Getting Data In

Community Activity

How do I see all Hosts? It's only showing "Top 10 Values" for some reason. by philrego Path Finder in Getting Data In 07-30-2019 0 7	0	7
How to debug why a universal forwarder is parsing files from paths but no data is ingested? Hi Everyone, I am trying to monitor xml files from a directory in a certain server. But for some unknown reason/s no... by jvmerilla Path Finder in Getting Data In 07-30-2019 0 4	0	4
Multiple Splunk indexer with same $SPLUNK_DB location Hi, I have $SPLUNK_DB set up in a NAS storage. But the indexer is installed in a VM (say VM1) running on splunk versi... by sujoybose77 Explorer in Getting Data In 07-29-2019 0 3	0	3
Splunkd Warning: "C:\program files\...\local.meta already exists but with different casing: C:\Program Files\...\local.meta" Hello fellow Splunkers, We've been tracking down and resolving our Splunkd errors and warnings. This one has us perp... by jacobpevans Motivator in Getting Data In 07-29-2019 1 1	1	1
How to find the Active Directory and ingest data from it? Trying to get data from the AD data from the forwarder to Domain Controller. Could not see any settings within Splun... by keldridg2 New Member in Getting Data In 07-29-2019 0 3	0	3
Splunk is pulling the wrong custom .conf file I have two apps that are both utilizing the same exact type of custom .conf file. The data in the .conf files are sup... by vanixishere New Member in Getting Data In 07-29-2019 0 1	0	1
JSON Split at Index Time Hi all, I have a JSON file output from a RESTful API service and the log looks something like this: {<!-- --> "Provider":... by krishnakesiraju Explorer in Getting Data In 07-29-2019 0 1	0	1
Allow only a specified SSL cipher in the splunk forwarder? Hello, our Nessus scanner show a issue with the 56 bit SSL ciphers which are allowed by the splunk forwarder: Syno... by BastianW Path Finder in Getting Data In 07-29-2019 0 5	0	5
Limitation of using Forwarder license Hi I have read splunk docs https://docs.splunk.com/Documentation/Splunk/7.3.0/Admin/TypesofSplunklicenses I want to ... by ips_mandar Builder in Getting Data In 07-29-2019 0 2	0	2
Event breaking not working properly with the regex ([\r\n]+) Event breaking not working properly with the below regex... props.conf LINE_BREAKER=([\r\n]+) My Log data : ('Hi-S... by soumdey Path Finder in Getting Data In 07-29-2019 0 9	0	9
Is Deployment Client (Universal Forwarder) 6.0 and below is still compatible with Splunk Deployment Server (Splunk Enterprise) 7.0? Hi All, Just want to ask if Deployment Client (Universal Forwarder) 6.0 and below is still compatible with Splunk De... by dantimola Communicator in Getting Data In 07-28-2019 0 2	0	2
How to create Alert for monitoring splunk forwarder that events is not fetched within the last 5 minutes Hello, I have multiple scripts in each host which send availability,memory,space details of servers to splunk in ever... by avni26 Explorer in Getting Data In 07-28-2019 0 5	0	5
What does the number of files in the data inputs, files and directories page indicate? Hi Everyone, I was wondering what the number of files in the data inputs, files and directories page indicate? I ha... by paduka Path Finder in Getting Data In 07-28-2019 0 5	0	5
Question on indexes and retention policy I have 5 indexers in a cluster environment with replication factor 3 . We have a license of 350 GB and our daily aver... by vrmandadi Builder in Getting Data In 07-28-2019 0 6	0	6
Ingest XML files, fields not being created Hi, i am trying to ingest XML files and split the elements in fields, my log files are; <?xml version="1.0" encodin... by ssaenger Communicator in Getting Data In 07-27-2019 0 4	0	4
splunkclouduf.spl failed login Receiving this error below... C:\Program Files\SplunkUniversalForwarder\bin>splunk install app splunkclouduf.spl -a... by tthonest New Member in Getting Data In 07-27-2019 0 2	0	2
Time/Date Stamp errors Hello I have empty log files that get monitored and I keep getting the following warnings: Failed to parse timesta... by edwardrose Contributor in Getting Data In 07-27-2019 0 6	0	6
filtering logs before indexing I have json type of data and below is the sample events .I want to filter out the events which have the field called ... by vrmandadi Builder in Getting Data In 07-27-2019 0 5	0	5
Timezone change TZ not working. Hi, We are getting logs in UTC format, I tried using TZ=UTC on Heavy forwarder, but its not working for all events. ... by knalla Path Finder in Getting Data In 07-27-2019 0 6	0	6
Monitoring multiple servers/paths with a single inputs.conf app Trying to setup an "intelligent" inputs.conf that uses the system name of the forwarder then uses the correct path fo... by joesrepsolc Communicator in Getting Data In 07-27-2019 0 2	0	2
Need a help on Line Breaking and Time Prefix, Time_Format on props.conf ? Hi All, Need a help on Line Break Regex and TIME_FORMAT on props.conf, I am ingesting sonarqube logs in to splunk fo... by Hemnaath Motivator in Getting Data In 07-26-2019 0 4	0	4
Splunk filter search to show only multi-value fields I'm working on a splunk search head that was set up my someone else at work and I'm not very familiar with the datase... by brinley Path Finder in Getting Data In 07-26-2019 0 4	0	4
What is the admin account for on a Universal Forwarder? I have UFs on some "sensitive" servers and the owners - that did the install are questioning the purpose of the Admin... by Glasses Builder in Getting Data In 07-26-2019 0 2	0	2
Coverting raw IIS logs timestamp from GMT to EST Hello All, I'm working in a windows environment ingesting IIS logs from windows servers. The logs are written in GMT... by Jarohnimo Builder in Getting Data In 07-26-2019 0 4	0	4
How to configure Splunk Heavy Forwarder and Splunk Searchhead on the same machine? Hi @gcusello (tagging u because i have seen many of your answers in this context  ) , Is it possible to configure Sp... by sarvesh_11 Communicator in Getting Data In 07-26-2019 0 2	0	2