Getting Data In

Community Activity

What is the best way to index data from a distributed location I need to add a new data input from a mount, but I have a distributed architecture (one forwarder / search head and t... by mctester Communicator in Getting Data In 07-20-2010 0 1	0	1
monitoring changes to a remote filesystem Hi there -- I completed installing the latest version of Splunk on two systems where the first is the server, and th... by kaplan71 New Member in Getting Data In 07-20-2010 0 2	0	2
Full text retrieval: improve performance Hi All! I'm trying to push Splunk to a Customer to index huge amount of data (almost 4.5GB/10M events per day). Th... by marcoscala Builder in Getting Data In 07-19-2010 2 4	2	4
Some events are merged when overiding multiple sourcetypes from single source I am forwarding a single source (file) from kiwisyslog with LFW to the indexer, so got 1 sourcetype [kiwisyslog] The... by Starlette Contributor in Getting Data In 07-19-2010 2 5	2	5
fschange filters for windows I tried searching for documentation on how to implement filters for directories ( in fschange) Could someone let me... by heterodyned Path Finder in Getting Data In 07-19-2010 1 3	1	3
Time Stamps 1 day early? I've got a log file which tracks some call statistics. For some reason, about half of these, Splunk has them as bein... by empath Explorer in Getting Data In 07-17-2010 1 4	1	4
Total space for index I see alot in the docs, etc. that show how to set limits on buckets, etc. I can't seem to find out if there is a way... by skippylou Communicator in Getting Data In 07-17-2010 1 5	1	5
Can't access data after DB migration I backed up all my data, moved it to a larger secondary drive. Uninstalled and re-installed splunk on top of the back... by antinym New Member in Getting Data In 07-15-2010 0 3	0	3
Why is my scripted input excluded from the results? I am running a scripted input that outputs the "apachectl -S" configuration. I have set the proper permissions, test... by Simeon Splunk Employee in Getting Data In 07-15-2010 1 1	1	1
Record snmptrap log file to other and clear the original log file Hello, my problem is that I want to use splunk to copy the log from snmptrapd.log file to another file and clear the ... by sony_1688 New Member in Getting Data In 07-15-2010 0 1	0	1
Pulling Apache access logs on Windows server Hi, I have a windows 2003 server with apache installed. I will like to monitor its access logs on my splunk server r... by remy06 Contributor in Getting Data In 07-15-2010 0 1	0	1
double host name and timestamps Hi All, I have been trying to get Splunk to strip off the timestamp and host of forwarded events but do not understa... by bbear Explorer in Getting Data In 07-14-2010 1 3	1	3
overlapping directives in inputs.conf I have a tree of files on a forwarder that looks something like the following: /foo/able/ /foo/baker/ /foo/charlie/ ... by mfrost8 Builder in Getting Data In 07-14-2010 1 2	1	2
how to get fifo to be sourceType=syslog? Greetings experts, I am using syslog-ng and Splunk on the same box. I have configure syslog-ng to pipe the incoming ... by bbear Explorer in Getting Data In 07-14-2010 1 3	1	3
Splunk Indexer stripping out fields when receiving data from SplunkLF Client Apparently my indexer is stripping out the syslog-ng flag fields ([INFO], [WARNING], and [CRIT]) when indexing syslog... by balbano Contributor in Getting Data In 07-14-2010 0 9	0	9
Search head configured as a forwarder? I'm trying to setup a Splunk search head. I'm really trying to convert an existing light-weight forwarder server to ... by mfrost8 Builder in Getting Data In 07-14-2010 1 4	1	4
Splunk not starting upon Windows command-line msiexec install Here's an odd one. Anyone run into this before? I am at a client and have put together a package based on this answe... by Jason Motivator in Getting Data In 07-14-2010 0 3	0	3
time start and time end im doing a username search and i want two fields in my results table to be the time the user sarted the connection an... by riderofyamaha Explorer in Getting Data In 07-14-2010 0 5	0	5
Remote File Monitoring Is there any way to monitor the attributes of files such as 'Date Created' or 'Modified Date' rather than modify the ... by micah1683 Engager in Getting Data In 07-14-2010 1 1	1	1
Configure interval for forwarding Windows Event Logs to Forwarder I installed Splunk on a Windows DC and configured it as Light Forwarder to send the events to a linux based Splunk In... by klkumar10 Explorer in Getting Data In 07-14-2010 0 1	0	1
How do I Monitor a UNC path? From server1, I have access to the desired UNC path, and this same user is running splunk, so I know access is not an... by seanlon11 Path Finder in Getting Data In 07-13-2010 1 4	1	4
Reset SplunkLightForwarder How may I reset a SplunkLightForwarder so that it will start from scratch and re-forward all data again? (v4.1.3) by broller25 Explorer in Getting Data In 07-11-2010 2 2	2	2
reindexing tossed data from too low a maxTotalDataSizeMB setting Hello: If an index is kept small due to a low default setting, how can I have splunk reindex a large pool of data on... by b1nki3 Explorer in Getting Data In 07-09-2010 0 1	0	1
Will Splunk re-start processing of a file if it is renamed? I am monitoring a directory with contains files that are rotated. Example: A file, today.logs is currently being p... by Brian Engager in Getting Data In 07-09-2010 1 1	1	1
Forwarder tcpout_connections blocked This configuration is two 3.4.2 forwarders -> two 4.1.2 indexers. Forwarders have two UDP inputs & two seperate assig... by Chris_R_ Splunk Employee in Getting Data In 07-09-2010 0 2	0	2