Getting Data In

Community Activity

Can't access data after DB migration I backed up all my data, moved it to a larger secondary drive. Uninstalled and re-installed splunk on top of the back... by antinym New Member in Getting Data In 07-15-2010 0 3	0	3
Why is my scripted input excluded from the results? I am running a scripted input that outputs the "apachectl -S" configuration. I have set the proper permissions, test... by Simeon Splunk Employee in Getting Data In 07-15-2010 1 1	1	1
Record snmptrap log file to other and clear the original log file Hello, my problem is that I want to use splunk to copy the log from snmptrapd.log file to another file and clear the ... by sony_1688 New Member in Getting Data In 07-15-2010 0 1	0	1
Pulling Apache access logs on Windows server Hi, I have a windows 2003 server with apache installed. I will like to monitor its access logs on my splunk server r... by remy06 Contributor in Getting Data In 07-15-2010 0 1	0	1
double host name and timestamps Hi All, I have been trying to get Splunk to strip off the timestamp and host of forwarded events but do not understa... by bbear Explorer in Getting Data In 07-14-2010 1 3	1	3
overlapping directives in inputs.conf I have a tree of files on a forwarder that looks something like the following: /foo/able/ /foo/baker/ /foo/charlie/ ... by mfrost8 Builder in Getting Data In 07-14-2010 1 2	1	2
how to get fifo to be sourceType=syslog? Greetings experts, I am using syslog-ng and Splunk on the same box. I have configure syslog-ng to pipe the incoming ... by bbear Explorer in Getting Data In 07-14-2010 1 3	1	3
Splunk Indexer stripping out fields when receiving data from SplunkLF Client Apparently my indexer is stripping out the syslog-ng flag fields ([INFO], [WARNING], and [CRIT]) when indexing syslog... by balbano Contributor in Getting Data In 07-14-2010 0 9	0	9
Search head configured as a forwarder? I'm trying to setup a Splunk search head. I'm really trying to convert an existing light-weight forwarder server to ... by mfrost8 Builder in Getting Data In 07-14-2010 1 4	1	4
Splunk not starting upon Windows command-line msiexec install Here's an odd one. Anyone run into this before? I am at a client and have put together a package based on this answe... by Jason Motivator in Getting Data In 07-14-2010 0 3	0	3
time start and time end im doing a username search and i want two fields in my results table to be the time the user sarted the connection an... by riderofyamaha Explorer in Getting Data In 07-14-2010 0 5	0	5
Remote File Monitoring Is there any way to monitor the attributes of files such as 'Date Created' or 'Modified Date' rather than modify the ... by micah1683 Engager in Getting Data In 07-14-2010 1 1	1	1
Configure interval for forwarding Windows Event Logs to Forwarder I installed Splunk on a Windows DC and configured it as Light Forwarder to send the events to a linux based Splunk In... by klkumar10 Explorer in Getting Data In 07-14-2010 0 1	0	1
How do I Monitor a UNC path? From server1, I have access to the desired UNC path, and this same user is running splunk, so I know access is not an... by seanlon11 Path Finder in Getting Data In 07-13-2010 1 4	1	4
Reset SplunkLightForwarder How may I reset a SplunkLightForwarder so that it will start from scratch and re-forward all data again? (v4.1.3) by broller25 Explorer in Getting Data In 07-11-2010 2 2	2	2
reindexing tossed data from too low a maxTotalDataSizeMB setting Hello: If an index is kept small due to a low default setting, how can I have splunk reindex a large pool of data on... by b1nki3 Explorer in Getting Data In 07-09-2010 0 1	0	1
Will Splunk re-start processing of a file if it is renamed? I am monitoring a directory with contains files that are rotated. Example: A file, today.logs is currently being p... by Brian Engager in Getting Data In 07-09-2010 1 1	1	1
Forwarder tcpout_connections blocked This configuration is two 3.4.2 forwarders -> two 4.1.2 indexers. Forwarders have two UDP inputs & two seperate assig... by Chris_R_ Splunk Employee in Getting Data In 07-09-2010 0 2	0	2
A few events from a single log source file are getting stuck together at indexing - why? I am indexing a log file of about 50,000 single line events and for the most part the events are indexed fine. This r... by pj Contributor in Getting Data In 07-08-2010 0 2	0	2
Indexing Queues Blocked if Network Is Not Reachable, why? My Indexer is receiving data from a Forwarder but also sending data to non Splunk device. This external device becam... by mzorzi Splunk Employee in Getting Data In 07-08-2010 2 5	2	5
Where are TCP and UDP inputs indexed? When I configure network inputs (TCP or UDP), I provide the port number and sourcetype, but there is nowhere to speci... by lguinn2 Legend in Getting Data In 07-07-2010 1 5	1	5
How to use timezone in Multi-Timezone system? Hi, There are several questions about timezone configuration. I know that splunk use the timezone information in r... by dianbo_1 Path Finder in Getting Data In 07-07-2010 0 3	0	3
multiple inputs parser error When i try and run a multiple input search running 4.1.2 on windows 7 im getting an error message that causes search ... by riderofyamaha Explorer in Getting Data In 07-07-2010 0 3	0	3
SplunkLightweightForwarder app require inputs.conf? Or can i enable "applicationx" with its own inputs.conf. only the lightweightforwarder and the "applicationx" apps a... by hiddenkirby Contributor in Getting Data In 07-07-2010 0 3	0	3
BIND IP Causing issues with RTSearch... We have done an interface binding (to IP: index1_IP) on one of our indexers. This was done on one of the indexer (in... by balbano Contributor in Getting Data In 07-07-2010 0 4	0	4