Getting Data In

Community Activity

transforms.conf use two conditions I have an event in index xxx with events coming from different hosts. I need to create a transforms.conf to filter wh... by rex_rafa New Member in Getting Data In 11-05-2019 0 1	0	1
Does a Splunk forwarder need to be installed a on a Splunk server to ingest its own logs? Or does the server automatically grab its own logs? Do I need to install a Splunk forwarder on a Splunk server to ingest its own logs? Or does the server automatically ... by cipherboy123 New Member in Getting Data In 11-05-2019 0 5	0	5
Radius event issue with wmi.conf Hi all, We have a radius server forwarding information to splunk. When we look into the events, we can see that Splu... by pbalbasm Path Finder in Getting Data In 11-05-2019 0 0	0	0
Splunk REST interface slow Hi splunkers, Im running a multisite clustered environment with SH clustering. When I'm on any SH running searches e... by DavidHourani Super Champion in Getting Data In 11-05-2019 2 3	2	3
Using inputlookup to enrich results table with a common field between search and CSV Hi, I am trying to use an inputlookup to enrich my search results table with additional fields from my inputlookup cs... by 373782073 Explorer in Getting Data In 11-05-2019 0 3	0	3
Input lookup a value in a list of items Hello All, I have a file below which contains a list of Servers and which Group they belong time: Server, Environme... by JohnGilmour New Member in Getting Data In 11-05-2019 0 1	0	1
How to stop monitoring a particular log file name in Splunk? Log path being monitored /tmp/*.log I have numerous files under the log path that are being monitored. How I can sto... by gunturu_nagasri Explorer in Getting Data In 11-05-2019 0 2	0	2
How to work with JSON file from JS? Hi, I have to write some information to JSON file because of this method comfortable for me, but when I am trying rea... by rendie Path Finder in Getting Data In 11-05-2019 0 2	0	2
How to configure Splunk Forwarder to NOT index historical data Recently we had issues with one of the data inputs which uses rest API add-on, sending a large volume of data. So I h... by vrmandadi Builder in Getting Data In 11-05-2019 0 5	0	5
Why is Splunk forwarder locking file Hello, We have the issue with the Splunk forwarder, which we would like to understand. We monitor one of the directo... by damucka Builder in Getting Data In 11-04-2019 1 1	1	1
Why does my Splunk is not indexing all the files that pass thru inputs.conf? Hello Everyone! I created an inputs.conf for index different files, but after a few files indexed it stop indexing n... by danielgp89 Path Finder in Getting Data In 11-04-2019 1 7	1	7
Splunk internal network use, still need proxy setup? I have one Splunk deployment (search head + indexers) set up in our internal corp network. Whenever we have proxy iss... by xindeNokia Path Finder in Getting Data In 11-04-2019 0 3	0	3
Why are similar events showing different datetimes? I'm facing something strange about _time and timezone. We have 2 hosts indexing the same event type (Unix:Uptime). ... by douglasmsouza Explorer in Getting Data In 11-04-2019 0 3	0	3
Question about configuring the Master Node to forward OS logs Reading OS logs from a cluster indexer node is controlled by the master node $SPLUNK_HOME/etc/master-apps/_cluster/lo... by nsommars Explorer in Getting Data In 11-04-2019 0 1	0	1
Is there an order of precedence across servers (UF -> IDX -> SH)? There is a lot of information regarding the order of the precedence of props.conf within a single Splunk server, but ... by reswob4 Builder in Getting Data In 11-04-2019 0 5	0	5
How to display latest Linux os values grouped by hosts I need to display the latest cpu, memory, etc information grouped by host in a table format. I have managed to pull c... by zoveress Engager in Getting Data In 11-04-2019 1 1	1	1
Combining Two Files into One I want to create a query where I can get source_port to show what source_ip is going to as I wanted to show how many ... by keldridg2 New Member in Getting Data In 11-04-2019 0 3	0	3
How to convert UTC to CST We are receiving events on our syslog collector in UTC timezome. Below is the sample event. I have configured the be... by martinnepolean Explorer in Getting Data In 11-04-2019 0 5	0	5
How to separate IIS logs while parsing Hi Splunk Ninjas, We have different web portals for different purposes. I categorize them as internal and external... by riqbal47010 Path Finder in Getting Data In 11-04-2019 0 4	0	4
Splunk DB Connect not working with Splunk 8.0.0 Dear All, Splunk DB Connect is not working under the new release of Splunk. The app is constantly loading and nothin... by eduardo1989 Path Finder in Getting Data In 11-04-2019 0 6	0	6
How to display multiple SplunkJS inputs on one line Is there a way to display multiple splunkjs one one line? Here's my js code: require([ "splunkjs/mvc",... by spammenot66 Contributor in Getting Data In 11-03-2019 0 1	0	1
Splunk Universal Forwarder vs Deployment Server troubleshooting I'm having some issues getting Universal Forwarders to talk to the Deployment Server, and I'm looking for some troubl... by clhall1 Explorer in Getting Data In 11-03-2019 0 3	0	3
What is the best way to push/deploy configurations/apps to heavy forwarders and search heads? I have one deployment server to service 4 HFs and 1 deployer to service 3 SHs in cluster. What is the best way to pu... by vnguyen46 Contributor in Getting Data In 11-03-2019 0 3	0	3
How to write parsing configuration for json file? My log contains multiple {} data structure and i want to get all json field inside extracted field in splunk . How t... by vin02ptl Explorer in Getting Data In 11-03-2019 0 4	0	4
Help estimating cost of metrics in Splunk? All, I am trying to get my head around host much Splunk costs for metric points. I have three metric indexes and l... by daniel333 Builder in Getting Data In 11-03-2019 1 4	1	4