Getting Data In

Community Activity

How do you collect Windows performance data using a custom app? Hello all, I am new to Splunk and am trying to collect Windows performance data using a custom App rather than the W... by sapanda Path Finder in Getting Data In 01-28-2019 0 3	0	3
Can't see my NAS data in my Splunk using SNMP input modular Hello, I'm using the snmp modular input app to collect my NAS data to Splunk. 1. I configure the snmp using the poll ... by cherifa Explorer in Getting Data In 01-28-2019 0 1	0	1
Monitoring same logs for two different sourcetype Hello, we are monitoring GC logs and logs could be in two different format.(Conventional GC and G1) Requirement is t... by AKG1_old1 Builder in Getting Data In 01-28-2019 0 2	0	2
log unsafe as it does not exist anymore, scheduling a oneshot timeout instead. Running syslog-ng with a HF. Logrotate runs hourly. 16 or so different web proxies are sending logs to the syslog-ng ... by kmarciniak Path Finder in Getting Data In 01-27-2019 0 4	0	4
Can someone help me create a query that fetches forwarder details? Can anyone please let me know the query for fetching the details of forwarders, as well as the deployment server, fro... by ninja3526 New Member in Getting Data In 01-27-2019 0 2	0	2
How do you filter custom events in Windows Security log using regular expression in blacklist? Hello, We have Splunk Enterprise 7.2 with Deployment Server role and Splunk Universal forwarder on a Windows SQL ser... by jzinguer New Member in Getting Data In 01-26-2019 0 1	0	1
Apply spath automatically to a sourcetype with nested JSON Hi all, I have JSON events with complex properties, aka nested JSON objects. I know how to apply spath and create mac... by Motoko89 Path Finder in Getting Data In 01-26-2019 0 7	0	7
Educational Resouces for log quality All, Our developers need a lot of training just on producing solid log quality. Wondering if anyone has any formal ... by daniel333 Builder in Getting Data In 01-26-2019 0 1	0	1
Why is TCP data not being indexed? Hi, I have a feed of events coming into my Splunk Heavy Forwarder, but they aren't being indexed, and I'm baffled. ... by a212830 Champion in Getting Data In 01-26-2019 0 6	0	6
Can you help me avoid data loss from my universal forwarder? Hi Splunker! i am using a universal forwarder to monitor and forward data (log file) to my Splunk. i have observed a... by dailv1808 Path Finder in Getting Data In 01-25-2019 0 9	0	9
Value misinterpreted as time We found the following message in the data and Splunk recognizes it as a timestamp. How can I prevent this interpreta... by amielke Communicator in Getting Data In 01-25-2019 0 7	0	7
How come our CSV scheduled export for a savedsearch can't have more than 50.000 rows? Hi, We need to have a copy of a big SQL table in a CSV file to speed up some lookups... We do retrieve the data us... by futurebroadband New Member in Getting Data In 01-25-2019 0 2	0	2
How do I add fields to incoming data? Hi, I'm trying to load a CSV file using the universal forwarder, and there are no headers in the CSV file. How can ... by raghu0463 Explorer in Getting Data In 01-25-2019 0 4	0	4
Universal fowarder and WMI I want to configure the universal fowarder to poll WMI data and forward it to my indexer. I understand that I need a ... by tympaniplayer Path Finder in Getting Data In 01-24-2019 3 18	3	18
How do you parse and chart fields in a JSON array? Hi, I have a log event where part of the log entry contains some JSON data similar to the following format: [ ... by someone4321 Explorer in Getting Data In 01-24-2019 0 7	0	7
Parsing very long JSON lines I am working with log lines of pure JSON (so no need to rex the lines - Splunk is correctly parsing and extracting al... by leatherface Explorer in Getting Data In 01-24-2019 4 6	4	6
What do I look at in splunkd.log to troubleshoot deployment client issues? Hi Splunkers, I have a list of servers that have the Splunk UF running on them. These servers are not showing up i... by vanderaj2 Path Finder in Getting Data In 01-24-2019 2 13	2	13
JSON Double Extraction I've got an odd problem with JSON extracting twice. I've read the other posts on this and believe what I have should ... by ehowardl3 Path Finder in Getting Data In 01-24-2019 0 1	0	1
How come event breaker based on timestamp works when uploading a file but not with source type props.conf? Hi guys, I am trying to index a ProxySQL log file which looks like: ProxySQL LOG QUERY: thread_id="25" username="bl... by 0xlc Path Finder in Getting Data In 01-24-2019 0 4	0	4
How come our forwarder is not getting configuration from deployment server? Hello Everyone, I have set up my own test environment where I have my deployment server (DS) on Windows with Splunk ... by Ajinkya1992 Path Finder in Getting Data In 01-23-2019 0 4	0	4
transforms ,tsv input, taking each log entry and distributing it across days in that month I'm not sure if it's possible. I know I can limit, and I know I can play some regex on the input. But has anyone don... by tmblue Engager in Getting Data In 01-23-2019 0 9	0	9
How do you make a search that checks two lookup tables and optimizes results? Hello Splunk friends! I have two lookup tables. The first http_full (http_full.csv) looks like this: status,IP,URL... by adabud6267 Explorer in Getting Data In 01-23-2019 0 1	0	1
Why is Inputlookup CSV truncating my data? I use the inputlookup file.csv and the zeros on numbers are deleted ex. 00075 to 75, it also truncates some numbers e... by shealerner New Member in Getting Data In 01-23-2019 0 3	0	3
How can I correlate firewall traffic from two different timestamps I want to get a list of traffic that has accessed the same site at two different times. All I know are the times: say... by matthewg Explorer in Getting Data In 01-23-2019 0 2	0	2
How do I ingest logs generated from Outlook thick client running on Windows 7? We are specifically looking to Ingest logs generated from the Outlook client that will capture Outlook Rule and Folde... by ttokkaris New Member in Getting Data In 01-23-2019 0 0	0	0