Getting Data In

Community Activity

How to edit my type=host metadata search to exclude a certain index? I have this search: \| metadata type=hosts index=*a OR index=os index!=aruba I want to get all the hosts in all the... by hartfoml Motivator in Getting Data In 02-11-2020 0 10	0	10
Missing events from Splunk Universal Forwarder I have one missing event out of 168 events from our Universal Forwarder. I've already checked the internal logs and t... by iancorrea Path Finder in Getting Data In 02-11-2020 0 5	0	5
Is it possible to force an Universal Forwarder to use an specific ip address for the connection to the indexer/hf? We have several Universal Forwarders installed on different Linux machines. Due to the virtualization technology, eac... by ayoldi Explorer in Getting Data In 02-11-2020 0 14	0	14
replicationStatus Failed failure info: failed_because_HTTP_REPLY_ERROR_CODE Hi guys, I'm getting the following message in one of the indexers from the cluster. "DistributedPeerManager - Unabl... by pbalbasm Path Finder in Getting Data In 02-11-2020 0 1	0	1
Calculated field configuration (EVAL) not working in props.conf I am trying to use a filed in calculated fields from props.conf to replace space in one of my field values but not ge... by 513239 Explorer in Getting Data In 02-11-2020 0 7	0	7
How to include medium-large texts with the events? I'm developing an inotify-based daemon to report core-dumps occasionally occurring in a directory. Reporting the fac... by unitedmarsupial Path Finder in Getting Data In 02-10-2020 0 2	0	2
how to set TIME_PREFIX for a json file? I have a JSON file like this. {<!-- --> "ACC_NAME": "A", "DEPT": [{<!-- --> "NAME": "D1", "PROJECT": [{<!-- --> ... by anooshac Communicator in Getting Data In 02-10-2020 0 9	0	9
Splunk add-on for New Relic -- Getting Error : ValueError: No JSON object could be decoded Hello All, Trying to setup Splunk add-on for New Relic and getting this errors in the logs : ValueError: No JSON obj... by jdedev Loves-to-Learn in Getting Data In 02-10-2020 0 1	0	1
Why am I unable to install a universal forwarder using CMD? Hi, I'm trying to install Universal Forwarder using the command below: -> msiexec.exe /i “C:\USERS\%USERNAME%\Deskt... by jsantos1 Engager in Getting Data In 02-10-2020 1 4	1	4
How to save the CSV file to external location I would like to save the CSV file to an external location. I am using the \|outputcsv command which is saving the fil... by khumer Explorer in Getting Data In 02-10-2020 0 5	0	5
How to convert JSON into specific table format This what we have in logs: index="xyz" INFO certvalidationtask And this prints a JSON object which consists of a l... by rsharma1984 Explorer in Getting Data In 02-10-2020 0 5	0	5
Unable to upload dSYM file and receiving error message I'm trying to upload dSYM file from the UI https://mint.splunk.com/dashboard/project/XXX/settings/dsyms but getting a... by sonicroy New Member in Getting Data In 02-10-2020 0 0	0	0
what would be the perfect props.conf for this event Date=2020-02-10\|StrtTime=09:56:08\|EndTime=09:56:08\|Duration=7\|EvntType=MSG\|UUID= props that i am using : TIME_PREFI... by abhishekkalokhe Explorer in Getting Data In 02-10-2020 0 1	0	1
Allowed characters for metadata fields source and sourcetype My question is simple: which characters are allowed for the values of the metadata fields source and sourcetype? I c... by helge Builder in Getting Data In 02-10-2020 0 6	0	6
Installed Universal Forwader 7.1 - splunk showing “No users exist. Please set up a user.” We noticed for newly install splunk Universal forwarder 7.1 we are unable to connect as user admin, and splunk was sh... by sat94541 Communicator in Getting Data In 02-10-2020 8 3	8	3
Blockage of Queue Hello All, Some of the queues are getting blocked in Splunk. Need help to solve it. by vishaltaneja070 Motivator in Getting Data In 02-10-2020 0 2	0	2
How do I upload a file to a custom REST API endpoint? Hi, I am try to upload a file to a custom REST API endpoint, but I am not having much luck (I'm using Splunk 7.0.4).... by fanatic Engager in Getting Data In 02-10-2020 2 5	2	5
TA-MS-AAD - Daily billing data Hi all, I'm trying understending how TA-MS-AAD add-on works. I configured a data input to collect data about billin... by giorgiovolpini New Member in Getting Data In 02-10-2020 0 0	0	0
Use of Timewrap command to control the time range Hi, I am trying to plat a graph of response time over a period of time. I am using timewrap command to plot it for ye... by Shashank_87 Explorer in Getting Data In 02-08-2020 0 6	0	6
Create dashboard to show vmware AlarmStatusChangedEvent until event goes from red to green I am running index=vmware-taskevent \| spath eventClass \| search eventClass=AlarmStatusChangedEvent and I want to have... by wilcoxj New Member in Getting Data In 02-07-2020 0 1	0	1
How to identify type of log delivery Hi Splunkers, we have centralized syslog collector. Also many hosts deliver logs via UFs directly. The same index ... by evelenke Contributor in Getting Data In 02-07-2020 0 7	0	7
Importing CSV Hi everyone, I am ingesting csv files that contain information about views of certain web pages, These files are upd... by edgarsilva01 Path Finder in Getting Data In 02-07-2020 0 2	0	2
metrics statsd Hi, I configured my statsd deamon and splunk to the same instance, I configured the stats deamon on the port 8125. ... by asabatini23 Explorer in Getting Data In 02-07-2020 0 3	0	3
How split up a sentence string into multiple words Hi, let's say there is a field like this: userData= Split this string Is it possible to extract this sentence into d... by ibowman1995 Engager in Getting Data In 02-07-2020 0 4	0	4
How do I re-load data into clustered index after deleting data by changing retension policy? I deleted data in clustered index by changing retention policy very short as mentioned below. https://answers.splunk.... by watanabeya New Member in Getting Data In 02-07-2020 0 1	0	1