Getting Data In

Community Activity

Why UF think my file is binary? In my environment, UF monitors the file and forwards it to Splunk. It was able to capture the file without problems ... by yutaka1005 Builder in Getting Data In 01-15-2018 0 3	0	3
How does indexer acknowledgement work with indexer clustering replication to guarantee that no data is lost? I need to understand in detail how indexer acknowledgement works when it comes to cluster replication, specifically w... by Glenn Builder in Getting Data In 01-15-2018 1 4	1	4
Monitor events from Custom Views of Windows EventViewer Hi, we are trying to monitor some events on a Custom View created on the Windows Event Viewer like in the pic below ... by arber Communicator in Getting Data In 01-15-2018 0 2	0	2
Metric Store I have many log files that look like the one below. The first one is the unix time in milliseconds. The second one is... by wilhelmF Path Finder in Getting Data In 01-15-2018 0 4	0	4
Why does entering new line causes multiple events? In the web form application, when new line is inserted (by hitting Enter key) in text area, it logs through Logger Fa... by jkim34 New Member in Getting Data In 01-15-2018 0 4	0	4
I am not recieving the logs of my linux machine I want to receive the logs of Linux machine having UF installed in my windows machine which have splunk enterprise fr... by anshuman19 Explorer in Getting Data In 01-15-2018 0 11	0	11
How to install the latest Splunk Universal Forwarder for Windows XP? Hi, I have been trying to install a Splunk Universal Forwarder using "splunkforwarder-6.1.11-277527-x86-release.msi"... by nmar190 New Member in Getting Data In 01-15-2018 0 3	0	3
Custom Datetime.xml not working for log with multiple timestamp Hello, We have log which have 5 different timestamp. I am trying to use custom datetime.xml created using splunk tra... by hemendralodhi Contributor in Getting Data In 01-14-2018 0 1	0	1
Splunk not receiving data from forwarder - tried everything in documentation Let me preface by saying I've read through multiple threads and tried their recommendations with no luck. I have a s... by Leavittinc Engager in Getting Data In 01-14-2018 0 5	0	5
Can I truncate my Windows logs? I am being asked if we can remove some the extraneous data from our Windows logs at indexing time. I remember in cla... by pfabrizi Path Finder in Getting Data In 01-13-2018 0 4	0	4
How to properly disable a WatchedFile using the Universal Forwarder? On Solaris 10/11 - Our $SPLUNK_HOME/var/log/splunk/splunkd.log file has many of the following messages, 1 per second... by thabben Engager in Getting Data In 01-12-2018 0 2	0	2
Inconsistent linebreaker behavior Hello all, I have configured the props file to NOT break the event when encounters a new line with a date, however, ... by danillopavan Communicator in Getting Data In 01-12-2018 0 38	0	38
splunk shell scripted input not working `!/bin/sh touch $SPLUNK_HOME/etc/apps/check-status-inputs/status.txt SERVICE_STATUS=`systemctl status stackdriver-age... by saifuddin9122 Path Finder in Getting Data In 01-12-2018 0 2	0	2
Multiline event breaking not working I have a log source for LDAP that includes a mix of single line events and multiline events. The multiline events lo... by responsys_cm Builder in Getting Data In 01-12-2018 0 1	0	1
Universal Forwarder resending event log data If the IP address for a host changes or if it gets a new GUID, would the forwarder resend the entire Windows event lo... by splunkjas1 Path Finder in Getting Data In 01-12-2018 0 9	0	9
Not getting data from Heavy Forwarder Hello, Recently we have deployed the Splunk Enterprise. Our moto is to monitor Wi-Fi usage, our Wi-Fi devices sending... by munisankar New Member in Getting Data In 01-12-2018 0 21	0	21
Duplicate entries in index with JSON and missing values When I index JSON files I get duplicate entries in the Splunk index and some values are not indexed at. Example of t... by rbruinsma New Member in Getting Data In 01-12-2018 0 11	0	11
Under Web Analytics what does Top ClientIPs="-" mean? Under Web Analytics what does Top ClientIPs="-" mean? by ajay2614 New Member in Getting Data In 01-11-2018 0 1	0	1
Cisco eStreamer - Some IPS events have incorrect SID Versions Splunk Enterprise v7.0.0 Cisco eStreamer eNcore v3.0.0 Problem I currently have an issue where eStreamer ... by datorres Explorer in Getting Data In 01-11-2018 0 0	0	0
Json event breaking no longer working since forwarding method changed from using a universal forwarder to AWS Firehose Hello! I have some json data being generated by a client-side tool: { "name": "open_sockets", "hostIdentifi... by gary_richardson Path Finder in Getting Data In 01-11-2018 0 12	0	12
Where is the data for my monitor file var/log/zimbra.log file? I set up a monitor zimbra.log file, but I find it is missing the data pushed to the Splunk server compared to the act... by vumanhtai Path Finder in Getting Data In 01-11-2018 0 4	0	4
weblogic and line breaking i am trying to read the weblogic DefaultAuditRecorder.log which looks like this (and doesn't seem to be covered in th... by murhammr Path Finder in Getting Data In 01-11-2018 0 14	0	14
How to split one massive log file across multiple indexers? Is it possible to ingest one huge log file (100gb uncompressed) and round robin CHUNKS of the data to multiple indexe... by thisissplunk Builder in Getting Data In 01-11-2018 0 9	0	9
I am not able to run splunkkd service on windows10 Please find the attached error which is getting and let me know, if anyone find the solution for this error. Thanks,... by RAM2521 Engager in Getting Data In 01-11-2018 0 3	0	3
Creating new soucertype using Props.conf and transform.conf All my network data comes to default source type irrespective of type of devices. index = network sourcetype = netw... by raomu Explorer in Getting Data In 01-11-2018 0 4	0	4