Getting Data In

Community Activity

increasing maxKBPS for only one splunk forwarder host Hi Splunkers , I am getting this splunkd log entry in only one splunk forwarder . 05-09-2018 08:11:39.579 +0000 IN... by kannu Communicator in Getting Data In 05-12-2018 0 4	0	4
How to change default "acceptFrom" for all Splunk REST API endpoints? In the restmap.conf file, you can specify acceptFrom to limit access to Splunk REST API endpoints to specific IPs. By... by SplunkPersonal Path Finder in Getting Data In 05-12-2018 0 5	0	5
Login Woes I downloaded and installed Windows version of Splunk. But its not accepting my login ID and Password. What should I ... by isiddiqui004 New Member in Getting Data In 05-12-2018 0 6	0	6
How to configure Universal Forwarder on my personal machine where Splunk Enterprise is installed for learning purpose? I installed Splunk Universal Fwd and Splunk Enterprise on my C drive. I created a sample file and modified the inputs... by ashishmaind2499 New Member in Getting Data In 05-12-2018 0 2	0	2
Why does Splunk (re-)index this rolled file? How to troubleshoot? Inputs stanza from btool: [monitor:///apps/Logs//www/Reporting/CRTLog.log] _rcvbuf = 1572864 disabled = 0 host = a... by twinspop Influencer in Getting Data In 05-11-2018 0 12	0	12
Does the Greylog deployment forward events to the indexer or the forwarder? I just found out that we need to allow our Greylog deployment to forward events to SPLUNK. It looks like Greylog has ... by pfabrizi Path Finder in Getting Data In 05-11-2018 0 3	0	3
load comparision for different sources and count? In my scenario i have to compare counts of two different JVM A- Jvm B-jvm jvma1 ... by karthi2809 Builder in Getting Data In 05-11-2018 0 4	0	4
Configuring Time Zone of Source Hello, I am indexing data from an MS SQL database using the DB Connect App. The time format is in Unix epoch and is ... by timgajewski New Member in Getting Data In 05-11-2018 0 10	0	10
Why is Splunk not showing empty lines when ingesting files? This is such a basic question I'm almost embarrassed to ask. When I try to ingest a file into splunk that has some ... by MedralaG Communicator in Getting Data In 05-11-2018 0 4	0	4
Trying to Split one Event into Multiple Events Hi All, I am trying to split a Splunk event into multiple events. I just want each line to be an event, and it was m... by jordankswan Explorer in Getting Data In 05-10-2018 0 11	0	11
After installing a new UF, why is it not forwarding logs to the Indexers? 05-10-2018 15:13:13.954 +0000 ERROR TcpOutputProc - Error initializing SSL context - invalid sslCertPath for server 4... by u2s1e0n2 New Member in Getting Data In 05-10-2018 0 1	0	1
Should I create one syslog server and configure all the syslog sources to send logs to that central syslog server? We have different syslog sources. Should I create one syslog server and configure all the syslog sources to send logs... by rashid47010 Communicator in Getting Data In 05-10-2018 0 2	0	2
Why is there large data latency coming from syslog? Hello, we have a proxy network appliance running Websense, sending its logs via syslog to Splunk, We have a data la... by perfecto25 Path Finder in Getting Data In 05-10-2018 0 6	0	6
FS Change keeps adding and deleting files from monitoring I am monitoring /etc/hosts.allow and /etc/hosts.deny for change, with a poll period of 300 seconds. [fschange:/etc/h... by jdunlea_splunk Splunk Employee in Getting Data In 05-10-2018 2 4	2	4
Why is Splunk not indexing the file but configuring inputs.conf? So I am trying to monitor a file on the local indexer. I am setting it up through the Web UI to be sure it works. I g... by JordanPeterson Path Finder in Getting Data In 05-10-2018 1 3	1	3
How can I check that Splunk indexed the entire contents of a given file? I would like to check that a given file has been fully indexed by Splunk. I tried counting the lines in the source f... by hexx Splunk Employee in Getting Data In 05-10-2018 9 4	9	4
How to forward events to a cluster environment? Initially, I have a cluster environment( 3 indexes + 1 master node) I want to configure my setup like below: window... by riqbal Communicator in Getting Data In 05-10-2018 0 1	0	1
SCCM Windows KB# and Dates Hi everybody, We just started to ingest SCCM v1606 Logs into our Splunk, the main goal is to see the following: -Se... by JRamirezEnosys Explorer in Getting Data In 05-10-2018 1 2	1	2
REST API with namespace? I have a Search Macro in my Splunk application. I would like to invoke this Search Macro via REST API. To do that, ... by Mick Splunk Employee in Getting Data In 05-10-2018 5 2	5	2
Line Breaker help Hi Guys, I'm trying to ingest an entire html file as a single event everytime it gets written. The html file ALWAYS... by richnavis Contributor in Getting Data In 05-10-2018 0 5	0	5
Universal forwarder (Windows) does not send logs even though "active" Hi Folks, I am testing log forwarding using universal forwarder from Windows to Splunk but can't seem to receive any... by Sagar0511 Explorer in Getting Data In 05-09-2018 0 4	0	4
File monitor not indexing all data in a file I've installed UF on a Windows 2012 R2 server and created a directory monitor via the inputs.conf file at C:\Program ... by ericlavalley Explorer in Getting Data In 05-09-2018 0 10	0	10
How to spot differences in two names in a list in CSV files? I'm having a hard time coming up with the right query or search. My dilemma is I have 2 separate lists containing nam... by jcadena New Member in Getting Data In 05-09-2018 0 2	0	2
User can see data in one index but not another with the same config I've recently added some configuration that creates indexes for data. Each index has a corresponding role that adds b... by krisreeves Path Finder in Getting Data In 05-09-2018 0 3	0	3
Can you index certain filetypes contained within a zipped file? I've seen older answers that state you cannot ingest only certain files from a zip file. Say, only .csv files from a ... by thisissplunk Builder in Getting Data In 05-09-2018 0 0	0	0