Getting Data In

Community Activity

inputs for Cisco Firewalls app when using forwarder Hi, what's the proper config regarding Data inputs to use the Splunk for Cisco Firewalls app on data received from a ... by Jess_1 Explorer in Getting Data In 05-12-2011 0 7	0	7
"Hit EOF while computing CRC" after logrotate runs Since upgrading to Spunk 4.2.1 last month, I'm having trouble with logrotate causing our light forwarders to stop mon... by jberry_lumos Explorer in Getting Data In 05-12-2011 1 9	1	9
Descriptive Statistics from Splunk Hello, I was using Splunk to crawl my Apache logs and I found something rather odd analyzing the mean page size serv... by pstout Splunk Employee in Getting Data In 05-12-2011 0 2	0	2
How does Splunk get date from file I have a file that lists the date at the top and also in the name. Here is a snippet of the first 10 lines of the fil... by tgow Splunk Employee in Getting Data In 05-12-2011 0 1	0	1
Passive Splunk Forwarder - Splunk Indexer actively querying it Hi. We have a client that strictly enforces an 'only allowed open ports are listening ones' policy. As in, Splunk Fo... by splunk_zen Builder in Getting Data In 05-12-2011 0 3	0	3
Ignoring massive amounts of data at index time Hey everyone. We are working on taking in large amounts of CSV data. Each line of the CSV is a single event, and each... by msarro Builder in Getting Data In 05-12-2011 0 2	0	2
Tailing processor and rsync (dot files) - blacklist? Easy one, this, but I can't seem to get it right. I'm monitoring a series of directories which are rsync'd from othe... by howyagoin Contributor in Getting Data In 05-11-2011 0 4	0	4
The four "CPU by Host" graphs only show graphs for "OTHER" My splunk indexer version is 4.2.1, running on Cent0S 5.6. The four "CPU by Host" graphs used to show graphs for eve... by hhn20121 New Member in Getting Data In 05-11-2011 0 2	0	2
Splunk Forwarding and Receiving Hi, I would like to monitor my other computer under one log file by using the forwarding and receiving. I've already... by cassie90 New Member in Getting Data In 05-11-2011 0 6	0	6
Extract timestamp in Epoch (microseconds) to date Hi, I need Splunk to recognize the timestamps down to microseconds. A sample event is listed below: 1305096676.1923... by alextsui Path Finder in Getting Data In 05-11-2011 0 1	0	1
Export Host list Looking to see how I would export a list of all hosts which have reported to splunk all time. I can generate the inf... by aaronwerley New Member in Getting Data In 05-11-2011 0 2	0	2
newbie question on timeline extraction Pls excuse me if this is a really silly question. I cannot find an easy answer in the kb. I have a file which I'm try... by timcoote New Member in Getting Data In 05-11-2011 0 1	0	1
Help removing the Windows App I installed the Windows App for Windows management and let it include recommended data inputs but now want to disable... by wbordeau Explorer in Getting Data In 05-10-2011 0 2	0	2
can't receive events from fowarders Hello, I have a brand new install of a splunk indexer and several clients running forwarders. To install the client... by dbutch1976 Explorer in Getting Data In 05-10-2011 0 6	0	6
Blacklist problem I'm using the universal forwarder on Solaris. I set up the following input: [monitor:///var/log] disabled = false ... by mjmcleod New Member in Getting Data In 05-09-2011 0 2	0	2
Windows app on LInux Indexer Hi, The following is my setup. Indexer is running on Linux, and App "Splunk for Windows" installed on it. Univers... by jameszh New Member in Getting Data In 05-09-2011 0 8	0	8
Are Wildcards supported for use with UNC Paths? I am trying to index a UNC Path, but am unable to use wildcards.. Here's what I"m trying to match \\IISLOGS\MYSERV... by richnavis Contributor in Getting Data In 05-09-2011 0 9	0	9
Windows Universal Forwarder - "received event for unconfigured/disabled index" warning message I'm trying to configure the Splunk Unviersal forwader on a windows box to forward windows event log messages to my sp... by jstockamp Communicator in Getting Data In 05-09-2011 0 2	0	2
Why is Host "localhost" when inputs.conf set-up to use custom name? Hi all, I'm using a straight forward splunk install (no forwarder, no external input source) on my server. Below is ... by tbertran New Member in Getting Data In 05-09-2011 0 5	0	5
How can I forward all "Splunk Deployment Monitor App" to another Splunk I wondering if you could help me with an issue… Here in mine company we installed different servers to each different... by mamaral Path Finder in Getting Data In 05-09-2011 1 3	1	3
Difference between 'show default-hostname' and 'show servername' When running these two commands on a host I get different values. What (if any) is the difference between the two? ... by nocostk Communicator in Getting Data In 05-09-2011 1 1	1	1
Overriding timezone in props.conf Hi, I'm trying to get Splunk to recognise my timezone based on a TZ and TIME_PREFIX setting in props.conf. However,... by howyagoin Contributor in Getting Data In 05-08-2011 0 2	0	2
should the data be indexed include timestamp e.g. if the data be indexed is an application log, all the messages logged in this log file should contain a timestam... by amywong New Member in Getting Data In 05-08-2011 0 2	0	2
is it possible to set up a scripted input that does its own sleeps and never exits? There's a scripted input that I wanted to create a while ago, but it had to do some 'setup' stuff at the beginning a... by sideview SplunkTrust in Getting Data In 05-07-2011 0 2	0	2
Splunking Postgres log events WITHOUT a timestamp Currently, my postgres log events do not contain a timestamp, which makes it difficult for splunking, especially hist... by maverick Splunk Employee in Getting Data In 05-06-2011 0 1	0	1