Getting Data In

Community Activity

How to upgrade Splunk forwarders from a deployment server installed on a separate VM? Hi, I have set up a deployment server with a test app directory under etc/deployment-app along with a default input... by Suyalag New Member in Getting Data In 07-10-2018 0 14	0	14
Data Lab SQL Input - Temp Table Alternatives Hello, I have taken on a project at work to migrate all of our old MSSQL reports into Splunk. The SQL in these repor... by sochsenbein Communicator in Getting Data In 07-10-2018 0 0	0	0
How to install Splunk eventgen in a Windows environment? Hello, Could you please let me know how to install eventgen in window environment. Regards, Anjan by anjchatt New Member in Getting Data In 07-10-2018 0 5	0	5
Can Splunk input IBM SMF records? Can IBM SMF records be input to Splunk from z/OS? I am interested in indexing RACF data specifically. by CZ1900Splunker New Member in Getting Data In 07-10-2018 0 12	0	12
How can I compare values from the same field at different timestamps? I trying to create a graph which will be display difference beetwen values at different time. "2018-07-10 15:37:16,3... by slipinski Path Finder in Getting Data In 07-10-2018 0 1	0	1
What is the function of using these FORMAT, DEST_KEY, SOURCE_KEY and MV_ADD stanzas in transforms.conf Hi Splunk experts, Need to understand the basic function of these stanza's FORMAT, DEST_KEY, SOURCE_KEY and MV_ADD... by Hemnaath Motivator in Getting Data In 07-10-2018 0 2	0	2
Cisco IOS and WLC time format Hi all, we saw this log from cisco IOS in splunk: ...Jul 4 16:43:42 HOSTNAME 19028: 10.1.1: Jul 4 16:43:42.804: %LI... by tfechner Path Finder in Getting Data In 07-10-2018 0 4	0	4
The unexpected behavior of inputlookup command.Is it a unknown bug? Hi splunk professionals, I see a unexpected behavior about inputlookup command in ver 7.1.1. The detail of unexpecte... by Shuhei052492 Path Finder in Getting Data In 07-10-2018 0 3	0	3
Is there a way in Splunk Web to not import certain events? I'm trying import an xml and using Line_breakers and such I could get clean events that have my data of interest. Res... by splunk2day Explorer in Getting Data In 07-09-2018 0 3	0	3
How do you configure a SearchHead via CLI with stanza's? I have splunk setup in multiple environments (DEV/TST/PRD) with their own SearchHead, Deployment Servers, License Ser... by sharkannon Explorer in Getting Data In 07-09-2018 0 9	0	9
regular expression json good afternoon I'm trying to capture a particular field, but sometimes my events come several times, and declarin... by efaundez Path Finder in Getting Data In 07-09-2018 0 4	0	4
How can I upgrade Splunk Enterprise 6.6.8 to 7.1.1 in Windows Server? Hi, to test the upgrade process, we created a clone of our current splunk server (6.6.8 running on Windows Server 201... by BerndS New Member in Getting Data In 07-09-2018 0 4	0	4
Why won't Splunk parse my multi-line event properly? I am currently unable to parse my multi-line event properly using Splunk. Here is an example from the start of the ev... by smcdonald20 Path Finder in Getting Data In 07-09-2018 0 6	0	6
Missing New logs in Splunk I have NAS servers and splunk installed in Windows server, my new logs in a NAS server stopped indexing. I did troub... by CONSORP Loves-to-Learn Lots in Getting Data In 07-09-2018 0 3	0	3
How do I create two instances of the same data input on one forwarder where instance 1 goes to server 1 and instance 2 goes to server 2? Hi, Is it possible to do the following on one Splunk Universal Forwarder: inputs.conf `[WinEventLog://Security] re... by Ant1D Motivator in Getting Data In 07-09-2018 0 0	0	0
Does Splunk support capturing data from CA Layer7 and how? Layer7 was acquired by CA and is offered as an API Management Platform. It seems that Layer7 should be able to send l... by Phranquelyn New Member in Getting Data In 07-09-2018 0 2	0	2
Splunk for Job Monitoring. Hello Experts!!! I am new to Splunk and just started learning Splunk from couple of days. We are using an in-house ... by gaurav_bhide New Member in Getting Data In 07-09-2018 0 1	0	1
TIME not getting milliseconds Hi all, I do have a log which does look like this: Jul 6 09:31:18.729: %SYS-5-CONFIG_I: Configured from console by... by MERBAG Explorer in Getting Data In 07-08-2018 0 15	0	15
How to parse a JSON from REST API? Hi all, I need some help parsing a JSON containing none/one/multiple nested messages that I have imported via REST AP... by claudio_palmeri Explorer in Getting Data In 07-07-2018 0 4	0	4
How to set up a high available syslog drain for cloud foundry to Splunk? We have a cloud foundry set up and wants to forward the logs to splunk as syslog drain. The TCP/UDP input method is n... by sgp0637 Engager in Getting Data In 07-07-2018 0 2	0	2
using stream forwarder to forward pcap data Hi, I would like to forward pcap data using tcpreplay on a remote machine which has installed a stream forwarder to f... by weicheng98 Path Finder in Getting Data In 07-07-2018 0 0	0	0
How to tag events based on the host value that contains a condition? Events from our DEV/PROD servers are ingested into the same index. This index already has events since 1 year. The on... by ReachDataScient Explorer in Getting Data In 07-06-2018 1 3	1	3
what is the easy way to split _raw column using comma delimiter and show in table I have the _raw data in the following format. I just need to split that data and show each value in a separate column... by arkisa New Member in Getting Data In 07-06-2018 0 1	0	1
if-else statement with timeframe I would like to specify my search to return a previous months + the current months data if the count outputted by jus... by shreyad Explorer in Getting Data In 07-06-2018 0 6	0	6
Custom inputs.conf files in distributed architecture We are using a distributed architecture and I have a couple of servers with custom windows logs that we want to pull ... by lball Explorer in Getting Data In 07-06-2018 0 1	0	1