Getting Data In

Community Activity

Lightweigth forwarder upgrade Hello, I am going to upgrade splunk light forwarder to splunk universal forwarder. In the splunk documentation I'have... by cafissimo Communicator in Getting Data In 03-31-2011 0 2	0	2
Splunk Logs time We can see splunk logs in /opt/splunk/var/log/splunk...we see logs are divided in 5 parts with 25mb of size.ex: audi... by kumarunix8 New Member in Getting Data In 03-31-2011 0 2	0	2
Why is the "connection_host" option in a UDP stanza of inputs.conf being reported as a typo? After an upgrade to 4.2, when Splunk starts up the configuration file checker reports that the "connection_host" opti... by hexx Splunk Employee in Getting Data In 03-31-2011 2 1	2	1
Installing splunkforwarder msi with error: This installation package could not be opened...verify it's a valid Windows Installer Package I downloaded the Windows 2008 64-bit Universal Forwarder without error but when I run splunkforwarder-4.2-96430-x64-r... by Ellen Splunk Employee in Getting Data In 03-31-2011 1 1	1	1
enabling forwarder in manager breaks splunkd, how to fix?? I installed Splunk on Win2k8 R2 and enabled the universal forwarder. Then splunkd would NOT function properly. Shoul... by tlyczko New Member in Getting Data In 03-31-2011 0 1	0	1
Discard log lines that do not start with a timestamp Is there a property that would allow me to discard log lines that don't start with a timestamp? I realize that I can ... by mslvrstn Communicator in Getting Data In 03-30-2011 0 1	0	1
Starting Splunk from post_backup script? Hi, I'm having a problem with ARCserve post backup script that should start Splunk again. Prebackup script for stoppi... by gljiva Path Finder in Getting Data In 03-30-2011 0 1	0	1
Splunk 4.2 complains about possible typo for CLEAN_KEYS Upon an upgrade to 4.2 I noticed that splunk spit out the following: Possible typo in stanza [source::/tmp/test.csv]... by joshd Builder in Getting Data In 03-30-2011 0 2	0	2
Where does host come from in the Universal Forwarder? With previous Splunk installations, at install time, the hostname was written to etc/system/local/inputs.conf. That d... by vbumgarner Contributor in Getting Data In 03-30-2011 0 1	0	1
milliseconds in _time Splunk is picking up a csv file that looks like this: SP A,03/27/11 13:10:00,10,4,5,6 SP A,03/27/11 13:20:00,4,4,2,0... by dinisco Explorer in Getting Data In 03-29-2011 0 2	0	2
What is the impact of an instance forwarding to itself Setup We have a cluster of compute nodes, call them node01-node05. They all will run jobs that create data we'd like... by kevintelford Path Finder in Getting Data In 03-29-2011 0 2	0	2
How do I enable the universal forwarder? I've installed Splunk. Now, how do I turn it into a universal forwarder? With light and heavy forwarders, I used ... by Steve_G_ Splunk Employee in Getting Data In 03-29-2011 1 1	1	1
Forwarder questions on moving files Hey everyone. I am looking to possibly begin using some lightweight forwarders on some of our production servers to g... by msarro Builder in Getting Data In 03-29-2011 0 5	0	5
Extract Timestamp from logs that don't contain any Year reference I need to extract a timestamp from log files looking like that : Feb 16 23:58:44 ... As you can see, there is no re... by lmeur Engager in Getting Data In 03-29-2011 1 3	1	3
Lightweight Forwarder to Universal Forwarder Migration? I just got off the phone with Support and was told that I needed to use Universal Forwarder (mode) in order to forwar... by the_wolverine Champion in Getting Data In 03-28-2011 1 4	1	4
Universal forwarder sending "Cooked" data to indexer Trying to find a solution to my problem: http://answers.splunk.com/questions/13139/wineventlogsecurity-filtering-doe... by arapozo Explorer in Getting Data In 03-28-2011 3 2	3	2
delivery of reports in pdf format Hi every one , i am using Splunk on windows operationg system. I would like to deliver reports in pdf format to end u... by chandansingh Explorer in Getting Data In 03-28-2011 0 1	0	1
capturing windows failed login I have been trying with the below query to capture the failed login attempts made on the windows servers. source="Wi... by npandith Explorer in Getting Data In 03-28-2011 0 1	0	1
Squid Log files Hey All, I enabled the squid app for splunk and threw a log file into it. Pretty quick and easy, and I whipped out ... by jgauthier Contributor in Getting Data In 03-28-2011 1 4	1	4
4.2 UDP input with source IP: not working? EDIT: I've discovered this only happens if I specify more than one stanza on the same port -- different remote IPs, s... by twinspop Influencer in Getting Data In 03-27-2011 0 3	0	3
Return NULL events based on inputlookup I'm trying to create a search to determine which hosts in a CSV file don't have any events associated with it within ... by zschmid Path Finder in Getting Data In 03-27-2011 2 4	2	4
Anyone setup a netstat like input for Windows? Has anyone setup the windows "netstat" command as an input? I like the "netstat" source provided in the unix app, an... by Lowell Super Champion in Getting Data In 03-26-2011 1 3	1	3
Post Server Rename weirdness We performed renames on several servers and am seeing them all show with a weird issue. It seems that there are still... by dchristilaw New Member in Getting Data In 03-26-2011 0 1	0	1
filter data at indexer from forwarder-- not working I have set up a few heavy forwarders. I did this to filter data, and learn how. Some of these are on a WAN and will... by jgauthier Contributor in Getting Data In 03-26-2011 1 6	1	6
Universal forwarder with splunk indexer 4.1.7 - will it work? Can I use the universal forwarder 4.2 to send data to an indexer running Splunk 4.1.7 (or older) ? by rasingh Path Finder in Getting Data In 03-25-2011 1 1	1	1