Getting Data In

Community Activity

TRANSFORMS-ROUTING filtering out source address I have set up a TRANSFORMS-ROUTING and it is forwarding data to a 3rd party however, they do not want to see the sour... by sbattista09 Contributor in Getting Data In 06-18-2018 0 2	0	2
Heavy Forwarder vs. Reduced Splunk Enterprise & DB Connect App Hello everyone! My team and I are attempting to create a service for our departments' applications that enable them ... by thomastaylor Communicator in Getting Data In 06-18-2018 0 3	0	3
Search fields not updating on token set I am attempting to set a token via a drilldown in a simple xml dashboard as a way to filter a table. <input typ... by jdcain Engager in Getting Data In 06-18-2018 2 0	2	0
How does Splunk work on Workstation after a network disconnect? Hello I am trying to understand how SPLUNK works on Workstation after a network disconnect. Is it the same process ... by jip31 Motivator in Getting Data In 06-18-2018 0 6	0	6
How to override the props source? I have the below configured but source is not being over written. I am trying to wild card anything after Windows in... by coreyf311 Path Finder in Getting Data In 06-18-2018 0 6	0	6
How to include a unique ID to rsyslog client config? Is there a way to assign a unique id to each rsyslog client node. I'm trying to build a solution where multiple rsysl... by varunmalhotra1 Explorer in Getting Data In 06-16-2018 0 4	0	4
Minimizing or disabling json Syntax Highlighting automatically Hello, I have a dataset that consists of json data (using the _json sourcetype), where each event has about 30 field... by noahdietrich Explorer in Getting Data In 06-16-2018 1 1	1	1
Unable to drop event I'm trying to drop some failed messages from an imported txt file, but they continue to be in the sourcetype. The reg... by alanhowlett New Member in Getting Data In 06-15-2018 0 13	0	13
How to use the last import for my source? I have a file that gets imported every time it changes. Each line in the file shows up as an event and I want to use... by chadman Path Finder in Getting Data In 06-15-2018 0 3	0	3
how to pick values by latest source Hi, My source file gets updated every 5 minutute . How to chart values of a field by the latest source file? by Mohsin123 Path Finder in Getting Data In 06-15-2018 0 1	0	1
Splunk Monitor File and Folder: Not uploading all files HI All, I am trying to monitor 3 CSVs from a same folder via Splunk : Settings -> Data Input -> Files & Directories.... by Chandras11 Communicator in Getting Data In 06-15-2018 1 13	1	13
How to configure a standalone splunk enterprise ? I am setting a local splunk setup with 1 Search Head , 1 Indexer , I HF . Please guide me steps to configure all 3 c... by rsplunk_user New Member in Getting Data In 06-14-2018 0 1	0	1
Why does a group not see the all of the events they should see? We have a security group that only sees a portion of the hosts they should be seeing from specified sourcetypes. For... by RedHonda03 Explorer in Getting Data In 06-14-2018 0 3	0	3
Search Filters (srchFilter) when a user is in multiple groups/roles When a user is in multiple Splunk roles (possibly because they are assigned to multiple LDAP/AD groups that are mappe... by gkanapathy Splunk Employee in Getting Data In 06-14-2018 4 3	4	3
Splunk Forwarder preventing application from logging Our Splunk Forwarder on Windows Server is monitoring 2 folders containing approximately 1k log files total. I am ign... by ebuljan New Member in Getting Data In 06-14-2018 0 6	0	6
How to split a column of results into two? I have the following table and i wish to split the data to two columns one weighted one not: all of these fields are ... by masonwhite Explorer in Getting Data In 06-14-2018 0 4	0	4
error during csv index extraction I have setup a process where a heavy forwarder is ingesting a large number of csv files and the process seems to be w... by ebaileytu Communicator in Getting Data In 06-14-2018 0 3	0	3
Where is the invalid key in my inputs.conf? Receiving: Invalid key in stanza [monitor://D:\\radiantone\\vds\\vds_server\\logs] in , line 6: whitelist1 (value: v... by cburgman Path Finder in Getting Data In 06-14-2018 0 4	0	4
Delete splunk.com Account HI. I would like to delete my current account and open a new one. My current id "army4282" has a specific army troop ... by army4284 New Member in Getting Data In 06-14-2018 0 1	0	1
How to monitor a single file to be indexed by modifying inputs.conf? I'm having trouble getting a single file to be indexed. I have successfully monitored all files in a directory before... by chrisduimstra Path Finder in Getting Data In 06-14-2018 0 8	0	8
What is the best way to get DCOS Mesos/Marathon to forward their containers logging into Splunk? What would be the best way to get DCOS Mesos/Marathon to forward their containers logging to Splunk? As our Devs tol... by splunk_zen Builder in Getting Data In 06-14-2018 0 2	0	2
How to write data into different sourcetype? Hello, I am doing an addon, in the addon i am going to get data from multi-endpoints, and write them to different so... by wangzhaoyu New Member in Getting Data In 06-14-2018 0 0	0	0
How to can I configure dynamic sourcetype assignment on a Universal Forwarder or a Heavy Forwarder? I have a folder which has multiple log files in format CalculationMgr-xxx(xx).log and EventMgr-xxx(xx).log where xx i... by santosh_sshanbh Path Finder in Getting Data In 06-14-2018 0 2	0	2
Splunk DB Connect: How do I troubleshoot why Java Bridge server not running from these error messages in the jbridge.log? Running on Windows, DB Connect 1.1.6, Java 1.8.0_31. Here is the latest in the jbridge.log 2015-03-18 09:37:38,740 I... by hoopydave Path Finder in Getting Data In 06-14-2018 0 6	0	6
Parsing libsvm events I'm trying to parse a number of different libsvm files https://www.csie.ntu.edu.tw/~cjlin/libsvm/faq.html#/Q03:_Data_... by msivill_splunk Splunk Employee in Getting Data In 06-13-2018 0 1	0	1