Getting Data In

Community Activity

How can I list all views owned by a particular user? I've tried the /servicesNS/userid/-/data/ui/views endpoint but maybe I'm not using it correctly. I have a known view ... by twinspop Influencer in Getting Data In 06-09-2017 0 5	0	5
Feed inputs as command line argument Is it possible to provide inputs to Splunk through command line argument (similar to python for compiling)? Instead o... by the_scissor Engager in Getting Data In 06-09-2017 1 2	1	2
Splunk Universal Forwarder is ignoring logs OS: Windows Server 2008 R2 Enterprise Splunk Universal Forwarder version: 6.2.6 (build 274160) Hi, Good Day. Would ... by dantimola Communicator in Getting Data In 06-09-2017 0 4	0	4
forwarder creating multiline event from big file transferred via rsycn on slow channel We have big file with events in each line of file. Every minute file transfers via rsync to forwarder with new events... by gots Path Finder in Getting Data In 06-09-2017 0 1	0	1
Setting Time on a "Time (Search) Panel" to a specifi range each time. Basically I need time/date code to add within my Panel so that each tiem it opens, the Panel searches from 8AM the fo... by JChute Explorer in Getting Data In 06-09-2017 0 2	0	2
Escape JSON data at index time I'm trying to escape JSON data at index time because I can't do it from within the application that is generating the... by darinmoon Explorer in Getting Data In 06-09-2017 1 7	1	7
Why am I unable to blacklist all content in a certain directory with my current inputs.conf? I am trying to blacklist the following in the inputs.conf Currently I have this: [monitor:///var/log] disabled = f... by anaqvi Explorer in Getting Data In 06-08-2017 0 8	0	8
WinEventLogs Cannot get Event Details I am monitoring WinEventLogs for Direct Access Troubleshooting using stanzas like: [WinEventLog://Microsoft-Windows-... by nabeel652 Builder in Getting Data In 06-08-2017 0 2	0	2
heavy forwarder operation question Hi, I'm trying to determine the best way to parse out data before it gets to my splunk indexer. It looks like a heav... by infinitiguy Path Finder in Getting Data In 06-08-2017 0 14	0	14
Copy Field and remove duplicate Hello All, I have a column list of records as below recordA recordB recordA RecordB RecordC RecordD and I would l... by wessam Explorer in Getting Data In 06-08-2017 0 19	0	19
Why is one search head no longer communicating with indexers? Getting error "failed_because_BUNDLE_DATA_TRANSMIT_FAILURE" We have around 10 Search Heads and 13 Indexers. Since this morning, we are seeing the below errors and our SH is not ... by vr2312 Builder in Getting Data In 06-08-2017 1 5	1	5
Getting info from the details tab within Server 2008 event logs. Does anyone know how to get the full output (including the details tab) or XML version of event logs out of Server 20... by JSapienza Contributor in Getting Data In 06-08-2017 1 2	1	2
Transforms not replacing original value Hello, I have a CSV in which I am attempting to shorten a 128 character string down to the last 8 characters. I used... by thard_splunk Splunk Employee in Getting Data In 06-08-2017 0 1	0	1
Communication error between old ver Splunk and Forwarder ver6.x about ssl. Splunk ver 6.2.0 has been introduced in my separate environment, and recently I installed forwarder ver 6.6.1 on a ne... by yutaka1005 Builder in Getting Data In 06-08-2017 0 3	0	3
Rename an index Is it possible to rename an index in the same way sourcetype and source can be renamed with props and transforms. by smudge797 Path Finder in Getting Data In 06-08-2017 0 2	0	2
When the maxVolumeDataSizeMB for the primary volume is exceeded, will events automatically roll over to the secondary volume? Hi, When the maxVolumeDataSizeMB for the primary volume is exceeded, will the events automatically roll over to the ... by a212830 Champion in Getting Data In 06-07-2017 1 3	1	3
Securing communcation between Universal Forwarder and Heavy Forwarder Splunk Docs do not specifically state that default encryption is active between Universal Forwarders and Heavy Forwar... by rwcbp Explorer in Getting Data In 06-07-2017 1 5	1	5
Why am I seeing duplicate events? I'm seeing the following two log messages on my UF. I'm also seeing big spikes in events every few minutes from this ... by davidpaper Contributor in Getting Data In 06-07-2017 0 1	0	1
Does Splunk forwarder 6.0.3 support TLSv1.2 Does Splunk forwarder 6.0.3 support TLSv1.2 or does it only support SSL v3? by amanteja Path Finder in Getting Data In 06-07-2017 0 4	0	4
Successfully recurse sub-directories in Windows? I can't find the correct way to recursively monitor sub-directories in Windows for all files ending in .log. Can som... by loatswil Path Finder in Getting Data In 06-07-2017 0 12	0	12
Why are indexing queues maxing out after upgrading to Splunk 6.5.0? I have four indexers in a round robin, all were working great. After upgrading my entire environment to 6.5.0, all my... by johnpof Path Finder in Getting Data In 06-07-2017 0 15	0	15
how to route data from syslog servers to specific index?? Hello all i have 3 syslog servers which are forwarding data on udp 7877 i want to route the data to different inde... by saifuddin9122 Path Finder in Getting Data In 06-07-2017 0 2	0	2
Struggling with universal forwarder docker container I had this working at some point, but I am not able to get any of the commands to run after the universal forwarder s... by stringa Explorer in Getting Data In 06-07-2017 0 5	0	5
What could be causing my ISE logs to split up and get miscategorized Hello, I recently noticed that a small amount of ISE logs each day were getting split up. In order to remedy this, I... by lacrosse1991 Explorer in Getting Data In 06-07-2017 0 3	0	3
Why our Universal Forwarder frequently stop forwarding logs? Hi All, Good Day, I have a problem with our universal forwarder, it frequently stops forwarding data. When the probl... by dantimola Communicator in Getting Data In 06-07-2017 1 6	1	6