Learning, learning, learning . . . Our Splunk "expert" is gone, and the non-programmer gets to learn the task! How do you spell SPLUNK?
The dojo of Splunk. Learn, share, teach, mentor.
Videos
Latest Activity
Michael Wilde commented on Michael Wilde's video
Sure... When you do group mapping, map them to groups that don't have the domain admins in them. I have a separate OU=Groups that has "Splunk Users, Splunk Admins, Splunk Power Users" as group names, and specific users…
Mike Hartford commented on Michael Wilde's video
I want to give LDAP access to my splunk servcie but I don't want the LDAP users to have admin capabilitys in Splunk. Can I keep the domain admins out of Splunk if I have LDAP authentication???
Mike Hartford left a comment for Jonathan Hawes
Helow Jonathan,
Glad to have another Splunker. I've been useing Splunk for 2 years and am hooked. I leared how to spell splunk and | transaction too. you'll learn that one soon.
Go over to Splunk…
Mike Hartford commented on Mike Hartford's blog post 'tees for the holy day'
Holy Batskins Ninja, zzzzzwap zgruppp kapow a hidden stash, how great is that!!!!
The team that found them must have special bat senses and highly tooned Splunking skills
I like to wear Extra Lovable…
Regex & Search-Time Field Extraction (8)
| Discussions | Replies | Latest Activity |
|---|---|---|
 Regex For Identifying IP Addresses (To Extract Field)I've tried and failed to extract the IP Address field such that it only includes sets of 4 numbers that are all separated by periods. The… Started by Patrick Swackhammer |
13 |
Apr 6, 2010 Reply by Michael Wilde |
 Need RegEx Help Please!All,I'm a newbie to Splunk and Regular Expressions. I could really use some help creating some Splunk friendly regular expressions that I… Started by James Esposito |
5 |
Apr 6, 2010 Reply by Michael Wilde |
Timestamping is the bane of my existanceI'm working on a quick fix for AS/400 logging and the ability to cleanly report it. I've got all the fields mapped out, but the timestampin… Started by nicholas Lehman |
10 |
Mar 8, 2010 Reply by nicholas Lehman |
custom time series on x-axisI have a custom app dumping a custom log to file every night that includes all events in that app. Each log entry has a time stamp, but Spl… Started by Jordan Schroeder |
2 |
Feb 15, 2010 Reply by Michael Wilde |
WinEventLog:Security filterHi all,i have some problems to filter logs from windows forwarders (not light forwarder). Example: LogName=SecuritySourceName=SecurityEven… Started by bizza |
0 | Feb 3, 2010 |
 Transforms using regex and case insensitivityI have three stanzas in my transforms.conf file--these work as long as the case matches what's in my regex statement. How do I make "produ… Started by Craig Fels |
3 |
Nov 26, 2009 Reply by Michael Wilde |
Splunk equivalent of the *nix 'cut -d' ' -f1-5Hello, I just started playing with splunk. I looked thru the docs and unable to find any commands that allow me to do the *nix equivalent… Started by harish |
3 |
Nov 13, 2009 Reply by Michael Wilde |
 Extracting fields - first line of a multiline eventYesterday i was having a problem extracting fields out of an event and i was looking to grab everything up until the end of a line, in the… Started by Michael Wilde |
0 | Apr 30, 2009 |
© 2012 Created by Michael Wilde.
