Getting Data In

Discussions

Thread Info

Disabling Transparent Huge Pages on Splunk docker release

I recently learned, using SplunkAdmins app that I should disable Transparent Huge Pages on my Splunk Enterprise host....

by Explorer in

Logging Scanners & Digital Senders

Hello All, I recently set up Splunk logging for all networked printers. I thought the process would be the same fo...

by Engager in

Timestamp format with leading hash sign, #Fri Aug 31 14:37:21 2012

Any suggestions on the format that I could use to extract this timestamp? #Fri Aug 31 14:37:21 2012 thanks, ...

by New Member in

Line breaking : problem with blank lines ?

Hi experts, I'm collecting logs wich look like this : 2019-12-18_09:51:42.982 [] [req-] INFO ParGideBS.getByCl...

by Path Finder in

Index By host OR Sourcetype by host

Hello, I have 2 questions I am hoping someone can help me with. I am trying to figure out how to categorize data b...

by Engager in

How to call $SPLUNK_HOME or %SPLUNK_HOME% from a .bat file for Windows Scripted input?

I have a working scripted input using the first method below, however I'm wanting to get rid of the hard coding of SP...

by Motivator in

syslog-ng props and transforms conf for ingesting data

Hi! I'm trying to ingest metric data from a Virtual Machine Linux box, using syslog-ng and Splunk Universal Forwar...

by New Member in

Run universal forwarder in Docker as unprivileged account

I am trying to run the universal forwarder in OpenShift which by default doesn't allow containers to run with a privi...

by Engager in

How find index-time field extractions.

Hello all, Our environment has some custom index-time field extractions we find to be very useful (yes, I know Spl...

by Communicator in

Problem with my search (activity log on of 3 users , Active directory)

Hello everybody, (Sorry for my english) splunk version 7.0.0 I have two problems on my search I am searching the a...

by Engager in

How do I copy forwarder inputs from one indexer to another indexer?

I'm working on load balancing the universal forwarder and want to make sure the additional indexer that will now rece...

by Explorer in

Hostname macro in inputs.conf

Hi, I have a Linux based application server that exists in two copies on xhostA and xhostB. I am getting their syslog...

by Contributor in

how to configure splunk forwarder to monitor a file whose name changes on daily basis

Hi All, I am trying to monitor a logfile which is generated in a path every day at 23:55 from a python script. My ...

by Explorer in

Release schedule for docker images

What is the release schedule for docker images? It doesn't look as if the version of 7.2 that is patched against the ...

by Explorer in

Metrics dimensions shares

What is the best way to get dimensions share for metrics index? For example is I have dimension IS_ERROR with "bool v...

by New Member in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Disabling Transparent Huge Pages on Splunk docker release

Logging Scanners & Digital Senders

Timestamp format with leading hash sign, #Fri Aug 31 14:37:21 2012

Line breaking : problem with blank lines ?

Index By host OR Sourcetype by host

How to call $SPLUNK_HOME or %SPLUNK_HOME% from a .bat file for Windows Scripted input?

syslog-ng props and transforms conf for ingesting data

Run universal forwarder in Docker as unprivileged account

How find index-time field extractions.

Problem with my search (activity log on of 3 users , Active directory)

How do I copy forwarder inputs from one indexer to another indexer?

Hostname macro in inputs.conf

how to configure splunk forwarder to monitor a file whose name changes on daily basis

Release schedule for docker images

Metrics dimensions shares

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

Can you use ingest actions against _raw?

Can Data Manager import Cloudwatch ECS Fargate log...

cisco sdwan & cloud splunk: how to get data_input

Assistance Needed: Reformatting Provided Events to...

XML Regex Conversion