Getting Data In

Community Activity

How to know the amount of data forwarded by each host per day? Hello All, I'm new to splunk and the company i'm working for installed the Splunk forwarders on many laptops a long t... by rsoufiane New Member in Getting Data In 08-07-2018 0 1	0	1
Why could splunk bring duplicate events from a database? I'm bringing transactions from an IBM cloudant database but doing the indexing brings twice as many events. by jvergara New Member in Getting Data In 08-07-2018 0 3	0	3
Do we need to add props.conf at indexer if we are using BREAK_ONLY_BEFORE and MUST_BREAK_AFTER? Hi All, Is it necessary to add props.conf at indexer when we want to break the file using BREAK_ONLY_BEFORE and MUS... by nasrinmulani New Member in Getting Data In 08-07-2018 0 2	0	2
How to keep a semicolon in a Key-Value when KV_MODE=auto? Hey guys, I have a log file with multiple key-values and most of the values are containing semicolons. Example: Te... by DennisFFM Explorer in Getting Data In 08-07-2018 0 1	0	1
Can't launch bat file at UF I am trying to launch some batch file but UF don't want to do this. My input.cong contain: [script://.\bin\script\Log... by atyshke1 Path Finder in Getting Data In 08-07-2018 0 6	0	6
whitelist directories inputs.conf We've ~1000 directories in path and we want to monitor only a few selected directories. I tried to use the whitelist,... by nmohammed Builder in Getting Data In 08-07-2018 0 3	0	3
How to monitor a directory for file changes? I want to monitor some folder for file changes (files added/deleted/modified) and see when they happened. Ideally I w... by Leo Splunk Employee in Getting Data In 08-07-2018 0 2	0	2
Javascript(HTML) and Python Good day, Is it possible to change the value of the python script and trigger it to run example: I have a JAVA SCRIP... by jadengoho Builder in Getting Data In 08-06-2018 0 3	0	3
How to continuously monitor a file from a shared folder or path? Hai All, Please help me out to understand. how to continuously monitor a file from a shared folder or path? Thanks... by Shan Builder in Getting Data In 08-06-2018 1 6	1	6
indexing triage how can I skip alerts when indexing is stopped or indexers are stopped or indexing latency is more than 15min by nagarjuna280 Communicator in Getting Data In 08-06-2018 0 2	0	2
Multi sites indexers without the same number of peers Hello, I currently have a multi site clustering. Our architecture have 2 sites, and these 2 sites don't have the s... by davidf_bkk New Member in Getting Data In 08-06-2018 0 2	0	2
kubernetes 1.9.4 breaking changes: Universal Forwarder I've setup splunk universal forwarder as a daemonset on our kubernetes cluster. 2 nodes are running kuberntes 1.9.3 a... by gcyre New Member in Getting Data In 08-06-2018 0 7	0	7
Is there a way to configure my Splunk Cloud account to execute queries in CEST? Hello My company is using Splunk cloud. We are in CEST time (UCT +2h). Splunk displays data in UCT, so it's not conv... by slipinski Path Finder in Getting Data In 08-06-2018 0 1	0	1
XML File with namespaces parsing i All, I have a log which as events as xml with namespace/xsl. Example log <soap:Envelope xsi:schemaLocation="http:... by somesoni2 Revered Legend in Getting Data In 08-05-2018 0 2	0	2
Azure Logging and Telemetry Hello all! We are switching from AWS to Azure and I am in the infant stages of seeing that resources are avail (both ... by brent_weaver Builder in Getting Data In 08-04-2018 0 0	0	0
Are there time parser functions that won't work in tokens set by the time input I am trying to create a "between now and now string" using the following: <input type="time" searchWhenChanged=... by camillak Path Finder in Getting Data In 08-03-2018 0 2	0	2
What happens with Seek Address if I append new data to a log file(.csv) and save it while Splunk is indexing the file? Hey all, I have a daily .csv log file that gets updated with new info every time another app finishes some jobs. I'm... by kevinvrb Engager in Getting Data In 08-03-2018 0 1	0	1
How can I split the field How can I split the field And I have used the method field=资源昵称 "(?\w+)-(?\w+)-(?\S+)" But it can not fetch second s... by flzhang132 Explorer in Getting Data In 08-03-2018 0 1	0	1
How can I authenticate (Basic HTTP) a workflow action? I am collecting O365 email logs using Microsoft's MessageTrace api. There is another api called MessageTraceDetail, w... by dpanych Communicator in Getting Data In 08-03-2018 0 1	0	1
Checkpoint R75.40 and OPSEC LEA I've been trying to get the OPSEC LEA loggrabber working with my Splunk (v4.3.2) and Checkpoint (R75.40). I've follo... by pajohnston Explorer in Getting Data In 08-03-2018 3 4	3	4
Is there a way to delete old log file in UF before start re-ingestion? Hi, This is same scenario as my last question. I am getting data from a server where i have installed my UF. every ni... by chandana204 Communicator in Getting Data In 08-03-2018 0 2	0	2
How to get lost data into UF from the last disabled/turned off time automatically Hi, I have new scenario. I installed Universal Forwarder in a server where i get other server_logs in a folder. Whe... by chandana204 Communicator in Getting Data In 08-03-2018 0 3	0	3
how to subtract two date and time Hi , I have two date formats i have to subtract to find the time duratiuon.Can anyone help me convert these to epoc... by Mohsin123 Path Finder in Getting Data In 08-03-2018 0 2	0	2
Update splunk inputs.conf in ECS container instance when task is updated Hi, I am using AWS ECS for hosting some of my microservices with splunk installed in my AMI. I have mapped all my lo... by johannliebert Engager in Getting Data In 08-03-2018 0 1	0	1
How do I configure my heavy forwarder to filter and route data as expected? I'm having some issues with a heavy forwarder that I can't explain, and I was hoping someone could help me. First qu... by herman_vb New Member in Getting Data In 08-03-2018 0 5	0	5