Getting Data In

Discussions

Thread Info

Delete splunk.com Account

HI. I would like to delete my current account and open a new one. My current id "army4282" has a specific army troop ...

by New Member in

How to monitor a single file to be indexed by modifying inputs.conf?

I'm having trouble getting a single file to be indexed. I have successfully monitored all files in a directory before...

by Path Finder in

What is the best way to get DCOS Mesos/Marathon to forward their containers logging into Splunk?

What would be the best way to get DCOS Mesos/Marathon to forward their containers logging to Splunk? As our Devs t...

by Builder in

How to can I configure dynamic sourcetype assignment on a Universal Forwarder or a Heavy Forwarder?

I have a folder which has multiple log files in format CalculationMgr-xxx(xx).log and EventMgr-xxx(xx).log where xx i...

by Explorer in

Parsing libsvm events

I'm trying to parse a number of different libsvm files https://www.csie.ntu.edu.tw/~cjlin/libsvm/faq.html#/Q03:_Data_...

by Splunk Employee in

How to set an Approriate Sourcetype for Qradar CSV Report when add Data into Splunk?

I have a CSV Report look like this: <13>Jun 12 14:04:28 10.0.115.117 AgentDevice=WindowsLog AgentLogFile=Applicati...

by New Member in

Unable to search/index the uploaded text file in the newly built test machine?

Hi, I have recently setup an single instance test machine in our environment, with splunk version as 6.6.1 in Linux e...

by Motivator in

How to turn off fields sorting from Splunk JSON results?

When used Splunk Java SDK extract the data from a search, Splunk automatically sorts the results based on the alphabe...

by Communicator in

Sometimes get a TailReader ERROR on monitoring a file. Why?

I have a Windows 2008 R2 server with a Splunk UF v6.6.7 installed. We are monitoring many files on this server. Oc...

by Path Finder in

Splunk licensing for each indexer

Hello. I want to know if it is possible to get from the splunk application or from the server the licensing of eac...

by New Member in

How are Windows instance numbers for two processes with the same name determined?

I have several svchost.exe processes running on a Windows host. In Splunk in the Perfmon:Process sourcetype I have ev...

by Explorer in

Need to omit events with specific strings (info or debug) in them.

I am trying to prevent debug and info events from getting logged into splunk. I created an inputs.conf and used black...

by Path Finder in

Why are Win Event Logs (Security logs) (Win10) generating gigs of data related to SeBackupPrivilege?

Has anyone seen an issue where Win Event Logs (Security logs) (Win10) are generating gigs of data related to SeBackup...

by New Member in

Monitoring using "WinPrintMon", why are some universal forwarders reporting "ProcessRefresh: Failed ProcessRefresh: error = '0x800706ba'. Restart."?

I monitor using "WinPrintMon" on several hundred servers - 17 of those servers gives this error-message at each poll:...

by Communicator in

Getting Data In

Discussions

Delete splunk.com Account

How to monitor a single file to be indexed by modifying inputs.conf?

What is the best way to get DCOS Mesos/Marathon to forward their containers logging into Splunk?

How to can I configure dynamic sourcetype assignment on a Universal Forwarder or a Heavy Forwarder?

Parsing libsvm events

How to set an Approriate Sourcetype for Qradar CSV Report when add Data into Splunk?

Unable to search/index the uploaded text file in the newly built test machine?

How to turn off fields sorting from Splunk JSON results?

Sometimes get a TailReader ERROR on monitoring a file. Why?

Splunk licensing for each indexer

How are Windows instance numbers for two processes with the same name determined?

Need to omit events with specific strings (info or debug) in them.

Why are Win Event Logs (Security logs) (Win10) generating gigs of data related to SeBackupPrivilege?

Monitoring using "WinPrintMon", why are some universal forwarders reporting "ProcessRefresh: Failed ProcessRefresh: error = '0x800706ba'. Restart."?

Setting correct timezone for mcafee logs in dbconnect

parallelIngestionPipelines on heavy forwarder

Has anyone used the SAP Crystal Reports API for Splunk?

Monitor .Exe files

Windows Splunk instance to use http proxy

Convert timestamp from BST to EDT

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!

Full Details! >

host name extraction / regex from syslog using Rsy...

What different colors for bar graph

Critical Syslog Server Tricks

Partial obfuscation in Splunk Cloud

Issue in getting data from universal forwarder

Getting Data In

Discussions

Help us learn about how Splunk has impacted your career by taking the 2021 Splunk Career Survey.Earn $50 in Amazon cash! Full Details! >

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!

Full Details! >