtype=Section3
eventtype=Section4
You ...
|
–
|
28 months ago... | |
|
Need help: generate list of users who performed all xx actions
In: SplunkSearchAndAlert
(Not tagged)
That did the trick. Thank you!
If I have a data that in simplified form looks like: User | Action ------------------------------- Bob ... |
2
|
28 months ago... |