Getting Data In

Community Activity

Search that lists the configured indexes on a Splunk indexer? Hi, Is there a search that can return the list of indexes configured on a Splunk Indexer? Or is the only way to loo... by Derek Path Finder in Getting Data In 09-30-2010 0 2	0	2
More than one DEST_KEY Can I use more than one DEST_KEY? For example DEST_KEY=_MetaData:Index,MetaData:Sourcetype FORMAT=sourcetype::VPN,i... by carmackd Communicator in Getting Data In 09-29-2010 0 1	0	1
Search head license violations I'm using the forwarder license on my search head. I've disabled all inputs, and any extra apps. Yet I still get lice... by twinspop Influencer in Getting Data In 09-29-2010 0 2	0	2
Line limit for scripted inputs? I have a script that outputs between 300 and 800 lines. The output seems to be truncated after 138 lines. Is there ... by rsigle Explorer in Getting Data In 09-28-2010 0 3	0	3
extracting timestamp from log with one date and multiple time fields Hi, I am unable to extract a valid _time from the following log: 0168 004 07:59:03 09:01:35 0062 asdfghj ee bonfany... by imrago Contributor in Getting Data In 09-27-2010 0 10	0	10
Not able to sourcetype I'm unable to force sourcetype from props.conf. Relatively new to splunk, am trying to setup logging of solaris /var... by pmr Explorer in Getting Data In 09-27-2010 0 2	0	2
sub second event sorting We have a log file which contains a 7 digit second timestamp like the below: 08:30:00.2124216 We periodically need t... by briang67 Communicator in Getting Data In 09-25-2010 1 2	1	2
W3C Fields With Light Forwarder - Still don't have it Please advise. Linux Splunk Server 4.1.5 Light forwarder is installed on Windows IIS web Servers Trying to get W3C ... by dveith Explorer in Getting Data In 09-24-2010 2 7	2	7
Parsing fields from AIX fcstat command which looks similar to Windows INI file type headers I am trying to extract the fields from the AIX command fcstat so I can grap SAN HBA statistics. The output of the com... by rasingh Path Finder in Getting Data In 09-24-2010 0 1	0	1
Log File not breaking correctly Log is similar to this but with many more lines: Tue Sep 21 00:01:07 MDT 2010 No filename specified, using '*'. Tue ... by Genti Splunk Employee in Getting Data In 09-24-2010 0 7	0	7
Sample alert script that sends snmp to a monitoring tool? Does anyone have a sample alert script that, once triggered, takes the data set handle passed to it from the Splunk a... by maverick Splunk Employee in Getting Data In 09-24-2010 0 1	0	1
Lots of WinEventLogChannel -subscribeToEvtChannel There are a lot of these error messages logged in splunkd.log 09-23-2010 09:31:28.062 ERROR WinEventLogChannel - sub... by elusive Splunk Employee in Getting Data In 09-23-2010 1 1	1	1
Why is Windows App producing Event Log Errors? I'm receiving many errors (to the tune of 20GB/day from one server) in my _internal from a light forwarder. Target: ... by mbrunetto Path Finder in Getting Data In 09-23-2010 0 3	0	3
Splunk stopped following files. Splunk stopped following data input files for changes. This happend after I was accessing https://splunk-server:8089/... by amra Engager in Getting Data In 09-23-2010 1 4	1	4
How do i forward to multiple indexers w/SSL I have two indexers and a (various#) number of forwarders, how can i use SSL for all traffic between these boxes? by Chris_R_ Splunk Employee in Getting Data In 09-23-2010 0 2	0	2
Forwarders fail to make connection to server Frequently, our lightweight forwarders cannot connect to the Splunk server to send log tail output and we end up miss... by misschatter Engager in Getting Data In 09-22-2010 3 1	3	1
How can you regulate resource consumption when monitoring a large number of files? If a LWF has a large number of files to monitor, what settings can be used to help ensure that consuming/monitoring t... by Ron_Naken Splunk Employee in Getting Data In 09-22-2010 3 2	3	2
How to invoke Splunk daemon to parse newly added file right away Since I usually turned of splunkd service on my local machine and only turn it back on when I need to do some log sea... by Stan New Member in Getting Data In 09-21-2010 0 1	0	1
Limit CPU Access for splunk I just downloaded and installed splunk 4.1.4 and installed on WIN7 laptop. Upon reboot of my system, the CPU pegged ... by dexpeterson Explorer in Getting Data In 09-21-2010 1 8	1	8
FSChange: fullEvent=true but no full event? I have a fschange stanza configured as such [fschange:/path/to/file] disabled = false pollPeriod = 300 fullEvent = t... by muebel SplunkTrust in Getting Data In 09-21-2010 1 3	1	3
Migrating data from one index to another I've been using the default "main" index for all my indexing. I'm at the point where I think it would be best to bran... by Branden Builder in Getting Data In 09-21-2010 1 5	1	5
Import OLD event logs from backup drive Hi... I'm trying to import 'thousands' of old event logs into Splunk to setup a searchable database.... I can enter... by berniefieldhous Engager in Getting Data In 09-21-2010 2 3	2	3
Forwarding select data in my environment. I'm trying to take data from specific systems and, after indexing it, forward it to a third party for other analysis.... by Steve_Litras Path Finder in Getting Data In 09-20-2010 3 3	3	3
Total Space For SplunkDB Hi, Now I know you can set the following in indexes.conf maxTotalDataSizeMB = 500000 which sets the max size of the ... by Josh Path Finder in Getting Data In 09-20-2010 1 8	1	8
Multiple indexes/Custom app I am writing an app for my team to use. Let's call the app xyz. The app will make use of various inputs, saved search... by Branden Builder in Getting Data In 09-20-2010 0 2	0	2