Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
rgsurfs

Why does Splunk KVStore does not start with mongod error "please specify an sslCAFile parameter" after SSL'ing all servers? "

Windows 2008 R2 servers. I have SSL/TLS enabled all comms between search head, deployment server, indexers and unive...
by rgsurfs Path Finder in Getting Data In 09-29-2018
0 9
0
9
khyoung7410

Can I limit only certain file extensions when uploading files?

Hello ~ Can I only have a specific file extension when I upload a file? For example .. ~.log OR ~.txt OR ~.dat Pl...
by khyoung7410 Communicator in Getting Data In 09-29-2018
0 2
0
2
cipherjake

monitorではなくbatchでのinputs設定によるデメリットについて

Splunk 1台構成(OS Windows) 現在、1日に700ファイル以上のログファイルをmonitor設定で取り込んでいます。 ファイルはSplunk上に配置してローカル取込みを行っています。 今後、上記ファイルが10倍以上...
by cipherjake Explorer in Getting Data In 09-29-2018
0 2
0
2
santosh_sshanbh

How do I monitor input on Windows machine with a wild card character?

I want to monitor a log file from the below location on a Windows server. D:\Program Files\Apache Software Foundatio...
by santosh_sshanbh Path Finder in Getting Data In 09-28-2018
0 4
0
4
alpsholic

Does the REST API based search support only username/password based authentication?

Does the REST API based search support only username/password based authentication?? If I am developing an app which ...
by alpsholic Explorer in Getting Data In 09-28-2018
0 3
0
3
anlai2

Can you help me create a search that would return the number of user sessions in IIS Logs?

What is the best way to determine the number of sessions from IIS logs using search? Fields include: date time ...
by anlai2 Engager in Getting Data In 09-28-2018
0 5
0
5
acsplunkuser

Running a Universal Forwarder on the same server as the Enterprise server.

I have a Solaris 10 standalone server. Can I run a Universal Forwarder (6.0.2) on the same server that Enterprise (al...
by acsplunkuser Engager in Getting Data In 09-28-2018
0 3
0
3
iatwal

Can you help me send events to null queue from a farm of heavy forwarders (syslog servers)?

I have these types of logs coming into Splunk today from 3 heavy forwarders (syslog servers) via inputs.conf apps I'v...
by iatwal Path Finder in Getting Data In 09-28-2018
0 5
0
5
timoti

How to set up my Splunk REST API with self-signed certificates and how to configure for the REST API 8089 port?

Hello, after 2 days of trying hard on this problem, I finally give up and now I am posting it here. Well, I need to ...
by timoti Explorer in Getting Data In 09-27-2018
0 3
0
3
juanlazarosanch

Why is memory spiking on our Universal Forwarder on a Domain Controller?

One of our administrators noticed that memory is spiking on the domain controllers and seems to have pin-pointed it t...
by juanlazarosanch New Member in Getting Data In 09-27-2018
0 4
0
4
djain

Can you use a field as a filter in a dashboard with the Sum function?

Hey splunkers, This problem is haunting me. So I created a query to find a percentage on a RGU value that remains co...
by djain Path Finder in Getting Data In 09-27-2018
0 3
0
3
behudelson

How do you use the REST API to pull down source files?

Hello, I am using Splunk Cloud and I would like to use the REST API to pull down source files of my applications. I...
by behudelson Path Finder in Getting Data In 09-27-2018
0 2
0
2
Log_wrangler

In Splunk, where and when are data.gz files unzipped?

If I have an app on a heavy forwarder that is pulling in .gz files and sending them to my indexers (i.e. distributed ...
by Log_wrangler Builder in Getting Data In 09-27-2018
0 4
0
4
danielearangiom

Why is our Splunk Universal Forwarder not able to read the modification on a file under the path "C:\Program Files (x86)"?

My Splunk Universal Forwarder is not able to read the modification on a file under the path "C:\Program Files (x86)" ...
by danielearangiom Explorer in Getting Data In 09-27-2018
0 7
0
7
wegscd

Why are the indexers trying to execute these command if they are defined as 'local = true'?

We've had some custom commands defined on our indexers for years. Here is /opt/splunk/etc/apps/whirlpool_netbotz/defa...
by wegscd Contributor in Getting Data In 09-27-2018
0 3
0
3
upload

How can I get data in to splunk enterprise?

Dear all, I'm a beginer. I just built up splunk enterprise. could you please help me to get data from windows server...
by upload New Member in Getting Data In 09-26-2018
0 1
0
1
jibanes

Why does the custom search command display only 1000 events?

The following custom search command (which should return 100,000 displays) returns only 1000 events in Splunk. The r...
by jibanes Path Finder in Getting Data In 09-26-2018
0 3
0
3
madhufuture

How do I index only my application data from windows event logs?

Hi, I have an application ABC. From application ABC , I'm writing my logs to Windows Application Event logs. I want ...
by madhufuture New Member in Getting Data In 09-26-2018
0 4
0
4
kunalg

In the search head, why am I not able to see which heavy forwarder the logs are coming from?

I have 3 heavy forwarders and sending firewall logs to all heavy forwarders and then forwarder to indexer. But, when ...
by kunalg Observer in Getting Data In 09-26-2018
0 9
0
9
benthehen100

Can you help me output field name, value from stats table to CSV?

Hello, I'm trying to get a very specific output format that can be fed into our ticketing system. I have the follow...
by benthehen100 Engager in Getting Data In 09-26-2018
0 2
0
2
sabdulkader

How do I get the logs from the servers into Splunk?

Dear All, I am new to Splunk. Just installed Splunk on my servers. Kindly let me know how I can start receiving the ...
by sabdulkader New Member in Getting Data In 09-26-2018
0 3
0
3
siva_cg

Why is source type override based on host not working?

Hi All, I have some switch logs which are configured to Splunk from 3 Universal Forwarders into one index. Based on ...
by siva_cg Path Finder in Getting Data In 09-26-2018
0 6
0
6
bschaap

Is there a way to return a search.log for a recent search job using the REST api?

I'd like to monitor for certain text in a search.log for recent jobs. Is there a way to return a search.log for a ...
by bschaap Path Finder in Getting Data In 09-26-2018
0 3
0
3
ASISH_9

Added data not showing up in respective source types

I added some dummy data yesterday after creating an index and respective source type But today morning i found there ...
by ASISH_9 Engager in Getting Data In 09-26-2018
0 1
0
1
twh1

How to get repeated event for the same host and instance over the period?

I have some events on my server. I want to get events which are occurring repeatedly for same host and same instance ...
by twh1 Communicator in Getting Data In 09-26-2018
0 7
0
7
Get Updates on the Splunk Community!

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...
Top Solution Authors
View All