Getting Data In

Community Activity

How Do We Convert Our Heavy Forwarders to Universal Forwarders When we first rolled out Splunk to our forwarders we installed the full version. We would now like to convert them to... by rpattison Explorer in Getting Data In 06-01-2017 0 2	0	2
What is the syntax to configure DELIMS= in transforms.conf for line breaking? I'm ingesting a custom sourcetype (output from a powershell script). Within the transforms.conf, how do I set the DEL... by hagjos43 Contributor in Getting Data In 06-01-2017 0 3	0	3
UID/PWD to use for Cloud API requests I was able to get the API functionality to work from a local instance, but having trouble with the Cloud Instance. c... by tjago11 Communicator in Getting Data In 06-01-2017 0 5	0	5
Change index at index time (chained UFs) I am collecting Windows Event Logs via either a Windows Event Collector or directly from each Windows server (with a ... by danbrook Explorer in Getting Data In 06-01-2017 0 5	0	5
props.conf doesn't work properly Hi, Splunkers, I have following data from UF to Splunk instance. << UDP-1128 Nocrypto....... REGISTER..... ... by ggssa2000 Explorer in Getting Data In 06-01-2017 0 4	0	4
Access Splunk through ColdFusion Is it possible, and if so how, to dispatch searches in Splunk and display the results using Coldfusion. I have been l... by kmattern Builder in Getting Data In 06-01-2017 0 1	0	1
Indexing JSON data Hi, I created a sourcetype (props.conf) to parse my json files. A local input (index once) was created only to test... by monteirolopes Communicator in Getting Data In 06-01-2017 0 2	0	2
Audit who makes changes to Active Directory Hi, I'm looking into using Splunk to report on Active Directory. I've installed the free edition on a test domain & ... by dshipman New Member in Getting Data In 06-01-2017 0 2	0	2
How to increase the size of text input in a dashboard I have a dashboard (Say /app/MyApp/MyDashboard) In this dashboard have a text input. i want to increase the size of... by sravankaripe Communicator in Getting Data In 06-01-2017 0 1	0	1
Forwarders windwos log I have a windows log forwarded to the splunk via Forwarders, and I want Forwarder to read to the splunk line by line.... by kulo Engager in Getting Data In 05-31-2017 0 2	0	2
How to configure Splunk to collect local rsyslog data (rsyslog and Splunk are on same server)? Hello, We have installed Splunk on our rsyslogd server and would like to parse all the rsyslog data to Splunk. Can... by ananthan123 Explorer in Getting Data In 05-31-2017 0 1	0	1
Lookup command distinct column values I am trying to copy the counts of field X (already in logs) into a new field Y (from a lookup csv) so that they have... by matthewb4 Path Finder in Getting Data In 05-31-2017 0 8	0	8
When indexing an Excel file with the .xlsx file extension, why is the format not showing properly in Splunk? Hello everyone, I have an Excel file to .xlsx format. When I load it in Splunk, it does not turn around the correct ... by gyslainlatsa Motivator in Getting Data In 05-31-2017 0 6	0	6
Cropped results for inputlookup via REST ? I'm trying to run search via the REST api, to get the contents of a lookup: \| inputlookup my_lookup I got only 100 ... by szabados Communicator in Getting Data In 05-31-2017 0 2	0	2
In trying to deploy Splunk Enterprise from the Azure marketplace and getting "DeploymentNotFound" I am trying to deploy Splunk Enterprise via the Azure Marketplace and I get the below error. Deployment 'splunk.splun... by gregcork2 New Member in Getting Data In 05-30-2017 0 4	0	4
Powershell3 invoke-restmethod errors I'm trying to call the Rest API using the new cmdlet, invoke-restmethod, and I'm experiencing odd connectivity errors... by vdubgeek New Member in Getting Data In 05-30-2017 0 7	0	7
Splunk REST API endpoint to confirm password? Building a .NET app that will access Splunk via REST API. App will prompt for password to use for admin access. Is th... by simpkins1958 Contributor in Getting Data In 05-30-2017 0 1	0	1
how to not index log lines that have these 2 phrases in them? Looking to get the correct regex statement for my transforms.conf to select both the "(vert.x-eventloop-thread-4)" an... by joesrepsol Path Finder in Getting Data In 05-30-2017 0 8	0	8
How to edit my props.conf to extract a timestamp in the middle of a log? I have a log file where i need to do a Timestamp extraction which is in the middle of the log.... somehow it's captu... by prakash007 Builder in Getting Data In 05-30-2017 0 1	0	1
cross files csv as to as rechercheV in excel hello every body, my question is: If i have 2 csv files in Splunk One with the list of servers The other antivirus c... by jamfal New Member in Getting Data In 05-30-2017 0 2	0	2
How to delete a index permanantly in clustered environment? HI, If I remove the index stanza in indexes.conf and deploy it indexers will it remove the index? OR is there any b... by kiran331 Builder in Getting Data In 05-30-2017 0 1	0	1
change the owner of a saved search via REST Hi there, I just want to change the attribut "owner" (within eai:acl) of a saved search via REST. Is this feasible? ... by bjoernjensen Contributor in Getting Data In 05-30-2017 1 2	1	2
Is it possible to selectively line merge syslog-ng truncated events? I have a syslog server receiving and filtering into files and then forwarding data to my indexers. One source uses ud... by JSkier Communicator in Getting Data In 05-30-2017 1 2	1	2
Using DELIMS with a string instead of single character Hi, I'm forwarding from an proxy logs using NX-log and nxlog is using string "#011" to separate fields, like that: ... by restevan New Member in Getting Data In 05-30-2017 0 5	0	5
Problem with CDR Phone Data Hello Everybody, I have a big Problem with customers phone data (cdr´s)... One phone-call has multiple events: I... by denis_roehr Explorer in Getting Data In 05-30-2017 1 4	1	4