Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

Why is our Windows Splunk forwarder displaying passwords in clear text in the password file? How do we encrypt it?

On the Windows side, the Splunk forwarder file displays clear text passwords. Can they be encrypted, and how? Than...

by New Member in

outputs.conf: sslPassword not hashing if placed under the [tcpout] stanza

Hey all, I've configured $SPLUNK_HOME/etc/system/local/outputs.conf to use SSL certificates for forwarding logs. M...

by Path Finder in

WinEventLog System

hi question regarding the wineventlog system collection. for some reason splunk is only displaying event code 7036...

by Path Finder in

Average on time only, without considering date

I have this query: Base quey | eval EndTime = if(Result="OK", _time, null) | eval StartTime = if(LogType ="START"...

by Communicator in

Empty results from rest call in Report

Hello. Running 6.6 (paid license) with LDAP authentication. I need to use my own email in a Report. I built a complex...

by Path Finder in

je n'arrive pas à ajouter des données sur Splunk, voilà le message d'erreur: "Vous n'êtes pas habilité à ajouter des données. Veuillez contacter votre administrateur"

lorsque je transmet un chemin d'un file ou que je transmet directement le file, je n'arrive pas à accéder a avoir l'h...

by New Member in

Questions on Splunk and Syslog-ng Server

What are the Splunk requirements to receive the data from Syslog-ng server?What are the Syslog requirements to get th...

by New Member in

Why does forwarding stop until i restart splunk

I have a 4.3.3 UF on a windows 2008r2 box that was forwarding windows event logs quite happily. It's now stopped for...

by Path Finder in

Not showing csv data

hi, I uploaded csv file having a date field. This field has current week dates as well as future week dates. CSV got ...

by Communicator in

Filtering mutiple table rows created from a single log entry

I have multiple JDBC connection pools and their realtime stats are written to a log on a regular basis. I would like ...

by New Member in

REST API searches without search id

Hello guys, is it possible to request directly results without preliminary search id or we always need to run, get...

by Builder in

How do I enable the HTTP Event Collector?

The following HTTP Event Collector walkthrough says - -- To enable it, in Splunk Enterprise and self-service or...

by Ultra Champion in

Why am I getting an error that my license has expired or have exceeded license violations?

Hi  Dears, I am using Splunk 6.4 as a heavy forwarder which send its logs to an indexer (6.3) . Heavy forwarder ...

by Explorer in

Setup deployment server and a heavy forwarder.

we have a clustered environment 6 indexers , 3 search heads , 1 Cluster Master, License Server, Deployment Server on ...

by New Member in

How to configure maxVolumeDataSizeMB when homePath and coldPath are both set to the same volume?

$SPLUNK_DB for one of our Splunk Search Servers filled up recently. The root cause was apparently due to significant ...

by Path Finder in

How does the volume size maxVolumeDataSizeMB apply if you have a mix of volumes and indexes paths ?

I want to use Volumes in indexes.conf to limit the space used by my indexes. On each index, I see 4 paths : homePa...

by Splunk Employee in

Why am I getting incorrect results from btool during diagnostics for a Splunk 6.3.1 Windows universal forwarder?

When running the btool on the inputs.conf files on a Windows universal forwarder (v6.3.1), the results appear to be i...

by Communicator in

Why are changes made in props.conf not taking effect?

My sample data AAA, 0.5% BBB,0.10% CCC,0.20% my search looks like this base search | rex ".*?(?[^,]+),\s*?(?...

by Explorer in

Data cloning and load balancing

Hello guys, we have this config for outputs.conf : *[tcpout] defaultGroup = ssl_splk_sitesAB_9997 useACK = true...

by Builder in

indexer does not log security logs

Hi, after we upgrade the universal forwarder on version 6.2 the security logs are not indexed anymore in the index...

by Communicator in

Getting Data In

Discussions

Why is our Windows Splunk forwarder displaying passwords in clear text in the password file? How do we encrypt it?

outputs.conf: sslPassword not hashing if placed under the [tcpout] stanza

WinEventLog System

Average on time only, without considering date

Empty results from rest call in Report

je n'arrive pas à ajouter des données sur Splunk, voilà le message d'erreur: "Vous n'êtes pas habilité à ajouter des données. Veuillez contacter votre administrateur"

Questions on Splunk and Syslog-ng Server

Why does forwarding stop until i restart splunk

Not showing csv data

Filtering mutiple table rows created from a single log entry

REST API searches without search id

How do I enable the HTTP Event Collector?

Why am I getting an error that my license has expired or have exceeded license violations?

Setup deployment server and a heavy forwarder.

How to configure maxVolumeDataSizeMB when homePath and coldPath are both set to the same volume?

How does the volume size maxVolumeDataSizeMB apply if you have a mix of volumes and indexes paths ?

Why am I getting incorrect results from btool during diagnostics for a Splunk 6.3.1 Windows universal forwarder?

Why are changes made in props.conf not taking effect?

Data cloning and load balancing

indexer does not log security logs

Using Splunk Universal Forwarder and scripted inpu...

why Splunk is not able to index all the data from ...

Monitor Server Transaction Log File (.ldf) on Splu...

Collect Perfmon counters data for ASP.NET & Paging...

Splunk eStreamer for FMC version 4.011 setup page...