Getting Data In

Community Activity

Input lookup a value in a list of items Hello All, I have a file below which contains a list of Servers and which Group they belong time: Server, Environme... by JohnGilmour New Member in Getting Data In 11-05-2019 0 1	0	1
How to stop monitoring a particular log file name in Splunk? Log path being monitored /tmp/*.log I have numerous files under the log path that are being monitored. How I can sto... by gunturu_nagasri Explorer in Getting Data In 11-05-2019 0 2	0	2
How to work with JSON file from JS? Hi, I have to write some information to JSON file because of this method comfortable for me, but when I am trying rea... by rendie Path Finder in Getting Data In 11-05-2019 0 2	0	2
How to configure Splunk Forwarder to NOT index historical data Recently we had issues with one of the data inputs which uses rest API add-on, sending a large volume of data. So I h... by vrmandadi Builder in Getting Data In 11-05-2019 0 5	0	5
Why is Splunk forwarder locking file Hello, We have the issue with the Splunk forwarder, which we would like to understand. We monitor one of the directo... by damucka Builder in Getting Data In 11-04-2019 1 1	1	1
Why does my Splunk is not indexing all the files that pass thru inputs.conf? Hello Everyone! I created an inputs.conf for index different files, but after a few files indexed it stop indexing n... by danielgp89 Path Finder in Getting Data In 11-04-2019 1 7	1	7
Splunk internal network use, still need proxy setup? I have one Splunk deployment (search head + indexers) set up in our internal corp network. Whenever we have proxy iss... by xindeNokia Path Finder in Getting Data In 11-04-2019 0 3	0	3
Why are similar events showing different datetimes? I'm facing something strange about _time and timezone. We have 2 hosts indexing the same event type (Unix:Uptime). ... by douglasmsouza Explorer in Getting Data In 11-04-2019 0 3	0	3
Question about configuring the Master Node to forward OS logs Reading OS logs from a cluster indexer node is controlled by the master node $SPLUNK_HOME/etc/master-apps/_cluster/lo... by nsommars Explorer in Getting Data In 11-04-2019 0 1	0	1
Is there an order of precedence across servers (UF -> IDX -> SH)? There is a lot of information regarding the order of the precedence of props.conf within a single Splunk server, but ... by reswob4 Builder in Getting Data In 11-04-2019 0 5	0	5
How to display latest Linux os values grouped by hosts I need to display the latest cpu, memory, etc information grouped by host in a table format. I have managed to pull c... by zoveress Engager in Getting Data In 11-04-2019 1 1	1	1
Combining Two Files into One I want to create a query where I can get source_port to show what source_ip is going to as I wanted to show how many ... by keldridg2 New Member in Getting Data In 11-04-2019 0 3	0	3
How to convert UTC to CST We are receiving events on our syslog collector in UTC timezome. Below is the sample event. I have configured the be... by martinnepolean Explorer in Getting Data In 11-04-2019 0 5	0	5
How to separate IIS logs while parsing Hi Splunk Ninjas, We have different web portals for different purposes. I categorize them as internal and external... by riqbal47010 Path Finder in Getting Data In 11-04-2019 0 4	0	4
Splunk DB Connect not working with Splunk 8.0.0 Dear All, Splunk DB Connect is not working under the new release of Splunk. The app is constantly loading and nothin... by eduardo1989 Path Finder in Getting Data In 11-04-2019 0 6	0	6
How to display multiple SplunkJS inputs on one line Is there a way to display multiple splunkjs one one line? Here's my js code: require([ "splunkjs/mvc",... by spammenot66 Contributor in Getting Data In 11-03-2019 0 1	0	1
Splunk Universal Forwarder vs Deployment Server troubleshooting I'm having some issues getting Universal Forwarders to talk to the Deployment Server, and I'm looking for some troubl... by clhall1 Explorer in Getting Data In 11-03-2019 0 3	0	3
What is the best way to push/deploy configurations/apps to heavy forwarders and search heads? I have one deployment server to service 4 HFs and 1 deployer to service 3 SHs in cluster. What is the best way to pu... by vnguyen46 Contributor in Getting Data In 11-03-2019 0 3	0	3
How to write parsing configuration for json file? My log contains multiple {} data structure and i want to get all json field inside extracted field in splunk . How t... by vin02ptl Explorer in Getting Data In 11-03-2019 0 4	0	4
Help estimating cost of metrics in Splunk? All, I am trying to get my head around host much Splunk costs for metric points. I have three metric indexes and l... by daniel333 Builder in Getting Data In 11-03-2019 1 4	1	4
Why am I getting error "Universal Forwarder Setup Wizard ended prematurely" trying to install Splunk universal forwarder 6.2 on Windows Server 2012R2? Hello, I am trying to deploy the Splunk universal forward to Win 2012 R2 servers. Using version : 6.2.0-237341-x64 ... by cam343 Path Finder in Getting Data In 11-01-2019 3 6	3	6
How to put results of custom search command into index Hello all, I have add-on with written a custom search command. This command call my python package. my_searchcommand... by skharenk New Member in Getting Data In 11-01-2019 0 3	0	3
How to access splunk data from Postgres without moving data? I need to access splunk data from postgres. Used DB Connect to implement this. But DB Connect export data from SPlun... by akshayt New Member in Getting Data In 11-01-2019 0 2	0	2
Indexer receives forwarded Splunk internal logs but does not receive non-Splunk os events Hi, I set up a Linux forwarder to forward os logs to a Windows indexer as a test. The Windows indexer is running Spl... by Ant1D Motivator in Getting Data In 11-01-2019 0 6	0	6
How to collect Windows service status I'm trying to collect the status of two windows services but I don't need the status of the rest of the services on t... by morphis72 Path Finder in Getting Data In 11-01-2019 0 2	0	2