Getting Data In

Ask a Question

Discussions

Thread Info

Indexing Zipped Files

I have about 500 excel files that I need to index into Splunk. If I upload each file individually, I pick my sourc...

by Communicator in

How do I forward to a vm and forward it out again?

Hi, how does one forward something like sysmon from 1 vm (guest1) to another vm (guest2) and then out to another p...

by Path Finder in

Splunk addon for Jboss vs addon for Tomcat

I have several Jboss web servers that I would like to perform monitoring on with Splunk. I've been doing research int...

by Explorer in

Filtering syslog inputs

Trying to filter syslog input from ESX hosts, without impacting any other syslog inputs. The ESX host names are 192.1...

by Communicator in

Host-Only Guest to Host-only Guest Forwarding not working?

Hi, Is it possible to forward data from a vmnet1 Host-Only VM Guest to another vmnet1 Host-Only VM Guest? I actual...

by Path Finder in

unarchive_cmd for python script to decode binary file in Windows

Further to my question the other day about decoding a binary file I finally got it working in Linux!!! https://ans...

by Builder in

How to add a timestamp to a CSV file that will display the creation time instead of default modtime when parsing?

I have the following problem: I receive some text files (comma separated) which I need to index and search. Proble...

by New Member in

How to Read a CSV file (with time-stamped data for past 24 hours) and Index the data

Hello All, My client's machine generates a daily data log (in csv format). How do one configure splunk to read & inde...

by Path Finder in

timestamp recognition on a split date and time with no prefix

I have events that start with a format similar to: 14-Jul-17,7:23:00 PM,7:23:36 PM,7:23:36 PM,-36,206 where the...

by Splunk Employee in

Calculating latency based on uuid

I'm trying to calculate request times for a web app to analyze latency. When a user clicks a button in the client UI,...

by New Member in

Upgrading Universal Forwarder from 5.0.2 to 6.5.4

Hello Splunk Experts, Recently, I've been tasked to upgrade a distributed Splunk environment with the condition as...

by Communicator in

What does splunk-parameter "--auto-ports"do?

This parameter is used in auto-install-scripts for the Universal Forwarder but I could not find any information about...

by Communicator in

Extract values for fields with the same name, but specifics come after value.

I'm using splunk to search my Cisco ISE logs. There is an ISE app, which is great, but has a pretty significant probl...

by Path Finder in

How can I tell if a heavy forwarder or universal forwarder was installed on a box?

I have a box that I didn't install that has a forwarder on it, but I'm not certain whether it's a Heavy Forwarder or ...

by Communicator in

What are consideration when integrating with ServiceNow

Please advise on the best practices for ServiceNow integration. How to integrate and enable auto ticket creation.

by Engager in

About distributed search.

In my environment, I have two indexers for one Search head. I think that these commands like "search", "dedup", "t...

by Builder in

Can an intermediate Heavy Forwarder forward data to a third party system without indexing?

Can I forward data from the universal forwarders using an intermediate heavy weight forwarder to a third-party system...

by Engager in

Structured data (TSV) configured on UNiversal Forwarder with Transform applied on Indexer

I have some TSV files that I am forwarding with a Universal Forwarder. I have props.conf configured on the UF with th...

by Communicator in

How to collect logs from a DC with a Splunk Universal Forwarder and with a 3rd party WMI at the same time?

Hi, Our customer has several DC (Domain Controllers). They already collect logs from DC using SyslogNG Agent over ...

by Communicator in

Splunk Monitor Stazas

Hi Team, We have a distributed environment with several forwarders managed by Deployment Server. Recently, I have ...

by Path Finder in

REST API is not shown in Data Inputs

I am really trying to follow this link (below) for getting a twitter feed into Splunk: https://discoveredintelligence...

by New Member in

connection refused: What may be the root cause?

Hi, I am getting Connection refused error, for one of the host. Is it because of firewall issue's? . Please guid...

by New Member in

CSV Headers appearing as events

My events are appearing on Splunk and the fields are getting extracted however the header is appearing as an event ev...

by New Member in

duplicated events when monitoring from log file

Hi, I have a script that pulls oracle events and write them to a file called ora.log.The script runs at 5 min inte...

by Contributor in

How can I filter windows XML event logs?

I have the following inputs.conf stanza: [WinEventLog://Security] disabled = 0 start_from = oldest current_only = ...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Indexing Zipped Files

How do I forward to a vm and forward it out again?

Splunk addon for Jboss vs addon for Tomcat

Filtering syslog inputs

Host-Only Guest to Host-only Guest Forwarding not working?

unarchive_cmd for python script to decode binary file in Windows

How to add a timestamp to a CSV file that will display the creation time instead of default modtime when parsing?

How to Read a CSV file (with time-stamped data for past 24 hours) and Index the data

timestamp recognition on a split date and time with no prefix

Calculating latency based on uuid

Upgrading Universal Forwarder from 5.0.2 to 6.5.4

What does splunk-parameter "--auto-ports"do?

Extract values for fields with the same name, but specifics come after value.

How can I tell if a heavy forwarder or universal forwarder was installed on a box?

What are consideration when integrating with ServiceNow

About distributed search.

Can an intermediate Heavy Forwarder forward data to a third party system without indexing?

Structured data (TSV) configured on UNiversal Forwarder with Transform applied on Indexer

How to collect logs from a DC with a Splunk Universal Forwarder and with a 3rd party WMI at the same time?

Splunk Monitor Stazas

REST API is not shown in Data Inputs

connection refused: What may be the root cause?

CSV Headers appearing as events

duplicated events when monitoring from log file

How can I filter windows XML event logs?

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

DNS logs - INFO [:12345] Script exceeded maximum r...

Onboard Unknown Source to SC4S

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Getting Data In

Are you a member of the Splunk Community?

Discussions