Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
fernandoandre

enforce linebreaking at Indexer after Heavy Forwarder override sourcetype

At Indexer level how to force props.conf linebreaking setup to be applied to a specific sourcetype of data arriving f...
by fernandoandre Communicator in Getting Data In 06-15-2017
0 5
0
5
dbatts

How to stop access to Port 8089 in Splunk or change password on Universal Forwarder?

On all the Universal Forwarders, any user has the ability to access REST API called Splunk ATOM Feed:Splunkd. They c...
by dbatts Explorer in Getting Data In 06-15-2017
1 3
1
3
MarcHelou

How can I change splunk default parser and use my own way of re-arranging data?

let's say i have a file that I would like to input it to splunk. but I want to have a better parser, a smarter one. h...
by MarcHelou New Member in Getting Data In 06-15-2017
0 5
0
5
phoenixdigital

unarchive_cmd for decoding binary file with python script

Hi All, So following this excellent blog post I thought I found a solution to ingesting a binary logfile with Splunk...
by phoenixdigital Builder in Getting Data In 06-15-2017
0 8
0
8
rune_hellem

What more can I do to solve: File too small to check seekcrc, probably truncated. Will re-read entire file

Running Splunk 6.0.1 (build 189883), all on Windows-servers, a mix of 2008/2012-servers. Indexing a lot of SystemOut...
by rune_hellem Contributor in Getting Data In 06-14-2017
1 2
1
2
evanwyk11

HTTP event collector 404 error

Good Day I've got two issues with my HTTP event collector. 1st issue: I created an event collector when I installe...
by evanwyk11 Engager in Getting Data In 06-14-2017
1 4
1
4
LuiesCui

How to forward old data from a forwarder to a new Splunk index?

Hey guys, I'm new to splunk and I really need ur help!!! As what I know, once the data from a .log file are loaded b...
by LuiesCui Communicator in Getting Data In 06-14-2017
1 11
1
11
Svill321

Are there additional considerations for onboarding Cisco ASA data into Splunk?

I apologize in advance if this is an extremely basic question, but I need to be sure I do this correctly. I'm resear...
by Svill321 Path Finder in Getting Data In 06-14-2017
0 2
0
2
ssaenger

how to split log file on non-standard date and special characters

Hi All, I have a log file that has a non standard date/time and special characters and i am trying to split the line...
by ssaenger Communicator in Getting Data In 06-14-2017
0 2
0
2
pkeller

What to do when json field conflicts with Splunk metadata?

A user is reporting that their indexed json data has a 'source' key that is being extracted. "source": "[{label:'Tre...
by pkeller Contributor in Getting Data In 06-14-2017
1 1
1
1
evan_roggenkamp

Adding and sorting key, value pairs in JSON array

This is the way my data looks: { "NODE-A":{ "DATA":{ "SNR_DATA":{ "Cable3/0/3-...
by evan_roggenkamp Path Finder in Getting Data In 06-14-2017
0 1
0
1
psalibindla9524

Splunk search using CSV file data as input

I would like to search index=main type=router OR type=switch OR type=firewall OR type=sysproxy .. Instead i wan...
by psalibindla9524 New Member in Getting Data In 06-14-2017
0 3
0
3
tper1992

Is it possible to use the HTTP Event Collector with Morgan?

In my Node.js(Express) Application I use Morgan as the logging library. Can we pass the logs to an Splunk Enterprise ...
by tper1992 New Member in Getting Data In 06-13-2017
0 2
0
2
lloydknight

Spunk Forwarder troubleshooting

Here's the scenario: UniversalForwarder1 already forwarding logs to Indexer1. UniversalForwarder1's IP is 10.226.xx....
by lloydknight Builder in Getting Data In 06-13-2017
0 5
0
5
patilsh

No results in search

deleted
by patilsh Explorer in Getting Data In 06-13-2017
0 4
0
4
TAE2112

Why are these additional Splunk processes starting and stopping on Windows hosts configured with Universal Forwarders?

I have a collection of Windows 2008R2 servers running the Universal Forwarder which I configured to forward Windows E...
by TAE2112 Explorer in Getting Data In 06-13-2017
1 3
1
3
romiz2563

How to find domain from DNS log

I am trying to compare dns log to a list of suspicions domain my dns log look like that : 22.333.xxx.apple.com www...
by romiz2563 New Member in Getting Data In 06-13-2017
0 4
0
4
rbullard

How to export a list containing Host Name, Host IP, Apps, Server Class, and Machine Type for a Splunk server?

My group is taking over operations for a Splunk server brought over from an acquisition. We are trying to get a hand...
by rbullard Engager in Getting Data In 06-13-2017
1 6
1
6
kiran331

Is there a option to ingest application logs for only one applicaiton(process) on teh windows servers?

Hi Is there a option to ingest the logs of only one process from the windows servers ignoring rest of the events?
by kiran331 Builder in Getting Data In 06-13-2017
0 2
0
2
rvisj

timestamp is outside of acceptable window

I have a field in .csv file that have future dates. while uploading to Splunk, it shows the below error message and d...
by rvisj New Member in Getting Data In 06-13-2017
0 3
0
3
dsiob

handling future dates from csv

hi, I have a csv file, having time field 'Start Time'. This field will have entries of current week dates as well as...
by dsiob Communicator in Getting Data In 06-13-2017
0 7
0
7
Kaylenn

Minimise return records by filtering date field

Hi, I am running the below script successfully. However, I would like to now minimise the return results by only col...
by Kaylenn New Member in Getting Data In 06-13-2017
0 3
0
3
DataOrg

i have column a,b,c and i want to delete only in b column where value is 2. remaining columns should have to be same. i tried with mvfilter but it makes empty all the columns. i want to delete/remove particular value and make the field empty

a b c 1 2 3 2 1 4 4 1 2 1 2 3
by DataOrg Builder in Getting Data In 06-12-2017
0 3
0
3
kkomar

How to troubleshoot why Splunk suddently stopped indexing logs after 1-2 months?

I have splunk in domain mode set to look through 2 inputs over UNC path that are IIS logs. I have the inputs the same...
by kkomar New Member in Getting Data In 06-12-2017
0 2
0
2
bport15

How can I route logs to a specific index based on host/source combo?

We currently have our perf and N1 environments combined and I need to route certain logs to certain indexes based on ...
by bport15 Path Finder in Getting Data In 06-12-2017
0 6
0
6
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...