Getting Data In

Community Activity

WMI queries using the LightWeightFowarder hammering each server every second with 5 to 10 per second I am being told that was the default. I am seeing over 2 Billion WMI records, most (1.6 B) are from WMI:LocalProcess... by billconnell Engager in Getting Data In 10-07-2010 0 1	0	1
Filter subset of a sourcetype at forwarder? I have a DC that forwards a huge amount of wineventlog:Security events to my indexer. I want to configure the forwar... by muebel SplunkTrust in Getting Data In 10-07-2010 0 3	0	3
Monitor Windows Registry from Remote Server Hi, I know I am able to monitor the registry on the local machine where Splunk is run. How about if I want Splunk to ... by gallantalex Path Finder in Getting Data In 10-07-2010 0 2	0	2
Correct syntax for syslog source in props.conf for SEDCMD I would like to ensure that ssn's are anonymized, can anyone tell me what the source type should be for syslog? In t... by jbertoli Engager in Getting Data In 10-07-2010 0 1	0	1
Newbie Question - CSV with header Hey everyone. First, thanks for helping with all of my newbie questions, I really appreciate it. Right now I am tryin... by msarro Builder in Getting Data In 10-07-2010 0 2	0	2
Can splunk convert input files contents from Hexadecimal to Decimal? Specifically monitoring a AppServer that outputs to a file storing in hexadecimal format. Can we specify the charset ... by Chris_R_ Splunk Employee in Getting Data In 10-07-2010 0 4	0	4
Splunk not indexing some files Hello, I am trying to index some files from a lightforwarder on a unix directory (HP-UX), by writing a proper inputs.... by cafissimo Communicator in Getting Data In 10-07-2010 0 2	0	2
Event trigger; followed by a wait window; followed by a notification trigger I have a customer who his trying to port over to Splunk from their "home grown" scripting. The request goes like this... by MasterOogway Communicator in Getting Data In 10-06-2010 0 2	0	2
forwarding accross networks Do to Security requirements I need to setup a forwarder between two networks, say A and B. My Splunk server is on net... by arcotops New Member in Getting Data In 10-06-2010 0 1	0	1
Why does Splunk have multiple indexes? With Splunk's normalizing timestamp-based event indexing capabilities combined with it's powerful search language and... by maverick Splunk Employee in Getting Data In 10-06-2010 6 6	6	6
How to ask Splunk to index a file using the CLI? Other than the oneshot... how would one toss a file into an index through the CLI? I likely missed it in the documen... by hiddenkirby Contributor in Getting Data In 10-06-2010 3 2	3	2
Should I stay away from Windows Event Log when Im setting up custom data inputs? We're setting up a custom data input and I'm wondering whether it's a bad idea to just write everything to WinEventLo... by sideview SplunkTrust in Getting Data In 10-06-2010 0 2	0	2
Script abruptly stopped working I have a script that runs in an app on my forwarders every 12 hours. Or at least that's what it was doing until it ab... by Branden Builder in Getting Data In 10-05-2010 0 5	0	5
Oneshot and Inputs.conf Hi, I recently had to go back and add some historical data that was generated prior to splunk being installed on som... by mgherman Explorer in Getting Data In 10-05-2010 1 2	1	2
AD Base Filter syntax I am using the "Map users directly" config from here - http://www.splunk.com/base/Documentation/4.1.5/Admin/Setupus... by twgtech New Member in Getting Data In 10-05-2010 0 4	0	4
TimeStamp translation I have a date and time timestamp that looks like DATABASE\|20100226\|123918\|20100226\|083918\| and I want to extract the ... by bc_unixadm Explorer in Getting Data In 10-05-2010 1 3	1	3
Tailing logfile written with buffered writter We have some logs being written by a buffered writer. This means that occasionally (depending on when the buffer is ... by christopherutz Path Finder in Getting Data In 10-05-2010 2 7	2	7
How to force Splunk Web to use a proxy server for external calls (e.g. to Splunkbase) on Windows Splunk's web GUI makes a few external calls out, e.g. to load the list of available apps from Splunkbase. If my cor... by Justin_Grant Contributor in Getting Data In 10-05-2010 0 2	0	2
Long Multiline events not breaking correctly Customer has a log file that is failing to break correctly: Some of the events in the file are single line events. Ot... by Genti Splunk Employee in Getting Data In 10-04-2010 0 2	0	2
Where can I find information on how to track my indexing volume over time? I am trying to find a search for index volume over time for licensing tracking. I need to search by index or by hos... by mctester Communicator in Getting Data In 10-04-2010 2 3	2	3
UDP Syslog Host Showing up as IP I have set the UDP syslog port to set hostnames based on DNS. For several hosts this is working fine, however one of ... by Kyle_Brandt Path Finder in Getting Data In 10-04-2010 0 1	0	1
Best pratice for adding knowledge from syslog NG file with forwarder Hello, I have a syslogNG with a forwader to splunkindexer, the syslogNG contains 1000+ hosts Default this will be a ... by Starlette Contributor in Getting Data In 10-04-2010 2 2	2	2
splunking hex-based log events I have log files from a custom app we wrote that is entirely in hex. To splunk it, I understand I might be able to c... by highiqboy Explorer in Getting Data In 10-03-2010 2 1	2	1
User-specific browser session timeout? I have a special user (her name is "dashboard") that needs a session timeout of 0. Is it possible to set no timeout ... by the_wolverine Champion in Getting Data In 10-03-2010 3 2	3	2
Installing the Cisco ASA and PIX firewall addon Hello all - I am in the process of evaluating Splunk (for windows), and found the Cisco ASA and Pix Firewall addon... by dclick New Member in Getting Data In 10-01-2010 0 8	0	8