Getting Data In

Community Activity

How to undelete a input source I have a log file that was \|delete'd from the index using search. I want the file back in the index. I did several ... by splukUP Engager in Getting Data In 09-08-2010 1 1	1	1
Why is my sourcetype labeled with a "-1" or "-2" at the end of the name? I am indexing apache logs and have them rotating on a frequent basis. The log rotation will rename the file to error... by Simeon Splunk Employee in Getting Data In 09-08-2010 1 2	1	2
How do I setup Splunk to index log4j with org.apache.log4j.RollingFileAppender We plan to use Splunk to keep log for several java application including web server like Tomcat. Those application ar... by Alan_Bradley Path Finder in Getting Data In 09-08-2010 3 4	3	4
Expanding Splunk installation from a single indexer to a multi-indexer + dedicated search head environment.. We're expanding our Splunk environment from a single indexer machine that does everything, to an environment that has... by Brian_Osburn Builder in Getting Data In 09-08-2010 10 5	10	5
UDP syslog not showing up on windows splunk server I've set up Snare on remote servers to forward syslog events on port 6161 to my Splunk server. I've run wireshark on... by digihax New Member in Getting Data In 09-08-2010 0 7	0	7
Import Checkpoint Archive Logs I have checkpoint logs going back which we have exported of our checkpoint FW, and i would like to import them into s... by keithosullivan New Member in Getting Data In 09-07-2010 0 4	0	4
Splunk on windows getting syslog from ESXi I cannot find any info to get this to work. I am running splunk on a windows vm I want to gather syslog info from the... by jjackson81281 New Member in Getting Data In 09-07-2010 0 2	0	2
duplicate index entries I'm having what appears to be a logic problem, but it could be something else. I have an app that displays the outpu... by Branden Builder in Getting Data In 09-07-2010 1 16	1	16
How can I collect eventlogs into my Splunk? I have configured remote WMI in my Splunk to see the eventlogs on Windows servers. But when I index and search the ev... by ford1863 New Member in Getting Data In 09-07-2010 0 1	0	1
Checkpoint LEA App working issue: all logs entries are downloaded at each script execution Hello, We are a consulting firm and I am assessing the Splunk solution for one of my customer. The LEA applicatio... by LauMat Engager in Getting Data In 09-07-2010 1 3	1	3
stop splunk from splitting a file. I'm trying to read some config files into splunk, ala change management. I'm not using fschange, I'm using a tcp moni... by jstillwell Explorer in Getting Data In 09-05-2010 0 5	0	5
Performance Profiling What's the best approach to start profiling a standalone server to determine either: a) the best way to improve perf... by southeringtonp Motivator in Getting Data In 09-04-2010 1 2	1	2
How do I filter or search on the results of a long running scheduled search job? I have a saved search that I scheduled to run every night, since the search takes a few minutes to run and I view the... by jkeglovitz Explorer in Getting Data In 09-03-2010 0 3	0	3
VMware ESX - Snapshot ESX environment with Splunk in a VM: Splunk 4.1.4 RHEL4 64bitconfigured as indexer$SPLUNK_DB on SAN (in VMware conte... by meno Path Finder in Getting Data In 09-03-2010 1 1	1	1
Difficulty in Timestamp Recongnition Hi there, I am trying to have splunk know the right timestamp in the following event. COR_00000001,Com1,LOC_0000000... by melonman Motivator in Getting Data In 09-03-2010 1 3	1	3
Windows LightFwdr NOT forwarding IIS logs !? I presently have 4 windows boxes lightforwarding to linux indexer. Forwarder is configured to forward IIS logs, howev... by john_loch Explorer in Getting Data In 09-03-2010 1 4	1	4
Does Splunk use the MS Visual C++ Runtime library? Does Splunk uses the Visual C++ Runtime Library? Since installing the Splunk agent, I have seen no less than two po... by mctester Communicator in Getting Data In 09-02-2010 0 1	0	1
Can I configure the windows installer to not start Splunk right after it's installed? I would like to make sure that the splunkd and splunkweb services aren't automatically started by the Splunk Windows ... by hexx Splunk Employee in Getting Data In 09-02-2010 4 3	4	3
Converting Active Directory Time Fields AD stores certain fields like: pwdLastSet in a large integer format. How can I convert these to a human readable t... by ogdin Splunk Employee in Getting Data In 09-02-2010 1 4	1	4
Trouble setting up forwarders on Windows 2008 using Service Account I'm in a Windows environment, trying to set up forwarding to my indexer, all on Windows 2008 servers. So, I made sur... by gsawyer1 Engager in Getting Data In 09-02-2010 0 5	0	5
Issues Triggering Alert Scripts on Windows XP I’m currently running Splunk on my Windows XP SP3 and I'm trying to get a couple scripts to run after an alert trigge... by maverick Splunk Employee in Getting Data In 09-02-2010 3 4	3	4
Powering Down a Splunk Indexer for Maintenance Hi all, Basically for example's sake; lets say i have 45 web server clients logging to a Splunk Indexer and it is the... by dalgibbard Engager in Getting Data In 09-02-2010 0 5	0	5
Splunk listens for syslog but no logs show up in the console I am running Splunk on Windows 7 64 bit and configured data adapters for syslog on TCP and UDP. I can see via Wiresha... by local_graph_2 New Member in Getting Data In 09-01-2010 0 6	0	6
Sidewinder firewall I want to get logs and data from my sidewinder firewall running 7.0.0.06. How do I do it? by wrightp New Member in Getting Data In 09-01-2010 0 2	0	2
Monitor logs on a Unix Server from Windows Machine I installed Splunk on my Windows XP machine and I'm trying to setup the "Source" to "Monitor a file or directory" whi... by jerry_john Engager in Getting Data In 09-01-2010 1 2	1	2