Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
anton085

How to specify source stanza for non-file input types in props.conf

I am trying to write some source:: stanzas in props.conf to forward data to another system. For file inputs (e.g., mo...
by anton085 Path Finder in Getting Data In 08-11-2017
0 4
0
4
nabhosal

How can we send our firewall logs directly to an indexer (without a heavy forwarder)?

We have two indexers and 1 search head in our environment. We are going to integrate a Cisco ASA firewall with Splunk...
by nabhosal New Member in Getting Data In 08-10-2017
0 2
0
2
milesbrennan

RSyslog, Dynamic Filenames, and Host_Regex

Hi Splunkers, We're using Rsyslog to collect many of our appliance syslog streams, and then bringing them into Splun...
by milesbrennan Path Finder in Getting Data In 08-10-2017
0 5
0
5
hkumar26

How do I install a heavy forwarder for Splunk Cloud in a Windows environment?

Hi, Want to install HF for Splunk cloud on windows. Downloaded the Splunk enterprise 6.6.2 for windows from splunk we...
by hkumar26 New Member in Getting Data In 08-10-2017
0 4
0
4
clincg

Union / Intersect results from different source type

Hi - I'm trying to union/intersect results from different source type using the SET command: set union [search sourc...
by clincg Path Finder in Getting Data In 08-10-2017
0 7
0
7
sdulany

Splunk not getting forwarder data though ports seem to be open

I am trying to set up a Splunk universal fowarder on a VyOS router going to a Splunk Enterprise instance I have on a ...
by sdulany New Member in Getting Data In 08-10-2017
0 3
0
3
jcorkey

Need help creating/configuring CSV lookup

I know that using inputlookup will use a CSV file but is it possible to have a script create the CSV file that inputl...
by jcorkey Explorer in Getting Data In 08-10-2017
0 2
0
2
Rocky31

How can I send events from a monitor input file to an index I created?

I am not sure about this, it's very tricky. Can anyone help me on this? Do I need to update any .conf files?
by Rocky31 Path Finder in Getting Data In 08-10-2017
0 2
0
2
AJeepDude

How can I find the total and average indexing rates for all indexers?

How can I find the total and average indexing rates for all indexers on Splunk Cloud?
by AJeepDude New Member in Getting Data In 08-10-2017
0 5
0
5
ddrillic

Why isn't my data reaching the index?

We have a small farm with no access to the forwarders. The forwarders do phone home but the following returns nothing...
by ddrillic Ultra Champion in Getting Data In 08-10-2017
0 4
0
4
allurirohan

Is there any way to apply cluster-bundle without rolling restart and search interruption?

I have a use case where we're updating props.conf frequently. We'd like to ideally be able to do this on an ad-hoc ba...
by allurirohan Explorer in Getting Data In 08-10-2017
1 8
1
8
ebuehne

How to Blacklist EventCode

I see this type of question has been asked several times, however I haven't been able to find the answer to my situat...
by ebuehne Explorer in Getting Data In 08-10-2017
0 12
0
12
SGADE

How to resolve error "java.lang.IllegalArgumentException: URI can't be null" when testing HTTP Event Collector from a Java client?

I am trying to test the HTTP Event Collector from a java client, referred the Java project from splunk.com. Please he...
by SGADE Engager in Getting Data In 08-10-2017
2 4
2
4
mgh4

How do I get license usage per indexer using the Distributed Management Console?

I'm trying to use the licensing dashboard in DCM, splunk 6.4.1. For a 30 day by indexer it runs: `dmc_licensing_base...
by mgh4 Explorer in Getting Data In 08-10-2017
0 3
0
3
coenvandijk

Windows: How can I incorporate a PowerShell script into my search?

I'm working on a search over our Windows events to analyze the changes to permissions on files and directories: index...
by coenvandijk Observer in Getting Data In 08-09-2017
0 1
0
1
seanaldo

How can I create a list of network devices?

Hi, I want to create a list of the IP addresses in our environment against the host DNS name. Cheers, Sean
by seanaldo New Member in Getting Data In 08-09-2017
0 2
0
2
anupam491

How to forward logs with Splunk Universal Forwarder for the files with no header and logs should be in form of key/value

I have a Splunk Forwarder setup already on my host. I have certain files on folder (/tom/mike/). File names are star...
by anupam491 Engager in Getting Data In 08-09-2017
0 16
0
16
jredsama

How do I complete a search including common and unique data fields from two different sources?

Hello, I would like to run a query that includes results from our main index as well as an uploaded CSV. I don't thi...
by jredsama New Member in Getting Data In 08-09-2017
0 2
0
2
niwebadmin

How to index a log that was missing for a specific date in the past?

Hey Guys, We have a log for a specific index that was missing during an outage and we got it recovered. Obviously th...
by niwebadmin New Member in Getting Data In 08-09-2017
0 6
0
6
karakutu

Why is my "/usr/bin/last" script not working?

i have problem with my basic script. ist connnten only #!/bin/sh /usr/bin/last i updated also my default/inputs....
by karakutu Path Finder in Getting Data In 08-09-2017
0 7
0
7
kreng

What is the compression ratio between the forwarders and indexers?

I need the approximate compression ratio of the data forwarded to indexers.
by kreng New Member in Getting Data In 08-09-2017
0 3
0
3
ddrillic

How can we find out whether a set of forwarders are connected to all indexers?

Is there a way to find out whether a set of forwarders are connected to all intended indexers? On a regular basis we ...
by ddrillic Ultra Champion in Getting Data In 08-09-2017
0 8
0
8
tusharsaran1

Recursively monitor files in current directory and subdirectories upto a specified maxDepth

Is it possible to recursively monitor the files in a directory tree but only till a specified maxDepth? Example: I ha...
by tusharsaran1 Path Finder in Getting Data In 08-09-2017
0 2
0
2
brent_weaver

Modify Splunk user role via the REST API

I have about 125 accounts I need to change the role on. This has to be possible via the REST API. Any thoughts from a...
by brent_weaver Builder in Getting Data In 08-09-2017
1 4
1
4
zach_sawyerS24

On a Linux host, is a Splunk user account needed if you are running forwarder as root?

Hello, On a Linux host, in which we are installing universal forwarder (using rpm installer), if we install and plan...
by zach_sawyerS24 Engager in Getting Data In 08-09-2017
0 5
0
5
Get Updates on the Splunk Community!

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

How to find the worst searches in your Splunk environment and how to fix them

Everyone knows Splunk is a powerful platform for running searches and doing data analytics. Your ...

Share Your Feedback: On Admin Config Service (ACS)!

Help Us Build a Better Admin Config Service Experience (ACS)   We Want Your Feedback on Admin Config Service ...
Top Solution Authors
View All