Getting Data In

Community Activity

Possible to use setup.xml in an app to create a new data input? So I created an app that defines a new data input type in default/inputs.conf. It uses a modular input and some cust... by guldendraak Explorer in Getting Data In 07-27-2018 0 0	0	0
Index time mapping in inputs.conf I have two fileds TIME and Last execution TIME. In input.conf i have mapped TIME field to use a index time(_time) bu... by DataOrg Builder in Getting Data In 07-27-2018 0 4	0	4
Splunk unable to read files Hi, Splunk UF is setup to read files from particular directory. It reads files normally for few minutes, but suddenly... by ankithreddy777 Contributor in Getting Data In 07-27-2018 0 8	0	8
CSV data vs key-value data. Which is faster for performance? hi, We have an incoming custom dataset which consumes approx 700GB a day and is currently used for CIM. Currently it ... by koshyk Super Champion in Getting Data In 07-26-2018 0 12	0	12
Logs have been FIFO'd but i still need. How do i get them back in? Working in Windows I have a directory of sharepoint logs that i have been pulling for years. I've recently started to... by Jarohnimo Builder in Getting Data In 07-26-2018 0 1	0	1
Why does clustering always appear as a repeat phenomenon without a reason? hello, I have a strange question, This question is described as a bit rough. I have a single site cluster... by xsstest Communicator in Getting Data In 07-26-2018 0 6	0	6
AggregatorMiningProcessor - Breaking event because limit of 256 has been exceeded - data_source= we are getting the below errors from splunkd.log. the issue is we weren't able to search the logs from splunk console... by sandeepkalra New Member in Getting Data In 07-26-2018 0 1	0	1
Why is JSON from scripted input raw events in random orders? have no idea what is going on here. I can make the same api call that the script is and receive the json back in the... by Cuyose Builder in Getting Data In 07-26-2018 0 3	0	3
passing of events field with spaces Hi, I wanted to display Message in message field value. I wanted to do the set up in prof.conf. Can anyone please hel... by swetar New Member in Getting Data In 07-26-2018 0 1	0	1
Modify JSON Objects at indexing time Hello there, I have the issue that there are more events in one JSON-Object. Heres an example: { category: Network... by mdorobek Path Finder in Getting Data In 07-26-2018 0 2	0	2
Pull syslog data from EC2 instance into Splunk We're running an on-prem instance of Splunk Enterprise behind a firewall which (currently) does not permit ingress on... by olgamirth New Member in Getting Data In 07-26-2018 0 2	0	2
To monitor which Windows server are not sending logs to Splunk I want to check which server are not sending logs to Splunk as our monthly maintenance. Can you guys help me what is... by karambaz New Member in Getting Data In 07-26-2018 0 3	0	3
Does Splunk support LEEF formatted events? Does it support LEEF, Log Event Enhanced Format? by the_wolverine Champion in Getting Data In 07-26-2018 2 2	2	2
Windows IIS Log and Splunk On a Windows 2012 Server the daily IIS log is held open and sits at "0" bytes in size throughout the day. It appears ... by aegis53 New Member in Getting Data In 07-26-2018 0 1	0	1
How to send data from IBM AS400 to Splunk via syslog? I want to create a connectivity between splunk enterprise and AS400. I tried to send logs via syslog, but Splunk didn... by Afef Communicator in Getting Data In 07-25-2018 1 7	1	7
Host rewrite not working... I'm trying to rewrite the host field based upon values in my data. Here is a sample event: {"href":"/orgs/1/audit_l... by responsys_cm Builder in Getting Data In 07-25-2018 0 2	0	2
i can see only splunk example queries and no example output results. is there a document whcih have both exmple queires and the sample outputs. i can see only splunk example queries and no example output results. is there a document whcih have both exmple queir... by gannysplunk New Member in Getting Data In 07-25-2018 0 3	0	3
Forward messages to different indexes based on the value of its field Is it possible to forward messages to different indexes based on the value of message field ? And which forwarder is ... by myordanov95 Engager in Getting Data In 07-25-2018 0 8	0	8
JSON is being cut off at "created" key I've got a pretty strange issue, and I'm sure there is a simple answer for it. Here is my env: 7.1.2All default conf... by helius Path Finder in Getting Data In 07-25-2018 0 4	0	4
How do I ingest the details tab in Windows Forwarded Events? I have a server that received forwarded event logs from clients within my Enterprise. The event logs are simple to re... by devinmclean Path Finder in Getting Data In 07-25-2018 1 5	1	5
Custom fields for CSV Input Hi All, We have Splunk environment with Indexers clustered and many forwarders managed by Deployment server. We are ... by siva_cg Path Finder in Getting Data In 07-25-2018 0 1	0	1
Simple search using cURL returns empty results I tried following a simple cURL request based on the training video and I get no results. I run my search: curl -u i... by pfabrizi Path Finder in Getting Data In 07-25-2018 0 3	0	3
Why are my Palo Alto firewall logs not forwarding to Splunk anymore? Hello. My Palo Alto firewall logs were successfully forwarding to Splunk for a while, except today I noticed that for... by johannterc New Member in Getting Data In 07-25-2018 0 3	0	3
After the Upgrade to 7.0.3 the inputlookup command not working properly The lookup file was working fine for long time (2 months) and contained 1000+ entries However, after upgrading to 7... by renjujacob88 Path Finder in Getting Data In 07-25-2018 0 0	0	0
How to list all the values which are greater than or equal to three after splitting? I have following values for a field="Listdir". I want to get the only the values which contains 3 or more directories... by bollam Path Finder in Getting Data In 07-25-2018 0 4	0	4