Getting Data In

Community Activity

avoid duplicate file ingestion in splunk how to remove duplicate files from ingesting in splunk? i am monitoring a folder in which there is a file names abcd... by test4u Path Finder in Getting Data In 02-27-2019 0 5	0	5
Kendo grid filters in splunk dashboards Hey, We are using in our Splunk reports the kendo grid that has filtering options. When we change the filters the tab... by sofiadavidov New Member in Getting Data In 02-26-2019 0 0	0	0
Can you help me migrate Splunk from Windows to linux? I have Splunk working perfectly on a Windows machine. I need to now set up Splunk on a Linux machine. What are the ... by test4u Path Finder in Getting Data In 02-26-2019 0 1	0	1
Switch my splunk platform from windows to linux Hello everyone, I got already-running splunk with windows 2003 R2 Ent 32bit, I really want to know that is there an... by chrislee123 Engager in Getting Data In 02-26-2019 1 3	1	3
Is [any://] valid in a networking input? Hi, In an inputs.conf, is [any://1111] (for example) valid in a network input to use port 1111 for both TCP and UDP... by russell120 Communicator in Getting Data In 02-26-2019 0 1	0	1
Can you help me with a problem extracting XML? I've scoured Google and Answers, but my XML looks a little different than most I've seen so far: <Doc_OutPut XML_Ve... by manderson7 Contributor in Getting Data In 02-26-2019 0 4	0	4
Can I have a forwarder and indexer on the same machine just for experiment? Hi Guys, I am new to Splunk and I have play around the Splunk Enterprise for a few days. I managed to add data from ... by normangoh Explorer in Getting Data In 02-26-2019 0 4	0	4
How do you ensure a deployment client's .conf files are running with new changes? Hi, If I use push an update (.conf files) to deployment clients using my deployment server, how do I ensure those c... by russell120 Communicator in Getting Data In 02-26-2019 0 1	0	1
Adding a Unix indexer to support apps Again, new to Splunk. I currently have a single instance of Splunkenterprise installed on a Win12 R2 server. We would... by noy72 New Member in Getting Data In 02-26-2019 0 4	0	4
splunk-kinesis-stream-processor Lambda timeouts Hello, We're trying to use the Splunk provided Lambda application splunk-kinesis-stream-processor (from Serverless A... by iamkuba New Member in Getting Data In 02-26-2019 0 0	0	0
How do you filter out an event based on an account name? Hello, I am trying to exclude specific event logs from a Windows system being forwarded and indexed to Splunk. What... by alexandrosd New Member in Getting Data In 02-26-2019 0 3	0	3
Splunk DB connect: How does it work when storing/indexing data? Hello community, First of all, thank you for reading this question. I am being asked to monitor a new data source (S... by jesusgalloEMC Explorer in Getting Data In 02-26-2019 0 2	0	2
Why aren't my apps props.conf not being exported when using export = system? My props.conf values are not being picked up by the Splunk search app. I currently have the following stanza set in ... by inmanx09 New Member in Getting Data In 02-26-2019 0 1	0	1
HF logs is missing from _internal index I have this Heavy Forwarder apparently not sending its own _internal logs $SPLUNK_HOME/var/log/splunk/*.log to the i... by tcmarquesi Explorer in Getting Data In 02-26-2019 0 3	0	3
Filter events for specific keywords Hi, I have some set of events that has keywords like "inbound message" and "outbound message". the events looks some... by keishamtcs Explorer in Getting Data In 02-26-2019 0 15	0	15
moving from indexed time _json to search time We are using a lot of indexed time _json sourcetypes on our heavy forwarder for file inputs and HTTP event collector.... by Skins Path Finder in Getting Data In 02-26-2019 0 3	0	3
Splunk occasionally not capturing all logs Hey all, I'm running into some odd behavior. I currently have splunkforwarder set up on a container and it should be ... by rileykohl21 New Member in Getting Data In 02-26-2019 0 1	0	1
how can i ignore the last line from the csv file while indexing from the universal forwarder ?? how to tell my universal forwarder to ignore the last line from the CSV during parsing by Nadhiyaa Path Finder in Getting Data In 02-26-2019 0 1	0	1
What happens if you deploy an inputs.conf from a DS if an inputs.conf already exists? Hi, Its just as the title suggests. If a have a deployment client with an inputs.conf thats already configured as su... by russell120 Communicator in Getting Data In 02-26-2019 0 2	0	2
how we RUN Script which convert binary index data into csv and again save it into same index? Hi please help me ,I have Universal forwarder install on another machine ,which send binary data to splunk insatnce... by ajitshukla Explorer in Getting Data In 02-25-2019 0 3	0	3
Scripted Input - Python Module Error I have a python script that pulls data from an SFTP source and writes the data to a file (myScript.py). The script im... by nakiamatthews Explorer in Getting Data In 02-25-2019 0 4	0	4
How do I find out long the a field is greater than variable X? Hi, We are monitoring Windows performance logs. We would like to know when the CPU usage started to go over 90% and ... by ocgovsplunk Engager in Getting Data In 02-25-2019 0 1	0	1
Why is my HTTP event collector Indexing slowly? Fellow Splunksters, I have been able to send data to Splunk via TCP sockets for a while and never had any issues. I... by amanno New Member in Getting Data In 02-25-2019 0 1	0	1
Heavyforwarder transforms.conf split data into multiple indexes Hello experts, Need help. My requirement is to extract 1st set of lines into 1st index and 2nd set into 2nd index. A... by nareshinsvu Builder in Getting Data In 02-25-2019 0 2	0	2
Is it possible to use Splunk to Alert on too many users per license or expiring licenses for Office365? Well the title says it all, I want to create an Alert for licenses that are approaching the max amount of users or ar... by tsomod Path Finder in Getting Data In 02-25-2019 0 1	0	1