Getting Data In

Community Activity

iis server on board into splunk Hello Professionals, we set up Splunk about 6 months ago, now we would like to onboard iis server to Splunk.May I kno... by ramkilku New Member in Getting Data In 03-08-2018 0 3	0	3
Powershell input for Splunk universal forwarder - Windows Server I am just trying to create a dashboard which shows Windows System information (like Task Manager) Powershell script:... by chimbudp Contributor in Getting Data In 03-08-2018 1 5	1	5
Can you put an overlay on a mstats prediction? I had a question from one of our engineers who are looking to leverage the metric indicies to do predictions of memor... by paimonsoror Builder in Getting Data In 03-08-2018 0 0	0	0
input stanza for on prem codedeploy logs we use codedeploy to deploy to some of our on prem servers with the codedepoy agent it logs to C:\Deployments\xxxxxx-... by bobmccoy Explorer in Getting Data In 03-08-2018 0 1	0	1
Splunk ML Toolkit, Python, Custom Algorithm: How do I output a plot in a custom algorithm? For ex, in the supplied CorrelationMatrix example, can I plot the correlation values? Something like a 'corrplot' in ... by absdef New Member in Getting Data In 03-08-2018 0 0	0	0
How to rename index in data sent from another splunk instance? We are receiving data from an external splunk instance. They have indexes A,B,C. When our indexers receive there da... by coreyf311 Path Finder in Getting Data In 03-08-2018 0 2	0	2
Authentication error: Client is not authenticated while trying to add search peers to the search head I'm trying to set up a simple Splunk environment, but when running: $SPLUNK_HOME/bin/splunk add search-server http:/... by snorri Path Finder in Getting Data In 03-08-2018 0 1	0	1
How can I further edit inputs.conf in order to blacklist an event on Windows forwarder? Hi, I am tired of making this filter work but unfortunately nothing worked. I have Windows Security events where the... by fatemabwudel Path Finder in Getting Data In 03-08-2018 0 1	0	1
How to filter users ending with $ using inputs.conf on a UF v6.6. Hi and thankyou in advance, I need to be able to filter EventCode 4624 to NOT includes events with "Account Name" en... by gerald_contrera Path Finder in Getting Data In 03-08-2018 0 1	0	1
How would I filter WinEventLog inputs on custom text? Using the following inputs.conf on a Splunk forwarder; [WinEventLog://Security] index = wineventlog_test st... by mcrawford44 Communicator in Getting Data In 03-08-2018 4 4	4	4
DateParserVerbose - Failed to parse timestamp. Defaulting to timestamp of previous event Warning is coming in a JSON data load for EPOCH TIMESTAMP Hello, I'm trying to get the timestamp from the below JSON data. I have two type of JSON data to be indexed in Splunk... by pbankar Path Finder in Getting Data In 03-08-2018 0 7	0	7
Is the performance impacted when you secure data transmission between forwarder and indexer? I want to know if there are performance/resources impact on your forwarders/indexers. I will be following the link be... by SAICronbuzon New Member in Getting Data In 03-08-2018 0 1	0	1
What uses the management port? Under what circumstances does the splunkd service need to be accesable by anyone/thing besides the http server? by matt Splunk Employee in Getting Data In 03-08-2018 2 5	2	5
how transforms.conf and props.conf works? what is the difference between props.conf and transforms.conf and how its works by DataOrg Builder in Getting Data In 03-08-2018 0 1	0	1
How to make Splunk guess the correct date if only time is given? Hi, I have a log file that looks something like that 2018-03-06 00:30 abc 00:40 def 01:40 ghi 03:40 jkl 09:40 mno 2... by gschr Path Finder in Getting Data In 03-08-2018 0 7	0	7
Why can't the forwarder index and populate data? We're unable to get the forwarder to index/re-index and populate data - any make out what is happening here? Thanks ... by shawno New Member in Getting Data In 03-07-2018 0 3	0	3
What are the best practices to send syslog from firewall via udp:514? Hi Splunk, I have one master node with 2 indexers, and 1 search head. How is the best pacticies to send syslog inform... by kisero Engager in Getting Data In 03-07-2018 0 3	0	3
How can I evenly balance between two sets of indexers? all, I have set of indexers. One set is index clustered, modern hardware and super fancy. ANd I have my old stuff. ... by daniel333 Builder in Getting Data In 03-07-2018 0 1	0	1
Where is the frozen data stored ? Hi there, Below is sample index configuration: [apache_web] homePath =/splunk/hot/apache_web coldPath = /splunk/col... by iamlearner123 Explorer in Getting Data In 03-07-2018 1 1	1	1
Problem parsing indexes.conf: Cannot load IndexConfig: ... Hi guys, I'm new to dealing with .conf files so I'm having a practice on my own home splunk instance. My goal is to... by Robbie1194 Communicator in Getting Data In 03-07-2018 0 4	0	4
Why is the event sort not reflecting in Statistics tab? I have an xml containing steps with timestamps. When I run a search, I am able to sort the events based on the timest... by mawomommoh Path Finder in Getting Data In 03-07-2018 0 7	0	7
Gathering WMI from Non-Domain or Workgroup machines. It is it possible? Is it possible to gather WMI stats from a machine thats not in a domain? -- rather a workgroup. I know @Lowell addre... by Michael_Wilde Splunk Employee in Getting Data In 03-07-2018 1 3	1	3
how to customize time in search not in indexing time I have a field as created time. 06-03-2018 13:03:51 06-03-2018 13:03:37 06-03-2018 13:03:38 i want only the date as ... by DataOrg Builder in Getting Data In 03-07-2018 0 9	0	9
How to set a different time format? I am trying to format the time that is in this format: [dd/mmyyyy HH:MM:SS GMT] when I set the time_prefi to a regex ... by pfabrizi Path Finder in Getting Data In 03-07-2018 0 7	0	7
filter events based on regex and index remaining - props and transforms Im trying to filter out events based on regex and index the remaining events based on below configs..But it doesn't s... by sarnagar Contributor in Getting Data In 03-07-2018 0 8	0	8