Getting Data In

Community Activity

Time series visualization on top count Hi, Below is the search I am using to find the report_ID values that have top count. index=apache_web sourcetype=ap... by kteng2024 Path Finder in Getting Data In 11-28-2017 0 1	0	1
delete metrics data I am trying to figure out how to delete metrics data. "\| delete" doesn't work with mstats, is there another way? Th... by kutsyy Engager in Getting Data In 11-28-2017 4 1	4	1
Why are universal forwarders reporting "Error in SSL_read = 10054" trying to forward data to our two intermediate heavy forwarders? Hi, We have a Splunk cluster where we have 1400 hosts with Universal Forwarders installed. These UFs are forwarding ... by christeraustad Explorer in Getting Data In 11-28-2017 0 2	0	2
Issues with Splunk_TA_nix and AIX Customer reports various issues with Splunk_TA_nix with regards to the vmstat.sh, bandwidth.sh, passwd.sh and df.sh f... by dshakespeare_sp Splunk Employee in Getting Data In 11-28-2017 0 3	0	3
Where is the logtype source type defined? I've added a (universal) forwarder's local /var/log as a data input, specifying sourcetype = automatic. For audit.log... by DUThibault Contributor in Getting Data In 11-28-2017 0 7	0	7
Shell script or python to to delete older than 6 months frozen data ? Hello guys, Would you have an example of shell script or python to to delete older than 6 months frozen data? Our f... by splunkreal Motivator in Getting Data In 11-28-2017 0 2	0	2
Why doesn't the LastLogon timestamp match betweeen the active directory (AD) and SA-LdapSearch information? Good Morning, I have been using SA-LdapSearch for a project. I have had the same issue with the time for I see resul... by evinasco Communicator in Getting Data In 11-28-2017 0 2	0	2
How to trouble shoot this ERROR TcpOutputFd - Connection to host=10.X.X.X failed ? Hi All, Currently we have been informed that two of the Windows domain server is not reporting as expected, so when c... by Hemnaath Motivator in Getting Data In 11-28-2017 0 5	0	5
DATA filtering using Heavy forwarders i was tyring to filter a set of data to indexer by filtering out few data and below are the sample logs and configura... by Venkat_16 Contributor in Getting Data In 11-28-2017 0 1	0	1
Help in Configuring Indexes.conf Hello Guys, I am trying to configure the indexes.conf, Here is the scenario, I need to have hot bucket for 6 months,... by pe_morris_ter New Member in Getting Data In 11-28-2017 0 1	0	1
Whitelist Services? How How do you whitelist services you wish to monitor and not forward redundant ones to the Splunk Server.... I've done ... by Kitteh Path Finder in Getting Data In 11-28-2017 0 1	0	1
Is Splunk planning to offer guidance on naming conventions in the Metrics Index in relation to CIM? Splunk 7.0 introduced the Metrics Index feature and a whole new naming scheme. Is Splunk planning to use or offer so... by rjthibod Champion in Getting Data In 11-27-2017 2 3	2	3
Why does the author appear as "nobody" from this search? hi all~ \| rest /services/apps/local author is nobody How do I find the real author? by hslee Engager in Getting Data In 11-27-2017 0 1	0	1
What will be the final 6.x.x release prior to 7.0? What will be the final 6.x.x release prior to 7.0? All of our servers are at 5.0.1 right now. At some point we'll u... by teedilo Path Finder in Getting Data In 11-27-2017 0 3	0	3
CSV file import, problem with date format I have been trying to onboard at custom dataset into splunk as a csv file. But the dateformat doesnt get right. 199... by tompadora New Member in Getting Data In 11-27-2017 0 2	0	2
How to get Cyberoam logs in splunk.? please help me in detail step-by step i have no idea on Cyberoam. by V4M51 Engager in Getting Data In 11-27-2017 0 11	0	11
What happens when the forwarder is configured to send data to a non-existent index? Hello, I would like to know what happens when the forwarder is configured to send data to a non-existent index, eith... by jwillaime Explorer in Getting Data In 11-27-2017 0 2	0	2
Testing props.conf file of app in $SPLUNK_HOME/etc/apps/my_app/local I am having some issues breaking a multiline event properly. Each event starts with a 'Date ...' string that I can us... by kuokhoet New Member in Getting Data In 11-27-2017 0 4	0	4
Trying to ingest a stock price file into Splunk Goodday, I am a Newbie. Am trying to ingest a stock price file into Splunk, I open Splunk by using http://localhost:... by aadbosma New Member in Getting Data In 11-27-2017 0 8	0	8
How to extract the Fields from .txt file I am indexing Server.txt file from 1000+ forwarders. The file format is as below. I want to extract below header valu... by pbsuju Explorer in Getting Data In 11-27-2017 0 4	0	4
Universal Forwarder, Server Class. I install UF on linux client. Than I ./splunk set deploy-poll ...:8089 Client did not appear in Forwarder Man... by test_qweqwe Builder in Getting Data In 11-26-2017 0 12	0	12
Splunk Windows Firewall log file pfirewall.log Hello, I'm very new to Splunk and trying to use it to gather local Windows Firewall Log file information. I thought... by cmcknz77 New Member in Getting Data In 11-26-2017 0 4	0	4
how route data to specific index when we use heavy forwarder? I build distributed Splunk Enterprise network the network flow is like below UF--->HF------->IDX----->SH In which I m... by manikanta66 Explorer in Getting Data In 11-26-2017 0 4	0	4
How to move index from main to custom index? Hello I failed and miss index for nginx and all logs saved to main. Now I created new index "nginx_logs" and how me m... by test_qweqwe Builder in Getting Data In 11-25-2017 0 1	0	1
How to apply Time Zone TZ = UTC to only 14 hosts out of 16 Let's say we have 16 hosts with the same sourcetype=devicetype 14 hosts are in UTC, 2 hosts are in EST (local) time z... by mlevsh Builder in Getting Data In 11-25-2017 0 5	0	5