Getting Data In

Community Activity

How to configure the input to index Task scheduler logs from a windows machine? Hello All, can any one please help me out in how to index the Task scheduler logs from the windows box..?? Need to ... by RashmiGowda Explorer in Getting Data In 11-30-2017 1 2	1	2
Windows XP, Splunk keeps converting User Account Name to some random ID, how to avoid the converting? [WinEventLog://Security] disabled=0 start_from=oldest current_only=0 evt_resolve_ad_obj=0 checkpointInterval=5 whitel... by Kitteh Path Finder in Getting Data In 11-29-2017 0 9	0	9
Will monitored files that are renamed be reindexed? I have an application that uses rolling logging. The rolling logging works as such: logs are initially written to "... by joshuapetitt Path Finder in Getting Data In 11-29-2017 0 4	0	4
How to monitor and index tar.gz files in Splunk? I have a tar.gz file and I wan't to continuously monitor it. I tried to index it to Splunk Enterprise via Settings>Da... by dantimola Communicator in Getting Data In 11-29-2017 0 21	0	21
Persistent Queue not working for Heavy Forwarder on Splunk Enterprise 6.3.2 Hi all, I am current trying to test persistent queue to see whether it works on heavy forwarder. However, it doesn't... by xrtan Explorer in Getting Data In 11-29-2017 0 2	0	2
How do you get data into Splunk Enterprise with a universal forwarder? I installed a Splunk Enterprise 7.0 on a Unix machine and wish to get data from a Windows machine (any data would suf... by bwouters Path Finder in Getting Data In 11-29-2017 0 5	0	5
Trouble getting data to indexer from fortigate I am not getting data to my indexer(centos) from fortigate firewall. Port 514 is open but i am unable to telnet. Is t... by jibin1988 Path Finder in Getting Data In 11-29-2017 0 1	0	1
Data masking using heavy forwarders Been trying to mask data before indexing into indexer using heavy forwarders. below is the log sample and data am tr... by Venkat_16 Contributor in Getting Data In 11-28-2017 0 9	0	9
Trouble installing Splunk Enterprise for Windows 64-bit In trying to go through the training, I installed Splunk Enterprise for Windows 64-bit and it will not start. This i... by rhowlett2 New Member in Getting Data In 11-28-2017 0 3	0	3
Time series visualization on top count Hi, Below is the search I am using to find the report_ID values that have top count. index=apache_web sourcetype=ap... by kteng2024 Path Finder in Getting Data In 11-28-2017 0 1	0	1
delete metrics data I am trying to figure out how to delete metrics data. "\| delete" doesn't work with mstats, is there another way? Th... by kutsyy Engager in Getting Data In 11-28-2017 4 1	4	1
Why are universal forwarders reporting "Error in SSL_read = 10054" trying to forward data to our two intermediate heavy forwarders? Hi, We have a Splunk cluster where we have 1400 hosts with Universal Forwarders installed. These UFs are forwarding ... by christeraustad Explorer in Getting Data In 11-28-2017 0 2	0	2
Issues with Splunk_TA_nix and AIX Customer reports various issues with Splunk_TA_nix with regards to the vmstat.sh, bandwidth.sh, passwd.sh and df.sh f... by dshakespeare_sp Splunk Employee in Getting Data In 11-28-2017 0 3	0	3
Where is the logtype source type defined? I've added a (universal) forwarder's local /var/log as a data input, specifying sourcetype = automatic. For audit.log... by DUThibault Contributor in Getting Data In 11-28-2017 0 7	0	7
Shell script or python to to delete older than 6 months frozen data ? Hello guys, Would you have an example of shell script or python to to delete older than 6 months frozen data? Our f... by splunkreal Motivator in Getting Data In 11-28-2017 0 2	0	2
Why doesn't the LastLogon timestamp match betweeen the active directory (AD) and SA-LdapSearch information? Good Morning, I have been using SA-LdapSearch for a project. I have had the same issue with the time for I see resul... by evinasco Communicator in Getting Data In 11-28-2017 0 2	0	2
How to trouble shoot this ERROR TcpOutputFd - Connection to host=10.X.X.X failed ? Hi All, Currently we have been informed that two of the Windows domain server is not reporting as expected, so when c... by Hemnaath Motivator in Getting Data In 11-28-2017 0 5	0	5
DATA filtering using Heavy forwarders i was tyring to filter a set of data to indexer by filtering out few data and below are the sample logs and configura... by Venkat_16 Contributor in Getting Data In 11-28-2017 0 1	0	1
Help in Configuring Indexes.conf Hello Guys, I am trying to configure the indexes.conf, Here is the scenario, I need to have hot bucket for 6 months,... by pe_morris_ter New Member in Getting Data In 11-28-2017 0 1	0	1
Whitelist Services? How How do you whitelist services you wish to monitor and not forward redundant ones to the Splunk Server.... I've done ... by Kitteh Path Finder in Getting Data In 11-28-2017 0 1	0	1
Is Splunk planning to offer guidance on naming conventions in the Metrics Index in relation to CIM? Splunk 7.0 introduced the Metrics Index feature and a whole new naming scheme. Is Splunk planning to use or offer so... by rjthibod Champion in Getting Data In 11-27-2017 2 3	2	3
Why does the author appear as "nobody" from this search? hi all~ \| rest /services/apps/local author is nobody How do I find the real author? by hslee Engager in Getting Data In 11-27-2017 0 1	0	1
What will be the final 6.x.x release prior to 7.0? What will be the final 6.x.x release prior to 7.0? All of our servers are at 5.0.1 right now. At some point we'll u... by teedilo Path Finder in Getting Data In 11-27-2017 0 3	0	3
CSV file import, problem with date format I have been trying to onboard at custom dataset into splunk as a csv file. But the dateformat doesnt get right. 199... by tompadora New Member in Getting Data In 11-27-2017 0 2	0	2
How to get Cyberoam logs in splunk.? please help me in detail step-by step i have no idea on Cyberoam. by V4M51 Engager in Getting Data In 11-27-2017 0 11	0	11