Getting Data In

Discussions

Thread Info

How to list hosts with no events

Hi! I'm trying to find out hosts that are not sending any data to Splunk at certain time frame. Using command "host=*...

by Explorer in

How to exclude files and folders from monitoring

This is with respect to my earlier post /root monitoring. Now I am able to captured activities done under /root, But...

by Explorer in

Can Universal forwarder forward the delta changes from a file to splunk instance?

I need to know if a universal forwarder could send only the delta changes in a log or need to forward the hole log to...

by Builder in

How do I ensure the security of Splunk itself ? Tampering with Splunks's indexes, events, eventtypes, etc. ?

As a for instance, I logged in as an "admin" and clicked on "Disable" on an event type. I searched using index = _aud...

by Explorer in

REST API Python - Issue with pulling results before search job is done.

I wrote a script in Python to run a search query and return the results. The code to send the search query is: sid...

by New Member in

Search a particular source based on earlier search

Hi , I have user logs which are thousands in number per day. Iam trying to isolate users who had issues and then ...

by New Member in

props.conf

Does props.conf go on a forwarder or on the main splunk server?

by Communicator in

Extracting hostname from filename - inputs.conf on UF - host_regex issue

Having an issue with bluecoat logs that are dropped on a server with a UF. Attempting to extract the hostname with th...

by Path Finder in

too_Small Sourcetype

What would cause a file being indexed to have a sourcetype of SOAMetrics-too_small ? I am not assigning that sour...

by Communicator in

Preformat Automatic Report - CSV

I have written a report that I wish to have delivered automatically by Splunk in a csv file so I can open it in excel...

by Path Finder in

Index past logs under one source

I was wondering: Is there a way to index past logs and still have them show up as just one source? Example: I h...

by Builder in

Monitoring the delta changes ( new changes ) in an error logs

Hello Splunk Expert, The situation: I have a logs file around 10 MB generated from web application errors. this lo...

by Builder in

Splunk search of indexed CSV file does not pull out all the fields

Hi, Splunk newbie here... I am trying to get a csv file of performance metrics into Splunk. Briefly, there are about...

by Explorer in

using access-combined I am not able to get the correct date

I am having problems getting splunk to read my log file correctly. as you can see from the below example, the reporte...

by New Member in

splunk add forward-server IP:PORT -auth user:pass - For UDP ???

Hi, Please i need to use de UDP protocol to add Forwarders (Universal in my case) buy supoust its de same command ...

by New Member in

overwite of logging data

Hi all How/where do I set inside splunk so that the logging data(ie syslog data) can be overwrite in X number of m...

by New Member in

How to configure Universal and Heavy forwarders to filter syslog data for VMware and Cisco traffic then route to their respective index?

I have the following config: 1 Splunk Indexer1 Universal Forwarder1 Heavy Forwarder Here is what is working......

by Explorer in

Splunk 4.2 Universal Forwarder *nix app install via CLI

I am running a Linux box as an indexer and have multiple servers feeding data back to the index. The issue I am havin...

by Engager in

How do I get Splunk to log Cisco ASA Bad Password Attempts?

I am trying to log "Bad Passwords" or "Access Denied" attempts on the ASA and alert on them with Splunk: I have th...

by New Member in

What is the security measures that i should take when introducing universal forwarder on a production environment?

Hello Splunkies, I need to know what are the security measures that is should take if i want to introduce universa...

by Builder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to list hosts with no events

How to exclude files and folders from monitoring

Can Universal forwarder forward the delta changes from a file to splunk instance?

How do I ensure the security of Splunk itself ? Tampering with Splunks's indexes, events, eventtypes, etc. ?

REST API Python - Issue with pulling results before search job is done.

Search a particular source based on earlier search

props.conf

Extracting hostname from filename - inputs.conf on UF - host_regex issue

too_Small Sourcetype

Preformat Automatic Report - CSV

Index past logs under one source

Monitoring the delta changes ( new changes ) in an error logs

Splunk search of indexed CSV file does not pull out all the fields

using access-combined I am not able to get the correct date

splunk add forward-server IP:PORT -auth user:pass - For UDP ???

overwite of logging data

How to configure Universal and Heavy forwarders to filter syslog data for VMware and Cisco traffic then route to their respective index?

Splunk 4.2 Universal Forwarder *nix app install via CLI

How do I get Splunk to log Cisco ASA Bad Password Attempts?

What is the security measures that i should take when introducing universal forwarder on a production environment?

Admin Your Splunk Cloud, Your Way

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

New Customer Testimonials

How to highlight the data in the Map for regions E...

Dashboard Studio - Adding a drop down to filter re...

Splunk Cloud: HEC is not receiving data from cribl...

Connection error with Splunk HEC data input?

How do I effectively filter information?