Getting Data In

Discussions

Thread Info

Can anyone let me know whether I can stream Splunk data into cassandra database without using DataStax?

Hi I am working on a data analytics project where I am trying to stream Splunk logs data to cassandra database and co...

by New Member in

Failed to find Event Log

[WinEventLog://Microsoft-Windows-DNS Client Events/Operational] disabled = 0 index = wineventlog interval = 60 Wh...

by Builder in

Is it possible to read and monitor Windows server files from a Linux Heavy Forwarder?

I have an environment where it's going to be a hassle to add a new Windows server. However, we have a file on a Windo...

by Builder in

reciprocal entries in next row

I am using lookup commands for data in a csv file and trying to map src_ip to the HOST and the SERVER in different ro...

by Path Finder in

fail over data ingestion

I am collecting logs from different sources using syslog-ng + UF . is there a way I can distribute these logs to two ...

by Engager in

multiple input fields for csv lookup

if I have a src_ip in a juniper sourcetype and want to match it to a HOST in the csv file and also to a SERVER in the...

by Path Finder in

Issues with Splunk "scrub" command not anomymizing data correctly

A customer was using Splunk "scrub" command to anonymize sensitive data (eg user name) at search time. While this wor...

by Splunk Employee in

Archive data to remote share drive. Where I can put login detail

Hi Everyone I am trying to move index file to a remote share drive, to access the drive I need put username/password...

by Communicator in

Splunk props.conf

Hi, My logs are not breaking correctly. Below is sample logs 16:40:13,732 INFO web Redeemed promotion=BI_500_POINT...

by Explorer in

Multi site Data center forwarding data to indexer?

Considering multi site data center for log forwarding having same logs , lets say site 1 and site 2 logs are being fo...

by Engager in

How to run Universal Forwarder script to create user splunk and set the forwarder service to run under said user?

Hello, This isn't a question as much as I have modified the Splunk Universal Forwarder remote installation script ...

by Explorer in

Universal forwarder support on RHEL 7

Hello, I do not see any version of Splunk universal forwarder for linux kernel 3.10+ on the dowload portal. Is the...

by Explorer in

Why is our Windows Splunk forwarder displaying passwords in clear text in the password file? How do we encrypt it?

On the Windows side, the Splunk forwarder file displays clear text passwords. Can they be encrypted, and how? Than...

by New Member in

outputs.conf: sslPassword not hashing if placed under the [tcpout] stanza

Hey all, I've configured $SPLUNK_HOME/etc/system/local/outputs.conf to use SSL certificates for forwarding logs. M...

by Path Finder in

WinEventLog System

hi question regarding the wineventlog system collection. for some reason splunk is only displaying event code 7036...

by Path Finder in

WinEventLog question

hi i added the below to my inputs.conf and restarted the forwarder service but when i search my host it still does...

by Path Finder in

Average on time only, without considering date

I have this query: Base quey | eval EndTime = if(Result="OK", _time, null) | eval StartTime = if(LogType ="START"...

by Communicator in

Empty results from rest call in Report

Hello. Running 6.6 (paid license) with LDAP authentication. I need to use my own email in a Report. I built a complex...

by Path Finder in

Forward logs to 3rd party syslog server without additional timestam/oroginated host field

Hi, We have a syslog input with non-syslog sourcetype over TCP. Everything looks good in Splunk. However, we have ...

by Communicator in

je n'arrive pas à ajouter des données sur Splunk, voilà le message d'erreur: "Vous n'êtes pas habilité à ajouter des données. Veuillez contacter votre administrateur"

lorsque je transmet un chemin d'un file ou que je transmet directement le file, je n'arrive pas à accéder a avoir l'h...

by New Member in

Questions on Splunk and Syslog-ng Server

What are the Splunk requirements to receive the data from Syslog-ng server?What are the Syslog requirements to get th...

by New Member in

Index isn't shrinking when configuring Index size

I have the app Splunk_TA_microsoft_ad and I am trying to reduce the storage size of the index "wineventlog" from 50gb...

by Explorer in

Why does forwarding stop until i restart splunk

I have a 4.3.3 UF on a windows 2008r2 box that was forwarding windows event logs quite happily. It's now stopped for...

by Path Finder in

Not showing csv data

hi, I uploaded csv file having a date field. This field has current week dates as well as future week dates. CSV got ...

by Communicator in

Filtering mutiple table rows created from a single log entry

I have multiple JDBC connection pools and their realtime stats are written to a log on a regular basis. I would like ...

by New Member in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Can anyone let me know whether I can stream Splunk data into cassandra database without using DataStax?

Failed to find Event Log

Is it possible to read and monitor Windows server files from a Linux Heavy Forwarder?

reciprocal entries in next row

fail over data ingestion

multiple input fields for csv lookup

Issues with Splunk "scrub" command not anomymizing data correctly

Archive data to remote share drive. Where I can put login detail

Splunk props.conf

Multi site Data center forwarding data to indexer?

How to run Universal Forwarder script to create user splunk and set the forwarder service to run under said user?

Universal forwarder support on RHEL 7

Why is our Windows Splunk forwarder displaying passwords in clear text in the password file? How do we encrypt it?

outputs.conf: sslPassword not hashing if placed under the [tcpout] stanza

WinEventLog System

WinEventLog question

Average on time only, without considering date

Empty results from rest call in Report

Forward logs to 3rd party syslog server without additional timestam/oroginated host field

je n'arrive pas à ajouter des données sur Splunk, voilà le message d'erreur: "Vous n'êtes pas habilité à ajouter des données. Veuillez contacter votre administrateur"

Questions on Splunk and Syslog-ng Server

Index isn't shrinking when configuring Index size

Why does forwarding stop until i restart splunk

Not showing csv data

Filtering mutiple table rows created from a single log entry

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Parsing Multimetric Logs

SC4S Syslog server update fails during download wi...

SplunkForwarder flooding splunkd.log with reconnec...

Event break multiline PowerShell Transcript Log

uberAgent

Getting Data In

Are you a member of the Splunk Community?

Discussions