Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
senthamilselvan

how to split a log file which contain multiple KPI information as many individual events using the delimiter "==========="?

[Pra] KPI_DB_001: Transactions per sec Detailed breakdown of processing time % To...
by senthamilselvan Engager in Getting Data In 09-21-2017
0 2
0
2
poonama

How to display time, host, source type when the statement is as follows:

I have a stack trace for one particular error like this, [9/20/17 5:40:13:428 EDT] 000000e0 SystemOut O 20 Sep 20...
by poonama New Member in Getting Data In 09-21-2017
0 2
0
2
wnardi

I would like to understand if it is possible to work with multiple CPUs in the Heavy Forwarder.

I would like to understand if it is possible to work with multiple CPUs in the Heavy Forwarder. In my current archit...
by wnardi Explorer in Getting Data In 09-20-2017
0 3
0
3
reswob4

On a heavy forwarder, can I forward a subset of data to syslog and drop everything else?

Here is my situation: I have a Windows HF that is collecting a lot of different data. Some via powershell scripts, ...
by reswob4 Builder in Getting Data In 09-20-2017
0 1
0
1
vkbinsplunk

Forwarding Mainframe logs to Splunk

I know we can forward logs from a Linux box to Splunk (if we install Splunk forwarder on the Linux box). Similarly ca...
by vkbinsplunk New Member in Getting Data In 09-20-2017
0 6
0
6
dpatiladobe

Json file getting truncated

Below is my i/p file {<!-- --> "Count": 2, "Items": [ {<!-- --> "total_time": {<!-- --> "S": "0.0...
by dpatiladobe Explorer in Getting Data In 09-20-2017
0 2
0
2
tamduong16

How to import data to Splunk via HTTP GET request?

I've been looking for a way to import contents from an http get request with Splunk without success. At first, I thou...
by tamduong16 Contributor in Getting Data In 09-20-2017
0 2
0
2
whydoineedtoreg

How to sort the contents of a list by timestamp

I'm currently querying source&#61;"log" | stats list by Id Which gives me nicely grouped data. However I would like t...
by whydoineedtoreg New Member in Getting Data In 09-20-2017
0 1
0
1
ksoucy

Why would splunk universal forwarder report "ERROR TailReader - File will not be read, is too small to match seekptr checksum" on a file whose events begin with a timestamp?

splunkd.log is reporting ERROR TailReader - File will not be read, is too small to match seekptr checksum (file&#61;/ap...
by ksoucy Path Finder in Getting Data In 09-20-2017
0 2
0
2
abdulhasnath

How can I get data coming from my Netflow (Flow Export) appliance into Splunk Enterprise

Hi, Can someone direct me on what app I need to install to get data coming from my Netflow (Flow Export) appliance i...
by abdulhasnath New Member in Getting Data In 09-20-2017
0 3
0
3
aferone

Multiple Transforms Stanzas Inside One Props Stanza - Limit?

Here is my current props.conf stanza for UDP:514 syslog traffic. I am sending this traffic to multple indexes using ...
by aferone Builder in Getting Data In 09-20-2017
0 5
0
5
phillipmadm

Is there an easy way to redirect existing universal forwarders to a new Splunk deployment?

We are migrating datacenters and the current virtual deployment server has been replicated to the new facility. I can...
by phillipmadm Explorer in Getting Data In 09-20-2017
0 10
0
10
mgarciar

Field showing an additional and not visible value --"none"-- under timestamp field

Hi all, I have a problem with a field call "timestamp". I have created a custom python script and added as "Data ...
by mgarciar Path Finder in Getting Data In 09-20-2017
0 15
0
15
ianthebrave

Fields are missing from some of my records after importing a CSV file

Hi! I imported a CSV file with 97 fields and after doing some searches, some fields are missing for some records. I ...
by ianthebrave New Member in Getting Data In 09-20-2017
0 4
0
4
srividyareddy

Able to see the system logs but cannot see the remote logs (in the same server) where the log files are installed.

Able to see the system logs but cannot see the remote logs (in the same server) where the log files are installed. M...
by srividyareddy New Member in Getting Data In 09-20-2017
0 6
0
6
smcdonald20

Help with field aliases for XML file

Hi, I have imported an XML file to Splunk, but want to change the field names to something more user friendly. I kn...
by smcdonald20 Path Finder in Getting Data In 09-20-2017
0 1
0
1
Tim_1

Routing to index based on Regex extraction

Hi all, I want to know if it is possible to route data to different indexes based on the value of a regex dynamical...
by Tim_1 Path Finder in Getting Data In 09-20-2017
0 5
0
5
craigwilkinson

Monitor Queue Size Without access to Search Head or Apps

Hi All, Is it possible to monitor the queue size without access to the search head or related applications ? I curr...
by craigwilkinson Path Finder in Getting Data In 09-19-2017
1 1
1
1
dileepmandapam

Indexing a CSV file from a server using REST API and Splunk SDK

Here is my use-case: For every hour, I need to download a .csv file from my server using REST API. Using Splunk, I...
by dileepmandapam New Member in Getting Data In 09-19-2017
0 3
0
3
scottj1y

I want to add metadata to events from forwarder via JSON file

We have events coming from hosts that need to have additional information added to them from two configuration files....
by scottj1y Path Finder in Getting Data In 09-19-2017
0 2
0
2
sandeep23

HTTP Event Collector supports compression (like Gzip)?

Is compression (like Gzip) supported in HEC batched payload ? One of the Splunk blog mentioned it, but can't find any...
by sandeep23 Engager in Getting Data In 09-19-2017
1 2
1
2
balagurivid1

Is it possible to anonymize/mask the data being sent from AIX servers to the Splunk Enterprise 6.6.1?

We have installed and configured Splunk Universal forwarder 6.6.1 on AIX server. It is working fine and I am able to ...
by balagurivid1 New Member in Getting Data In 09-19-2017
0 3
0
3
brent_weaver

Why am I seeing "WARN DateParserVerbose - Failed to parse timestamp"?

I have an event like: {"app":"EventHub Service","caller":"kafka.go:110","fn":"gi.build.com/predix-data-services/even...
by brent_weaver Builder in Getting Data In 09-19-2017
1 7
1
7
mala_splunk_91

Extract some lines of an event from a CSV file and index in separate sourcetype OR Index

Hi guys, Please provide your input on the below scenario. I have some events like below. Here , I want to extract so...
by mala_splunk_91 Explorer in Getting Data In 09-19-2017
1 4
1
4
kearaspoor

Is it possible to index a CSV file making column A be the header?

Have a bunch of CSV files that were generated (and will continue to be generated) based on a human readable form that...
by SplunkTrust SplunkTrust in Getting Data In 09-18-2017
0 2
0
2
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...