Getting Data In

Community Activity

How to correct the future time stamp issue occurring for certain sourcetype and host? Hi All, Currently we are facing an issue with data being logged with future time stamp for certain host and source ty... by Hemnaath Motivator in Getting Data In 09-25-2017 0 1	0	1
Problem splitting data, lines are lost from scripted input data. I have a script that works fine. When I do run it from cli like this, I get correct result: /opt/splunk/bin/splunk cm... by lakromani Builder in Getting Data In 09-25-2017 0 1	0	1
Manually Importing McAfee EPO Data So, I have been tasked with monitoring our EPO server, which is managed by a managed service. Long story short, the ... by rapture005 New Member in Getting Data In 09-25-2017 0 3	0	3
How to blacklist a log data from being monitored from router device ending with host name 03r /04r and keeping other devices still monitored? Hi All, My exact requirement, currently we need to route two router devices at the site 03r and 04r point to inde... by Hemnaath Motivator in Getting Data In 09-25-2017 0 3	0	3
Load Balancing with universal forwarders as intermediate layer In current design, we proposed two load balanced HFs to collect the data from 200+ end-points and pass it to next lev... by pranitprakash Explorer in Getting Data In 09-25-2017 0 4	0	4
Getting Error from TailReader Hello, I am trying to upload a .csv file through my auto-index and I am getting this error in my internal logs " -04... by katzr Path Finder in Getting Data In 09-25-2017 0 6	0	6
How to use K-anonymity with Splunk? Hello, Let's say i have a csv file that contains sensitive data, I want on index to group multiple lines as one event... by MarcHelou New Member in Getting Data In 09-25-2017 0 1	0	1
Help needed with Search to correlate Windows Event Logs Hi All, I have a requirement to write a Splunk query that will alert if windows event logs capture three EventCodes... by rishiaggarwal Explorer in Getting Data In 09-25-2017 0 1	0	1
High Availability for Heavy forwarder configuration? Current setup of Splunk Instance is 10 UF---->2HF---->3IDX, In HF for load balance we go with config of autoLB with ... by karthikeyan_k14 New Member in Getting Data In 09-25-2017 0 5	0	5
Process monitoring in Windows Hi, In our system, there will be multiple java.exe process will be running, we are in need for monitoring the cpu an... by Gowtham0809 New Member in Getting Data In 09-25-2017 0 3	0	3
What happens if you specify two paths in a volume in indexes.conf? What happens if you specify two paths in a volume in indexes.conf? For example: [volume:example] path = /opt/splunk... by Robbie1194 Communicator in Getting Data In 09-25-2017 0 1	0	1
Parse JSON nested inside a Windows Event Hello, I am looking for a way to parse the JSON data that exists in the "Message" body of a set of Windows Events. Id... by tjreynol Engager in Getting Data In 09-24-2017 1 2	1	2
How do I get an older version of Splunk DB Connect 1, particularly version 1.1.7? Hi, I am unable to get DB Connect 1, version 1.2 to work, and I'd like to try 1.1.7, but I can't find it. How do I ... by a212830 Champion in Getting Data In 09-24-2017 2 4	2	4
Can I forward local text log files from my laptop to Splunk (for testing purposes)? Splunk and the forwarder would be on the same laptop in this hypethical. How to use Splunk Forwarder in my personal laptop for testing purpose and forward the data to Splunk from a monitored... by gagandeepbhatti New Member in Getting Data In 09-23-2017 0 5	0	5
Search using metadata returns different results I'm getting different search results for the metadata I added to my log events. What did I misconfigure? Added to i... by wzchin New Member in Getting Data In 09-22-2017 0 1	0	1
Splunk Forwarding audittrail data to third party system via syslog not working Attempting to forward audittrail sourcetype data via syslog to our existing SIEM. I have a similar setup already wor... by stevepraz Path Finder in Getting Data In 09-22-2017 0 2	0	2
Retrieve JSON payload using REST API Hi, I have an application that exposes performance metrics via a REST API. - that is - I can issue a HTTP REST mess... by pisanis New Member in Getting Data In 09-22-2017 0 2	0	2
Removing all white spaces from event at Index time Hi all, I want to remove the whitespaces from only the account value, and not the whole event at index time. Is thi... by Tim_1 Path Finder in Getting Data In 09-22-2017 0 10	0	10
How can I monitor a specific process in Windows using a forwarder? I want to monitor a specific process in windows server using Splunk forwarders. for example. our servers will run a ... by Gowtham0809 New Member in Getting Data In 09-22-2017 0 1	0	1
Files not indexing due to fast rotation Hi All, Hope you are doing good. I have come across a difficult situation in indexing a file. We have few Universal... by siva_cg Path Finder in Getting Data In 09-21-2017 0 3	0	3
Another JSON Event Break Assistance request .. An excerpt from my JSON output ... Trying to Event break at the following line "type": "story", where a new event b... by Esky73 Builder in Getting Data In 09-21-2017 0 1	0	1
timestamp and line breaks The timestamp and linebreaking doesn't seem to be working as expected. They are nagios/pnp4nagios logs. I get a burst... by rewritex Contributor in Getting Data In 09-21-2017 0 3	0	3
How do I convert a timestamp? Hi, I have a field with timestamp value "2017-09-21T20:48:48.535427Z" in format. I need to convert it to "09/21/2017... by kiran331 Builder in Getting Data In 09-21-2017 0 2	0	2
Are inputs.conf attribute values case sensitive? [monitor:///tmp/ABC.txt] is my monitor stanza. But if i have the file welcomeabcdef.txt that is "abc" (lowercase in... by Madhan45 Path Finder in Getting Data In 09-21-2017 0 7	0	7
Unable to send same source data to two different logical indexes and two different indexers groups. Hi All, Facing few challlenges, mine is playing around with the same transforms. I'm trying to achieve the same sou... by arunsunny Path Finder in Getting Data In 09-21-2017 0 9	0	9