Getting Data In

Community Activity

What is the difference between splunk forwarder and syslog diversion to index? Hi , I would like to know the difference between Splunk forwarder and syslog diversion to indexer . I use Linux and... by rageshkg New Member in Getting Data In 01-31-2018 0 1	0	1
Why am I unable to receive logs after a new index is configured in my environment? A new index is configured in our environment and all required settings are being made. But we are still not receiving... by Utkarsh_Singh New Member in Getting Data In 01-31-2018 0 3	0	3
Props/transforms issue with host extraction and Line breaking Transforms.conf [force_host_for_testdata] DEST_KEY = MetaData:Host REGEX = server:([^\]+) FORMAT = host::$1 [force_... by sidhantbhayana Path Finder in Getting Data In 01-30-2018 0 6	0	6
SPECIFIC sourcetypes are not forwarded while everything is forwarded.Splunk Forwarder is showing that log file is emptyline as a WARN message in Splunkd.log as Follow : Splunk Forwarder is showing that log file is emptyline as a WARN message in Splunkd.log as Follow : 01-23-2018 20:5... by akhil36109 New Member in Getting Data In 01-30-2018 0 0	0	0
Configure SYSLog on a Windows Server Hello, my question might be dumb but it is worth to ask, On a Windows Servers, how do i configure to send the authe... by jesusgalloEMC Explorer in Getting Data In 01-30-2018 0 1	0	1
How to pass Auth Key in Threat Intelligence Download URL? I created a 'Threat Intelligence Download' mod input and I am needing to pass Auth Key as I was getting an error as "... by harish_ka Communicator in Getting Data In 01-30-2018 1 1	1	1
What conf files must I update to change the 50000 limit for external scripts? Hello, I currently have an external python script that is called by my search to manipulate data. Everything works ... by andrewtrobec Motivator in Getting Data In 01-30-2018 0 2	0	2
Splunkforwarder not collecting some logging data from host? Running Splunk 6.5.0, host in question is a linux box, seeing that it's collecting _internal logs, other defined "app... by joesrepsol Path Finder in Getting Data In 01-30-2018 0 2	0	2
The Common Information Model, Syslog logs, and unsure where to go from here. Hey splunk>answers, As the title suggests I'm not sure what or how I should go about any of this. The long story sho... by tentontitan New Member in Getting Data In 01-30-2018 0 2	0	2
SEDCMD not executing I am trying to clean up some log data at index time using SEDCMD. I have a custom sourcetype (cloudfront_http) tha... by jcbrendsel Path Finder in Getting Data In 01-30-2018 0 8	0	8
How to use Splunk to check a directory to see if it exceeds 200 files to send an alert? Using Windows version of Splunk to check a directory and if it exceeds 200 files, send an alert. Thank you for your ... by Falcon1 New Member in Getting Data In 01-30-2018 0 5	0	5
How do we assign each JSON document to a distinct event? We have a case in which multiple json documents are being clamped together into one Splunk event. How do we untangle ... by ddrillic Ultra Champion in Getting Data In 01-30-2018 0 14	0	14
Monitoring large amounts of SCADA type data and producing reports Hi, I'd like to use Splunk to be able to monitor a large amount of SCADA type data e.g. a sensor which updates each... by streddy Explorer in Getting Data In 01-30-2018 1 4	1	4
Refresh Transform Hi I am trying to define a new transform.conf in SPLUNK 7 so that a lookup can take a wild character. The initial... by robertlynch2020 Influencer in Getting Data In 01-30-2018 0 1	0	1
Why does search via REST API only outputs internal debug data? Hi, we have a Splunk 5 system running. When we try to do a search via the REST API, we get debug output information b... by tpaulsen Contributor in Getting Data In 01-30-2018 0 2	0	2
AggregatorMiningProcessor - Log ERROR Hello all, I am facing the below error and I dont know the reason for that. Does someone know the possible reasons t... by danillopavan Communicator in Getting Data In 01-30-2018 0 4	0	4
File Monitor: Avoid indexing files during the copy process Hello, I have a problem with the file monitor. I guess it's not the right way using it, but I don't know any other m... by BMacher Path Finder in Getting Data In 01-30-2018 0 3	0	3
Why is the event line breaking not working properly for JSON format? I tried a few solutions but none worked for me so far: answer-614348 I have an application that writes in some sort... by fmorar Engager in Getting Data In 01-30-2018 0 2	0	2
HTTP Event Collector 400 Bad Request I am sending a request to Splunk using .NET code which returns a response of (400) Bad Request. The bytes are seen as... by KP2018 New Member in Getting Data In 01-29-2018 0 3	0	3
What happens when indexer encounters an event with timestamp older than configured retention period I had this particular scenario where I was not able to assert Splunk indexer behavior. Retention period for a index i... by immortalraghava Path Finder in Getting Data In 01-29-2018 0 4	0	4
Can we send an HTTP request to a tcp port? We opened a tcp connections and the client is sending an HTTP request. Is it "legal"? We see within Splunk - Al... by ddrillic Ultra Champion in Getting Data In 01-29-2018 0 2	0	2
How do I route pre-processed data to a specified index, based on field value? I have app data routing from one set of Relay Forwarders (DEV) into another set of Relay Forwarders (sandbox) and the... by atari1050 Path Finder in Getting Data In 01-29-2018 0 5	0	5
How to use Splunk to detect custom log pattern when using sleuth for traces? Sample log file output 2018-01-29 17:46:35.341 INFO [hello-service,ca62f5d265c65e37,ca62f5d265c65e37,true] 9404 ---... by volijaadu New Member in Getting Data In 01-29-2018 0 2	0	2
HTTP Event Collector and splunk index cluster Hello, We are running splunk version 6.3.3 with indexer clustering enabled. We have got 3 indexers in the cluster. W... by sim_tcr Communicator in Getting Data In 01-29-2018 0 7	0	7
Why is the interval of 1 second not working in input.conf? I want to run my script at every second, so I set the interval to 1 second in input.conf file. But the script is not ... by kaushal28 New Member in Getting Data In 01-29-2018 0 2	0	2