Getting Data In

Community Activity

Filtering Windows logs on Splunk Forwarder If I make configuration changes mentioned by Maverick, in http://answers.splunk.com/questions/9076/how-to-configure-a... by ageld Path Finder in Getting Data In 04-05-2011 0 1	0	1
max throughputs of forwarders dear sirs, I'm aware about default limitations in a lightweight forwarder (256KB), which can be increased. it’s also... by MuS SplunkTrust in Getting Data In 04-05-2011 6 1	6	1
Hiow to forward events from servers and network devices We have a splunk Indexer based on Linux and we have around 40+ servers and network devices in our network. Want to k... by ppram New Member in Getting Data In 04-05-2011 0 3	0	3
Basic steps to configure universal forwarder (4.2) No migrations, no upgrade, installing forwarders from the ground up. from splunkd.log **ERROR TcpOutputProc - Light... by yuriy_zubarev Engager in Getting Data In 04-05-2011 2 2	2	2
How to configure a Forwarder to filter and send only the events I want? I have a temporary need to filter and forward ONLY a specific set of events to my indexer. I see from a couple othe... by maverick Splunk Employee in Getting Data In 04-04-2011 3 5	3	5
Audit logs added to Windows security events Hi, In some cases it seems Splunk adds this kind of info to some winsec events: Audit:[timestamp=04-03-2011 04:13:1... by johandk Path Finder in Getting Data In 04-04-2011 0 1	0	1
Universal Forwarder Log DIR Is it possible to configure the log directory of a Windows 4.2 unviversal fowarder? i.e. we want to log to a directo... by Josh Path Finder in Getting Data In 04-04-2011 2 1	2	1
What happens to old buckets when upgrading to 4.2? During a 4.2 upgrade on an indexer, does the upgrade convert the old indexes to the new 4.2 format? by rsimieng Splunk Employee in Getting Data In 04-01-2011 0 1	0	1
Configure Scheduled Search to send out csv file in email instead of inline results Hello, I have a scheduled search which sends out alerts when certain criteria matches. Currently the results are sen... by anantshah Path Finder in Getting Data In 04-01-2011 0 6	0	6
After upgrade to 4.2 the Events from Windows Eventslogs are partially not working, lines broken at random positions by zliu Splunk Employee in Getting Data In 04-01-2011 1 3	1	3
Problem with data parsing After a restart Splunk changed the way it is indexing a syslog file. I have three log servers writing to an NFS shar... by conner9 Path Finder in Getting Data In 04-01-2011 1 2	1	2
Best way to invoke python script that generates .csv files for lookup I have a python script that retrieves data from an external source and stores it in several .csv files. I have added... by beaumaris Communicator in Getting Data In 03-31-2011 1 1	1	1
Lightweigth forwarder upgrade Hello, I am going to upgrade splunk light forwarder to splunk universal forwarder. In the splunk documentation I'have... by cafissimo Communicator in Getting Data In 03-31-2011 0 2	0	2
Splunk Logs time We can see splunk logs in /opt/splunk/var/log/splunk...we see logs are divided in 5 parts with 25mb of size.ex: audi... by kumarunix8 New Member in Getting Data In 03-31-2011 0 2	0	2
Why is the "connection_host" option in a UDP stanza of inputs.conf being reported as a typo? After an upgrade to 4.2, when Splunk starts up the configuration file checker reports that the "connection_host" opti... by hexx Splunk Employee in Getting Data In 03-31-2011 2 1	2	1
Installing splunkforwarder msi with error: This installation package could not be opened...verify it's a valid Windows Installer Package I downloaded the Windows 2008 64-bit Universal Forwarder without error but when I run splunkforwarder-4.2-96430-x64-r... by Ellen Splunk Employee in Getting Data In 03-31-2011 1 1	1	1
enabling forwarder in manager breaks splunkd, how to fix?? I installed Splunk on Win2k8 R2 and enabled the universal forwarder. Then splunkd would NOT function properly. Shoul... by tlyczko New Member in Getting Data In 03-31-2011 0 1	0	1
Discard log lines that do not start with a timestamp Is there a property that would allow me to discard log lines that don't start with a timestamp? I realize that I can ... by mslvrstn Communicator in Getting Data In 03-30-2011 0 1	0	1
Starting Splunk from post_backup script? Hi, I'm having a problem with ARCserve post backup script that should start Splunk again. Prebackup script for stoppi... by gljiva Path Finder in Getting Data In 03-30-2011 0 1	0	1
Splunk 4.2 complains about possible typo for CLEAN_KEYS Upon an upgrade to 4.2 I noticed that splunk spit out the following: Possible typo in stanza [source::/tmp/test.csv]... by joshd Builder in Getting Data In 03-30-2011 0 2	0	2
Where does host come from in the Universal Forwarder? With previous Splunk installations, at install time, the hostname was written to etc/system/local/inputs.conf. That d... by vbumgarner Contributor in Getting Data In 03-30-2011 0 1	0	1
milliseconds in _time Splunk is picking up a csv file that looks like this: SP A,03/27/11 13:10:00,10,4,5,6 SP A,03/27/11 13:20:00,4,4,2,0... by dinisco Explorer in Getting Data In 03-29-2011 0 2	0	2
What is the impact of an instance forwarding to itself Setup We have a cluster of compute nodes, call them node01-node05. They all will run jobs that create data we'd like... by kevintelford Path Finder in Getting Data In 03-29-2011 0 2	0	2
How do I enable the universal forwarder? I've installed Splunk. Now, how do I turn it into a universal forwarder? With light and heavy forwarders, I used ... by Steve_G_ Splunk Employee in Getting Data In 03-29-2011 1 1	1	1
Forwarder questions on moving files Hey everyone. I am looking to possibly begin using some lightweight forwarders on some of our production servers to g... by msarro Builder in Getting Data In 03-29-2011 0 5	0	5