Getting Data In

Community Activity

Index data from shell script with headers I want to index a shell script output thro inputs.conf.I have configured the script [script://$SPLUNK_HOME/etc/apps/s... by DataOrg Builder in Getting Data In 03-25-2021 0 0	0	0
forwarder stopped in AIX I installed splunk universal forwarder version 6 in AIX and it stopped automatically after some time. please let me k... by kml_uvce Builder in Getting Data In 03-24-2021 0 2	0	2
Capture historical data of processes in AIX I am new to Splunk and was wondering if there is a way to capture the historical data of the amount of CPU or Memory ... by kkoene Engager in Getting Data In 03-24-2021 0 2	0	2
How do I locate KVstore & scripted based look ups? Under lookups I see a few .csv based & few look up definitions. So where are the KVstore based or scripted based look... by SamHTexas Builder in Getting Data In 03-24-2021 0 2	0	2
Splunk field extractor ignors comma towards the end I have a CSV with the following data 19,john doe,blue car,NAY,NA,YAY,,NIL,,,,NA,, There are 14 fields in the above li... by termcap Path Finder in Getting Data In 03-24-2021 0 0	0	0
Splunk log management I know splunk manages its own internal logs and there is log.cf and local-log.cfg. I am wondering can we manage log f... by singhba1 New Member in Getting Data In 03-24-2021 0 1	0	1
Configured but Inactive Forwards, inspite of resolving Firewall issue. Why? Hello I am trying to configure a forwarder between a Linux Machine and a Windows machine. My Splunk is installed on ... by smk54 New Member in Getting Data In 03-24-2021 0 3	0	3
splunk forwarder up-gradation using tar file on custom path Hi All, We are planning to upgrade splunk forwarders with ansible. We observed that our forwarders are running on cus... by btshivanand Path Finder in Getting Data In 03-24-2021 0 7	0	7
The monitor input cannot produce data because splunkd's processing queues are full. This will be caused by inadequate in The monitor input cannot produce data because splunkd's processing queues are full. This will be caused by inadequate... by imam99 Loves-to-Learn Lots in Getting Data In 03-24-2021 0 1	0	1
Cisco IOS Have recently been administrating our Splunk deployments. My question is in the CISCO TA app our props.conf has [sour... by amack Observer in Getting Data In 03-23-2021 0 0	0	0
What is the best way to forward Vcenter and ESXi host logs to Splunk? Hello, I am working on a project to get logs from Vcenter and ESXi host to Splunk . question 1 ) Is Vcenter app fo... by raomu Explorer in Getting Data In 03-23-2021 1 1	1	1
Windows monitored file duplicate data I have a csv file that is written to once a day. The input points to a custom sourcetype [csvtest] which has approp... by darrenfuller Contributor in Getting Data In 03-23-2021 0 0	0	0
How do I get a count of applications deployed to forwarders? The Deployment Server - (Settings -> Forwarder Management) shows Host Name, Client Name, Instance Name, IP Address, A... by rholm01 Explorer in Getting Data In 03-23-2021 0 7	0	7
Regex help Hi,I have the below event where i tried to extract field ServerAEvent:ADMU0509I: The Application Server "serverA" can... by SS1 Path Finder in Getting Data In 03-22-2021 0 2	0	2
What values to be updated in the props conf file ? My logfile is like below,"timestamp": "2021-03-22 22:37:35". Can someone tell me how to edit the props file correctly... by ethanthomas Path Finder in Getting Data In 03-22-2021 0 1	0	1
how to list metadata from dbconnect inputs? Hello, I have to survey our client's dbx inputs, with their metadata (index, sourcetype) but the command: \| rest sp... by 3DGjos Communicator in Getting Data In 03-22-2021 0 6	0	6
Steps to use included Lookup tables that come with Splunk enterprise & ES Steps to use included Lookup tables that come with Splunk enterprise & ES. I have over 100 Lookup tables that I have ... by SamHTexas Builder in Getting Data In 03-22-2021 0 7	0	7
Multiple time formats in one sourcetype - failed to extract timestamp Hello Dear Splunkers Recently we got reported issue when our indexers are reporting multiple issues with timestamp e... by Denis_B Observer in Getting Data In 03-22-2021 0 2	0	2
Issues with multiline events props.conf Hi Everyone,Requesting small help with configuring props.conf which can help me to break the multiline events correct... by sunnyb147 Path Finder in Getting Data In 03-22-2021 0 4	0	4
How do I check to see if a couple of Hosts are sending data to Splunk Enterprise How do I check to see if a couple of Hosts are sending data to Splunk Enterprise. They both are VMs. by SamHTexas Builder in Getting Data In 03-22-2021 0 4	0	4
Eventhubs - Splunk Add-ON for ms cloud services partitions I was using the MS Azure add-on for splunk. Trying to switch to Splunk Add-on for MS cloud services. One thing i n... by zippo706 Explorer in Getting Data In 03-21-2021 2 0	2	0
Splunk forwarder not processing batch input Hi All,I have a deployment app which successfully deployed to a server with the splunk forwarder installed, but which... by cku1 Engager in Getting Data In 03-21-2021 0 2	0	2
Trying to monitor local macOS system logs and performance data as remote log from Ubuntu instance on VirtualBox I am trying to get my Ubuntu instance on VirtualBox to ingest my mac's system logs and performance data as remote log... by Herman Explorer in Getting Data In 03-21-2021 0 0	0	0
Scripted input interval Hi,For the scripted input setup i want the script to run only at specific time i.e. 7 AM EST or 8 AM EST. How do i ac... by SS1 Path Finder in Getting Data In 03-20-2021 0 1	0	1
Is there any way to monitor CPU on Mac OS? Hello, Is there any way to monitor CPU/ performance on a Mac OS? Does the universal forwarder for Mac include scrip... by DavidHourani Super Champion in Getting Data In 03-20-2021 0 3	0	3