Getting Data In

Community Activity

Why is my "/usr/bin/last" script not working? i have problem with my basic script. ist connnten only #!/bin/sh /usr/bin/last i updated also my default/inputs.... by karakutu Path Finder in Getting Data In 08-09-2017 0 7	0	7
What is the compression ratio between the forwarders and indexers? I need the approximate compression ratio of the data forwarded to indexers. by kreng New Member in Getting Data In 08-09-2017 0 3	0	3
How can we find out whether a set of forwarders are connected to all indexers? Is there a way to find out whether a set of forwarders are connected to all intended indexers? On a regular basis we ... by ddrillic Ultra Champion in Getting Data In 08-09-2017 0 8	0	8
Recursively monitor files in current directory and subdirectories upto a specified maxDepth Is it possible to recursively monitor the files in a directory tree but only till a specified maxDepth? Example: I ha... by tusharsaran1 Path Finder in Getting Data In 08-09-2017 0 2	0	2
Modify Splunk user role via the REST API I have about 125 accounts I need to change the role on. This has to be possible via the REST API. Any thoughts from a... by brent_weaver Builder in Getting Data In 08-09-2017 1 4	1	4
On a Linux host, is a Splunk user account needed if you are running forwarder as root? Hello, On a Linux host, in which we are installing universal forwarder (using rpm installer), if we install and plan... by zach_sawyerS24 Engager in Getting Data In 08-09-2017 0 5	0	5
Block Specific host/ip on indexer Hi, I want to block the specific host/ip which sending logs to indexers for a time being later would need to enable ... by kpavan Path Finder in Getting Data In 08-09-2017 0 7	0	7
Search to show license usage at heavy forwarder level Hello, I have a search similar with below which provide a total of 2868 GB usage for last 24 hrs. index=_internal s... by preotesoiu Path Finder in Getting Data In 08-09-2017 0 2	0	2
Copy the value of a metadata filed to a new field at Index time I have some network devices sending logs to a syslog server that has a UF installed. The 'host' field is populated wi... by MedralaG Communicator in Getting Data In 08-09-2017 0 5	0	5
Export/Import a source type Does Splunk provide a way to export/import a source type? by timfrostmann Engager in Getting Data In 08-08-2017 0 1	0	1
Can we configure multiple IP's in hunk virtual index configuration with the latest Hunk Cassandra Connector? We have DSE Cassandra v5.0.8 running in multiple node IP's as a cluster setup. And, we have used the datastax provide... by waltz Explorer in Getting Data In 08-08-2017 0 3	0	3
BeyondTrust Retina logs through Splunk HTTP Event Collector I am trying to on board Retina logs through HTTP Event Collector, however I am not having any luck on it. Firewall h... by sshres5 Communicator in Getting Data In 08-08-2017 0 13	0	13
How to drop event comming from host template* Hello, I have to drop all events received from hosts named template* I have created an app on indexer with the follo... by ktn01 Path Finder in Getting Data In 08-08-2017 0 1	0	1
Splunk REST API: Issue wtih flattening JSON-formatted results So I call the Splunk REST API and collect results in JSON format and that is kind of okay. Then I would like to pass ... by dominiquevocat SplunkTrust in Getting Data In 08-08-2017 0 5	0	5
After Thawing Data, how do you "Re-Freeze" it? Hello, I have tested thawing data with good results. My question is - How do you refreeze it after you are done revi... by TheJagoff Communicator in Getting Data In 08-07-2017 0 4	0	4
Why sometimes sourcetype doesn't appear under Selected Fields? For most data sources in our set-up, sourcetype appears under Selected Fields, but there are cases in which it appear... by ddrillic Ultra Champion in Getting Data In 08-07-2017 0 2	0	2
Missing logs from splunk? Specifically the winEventlog:security have vanished from my search results for approximately two three months, but cu... by sarwshai Communicator in Getting Data In 08-07-2017 0 7	0	7
How do I remove all double quotes from splunk data? My data read into splunk with all double quote around them. How can I delete all of these double quotes from splunk? ... by tamduong16 Contributor in Getting Data In 08-07-2017 0 2	0	2
How to detect email attachment content, size, name, etc from Microsoft Exchange server logs? I have been tasked with increasing the logging coming from our Exchange servers. One of the requests is to include l... by JScordo Path Finder in Getting Data In 08-07-2017 0 3	0	3
Using 'set diff' to compare searches, but outputting multiple columns I created a search that'll display the difference between two searches using 'set diff' - I initially set it to compa... by sepkarimpour Path Finder in Getting Data In 08-07-2017 0 6	0	6
How to install the Splunk forwarder on a BlueCat DNS/DHCP Server? Has anyone successfully installed the Splunk Forwarder on a BlueCat DNS/DHCP Server or otherwise got full DNS logging... by hessf New Member in Getting Data In 08-06-2017 0 4	0	4
Network Monitoring between Enterprise Security Search Head and Indexers Is it possible set up a monitoring of the data transfer rates between search head and indexer. We are especially int... by shedalkar Engager in Getting Data In 08-06-2017 0 3	0	3
Why are my logs sent to the default index? Greetings all, I am new to Splunk and trying to know my way around it. I created a home lab environment with the fo... by Mystica856 Explorer in Getting Data In 08-06-2017 0 4	0	4
Configuring Splunk Supporting Add-on for Active Directory (SA-LDAPSearch) Hello, I'm in the process of configuring the Splunk App for Windows Infrastructure on our Splunk Cloud. One componen... by ptur Path Finder in Getting Data In 08-05-2017 0 2	0	2
ESXI VMware Login Tracking Hello, how can i track login and logout from ESXi 5.5? At the moment i configured a Syslog to forward logs from ESX... by mbarbaro Path Finder in Getting Data In 08-04-2017 0 3	0	3