Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it possible to index logs of memory.dmp in Splunk on Windows?

mrabbani
New Member
‎10-28-2014 07:25 AM

Can we take logs of memory.dmp into splunk in windows?
If yes.. how it is possible..
source (%systemRoot%\memory.dmp)

0 Karma
Reply

Ayn
Legend
‎10-29-2014 02:00 AM

No. The memory.dmp file is in a binary format that Splunk can't read. In order for Splunk to be able to read it, you'd need to convert whatever information you want into readable text and have Splunk read that.

0 Karma
Reply
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Get Updates on the Splunk Community!