Getting Data In

Community Activity

unarchive_cmd for decoding binary file with python script Hi All, So following this excellent blog post I thought I found a solution to ingesting a binary logfile with Splunk... by phoenixdigital Builder in Getting Data In 06-15-2017 0 8	0	8
What more can I do to solve: File too small to check seekcrc, probably truncated. Will re-read entire file Running Splunk 6.0.1 (build 189883), all on Windows-servers, a mix of 2008/2012-servers. Indexing a lot of SystemOut... by rune_hellem Contributor in Getting Data In 06-14-2017 1 2	1	2
HTTP event collector 404 error Good Day I've got two issues with my HTTP event collector. 1st issue: I created an event collector when I installe... by evanwyk11 Engager in Getting Data In 06-14-2017 1 4	1	4
How to forward old data from a forwarder to a new Splunk index? Hey guys, I'm new to splunk and I really need ur help!!! As what I know, once the data from a .log file are loaded b... by LuiesCui Communicator in Getting Data In 06-14-2017 1 11	1	11
Are there additional considerations for onboarding Cisco ASA data into Splunk? I apologize in advance if this is an extremely basic question, but I need to be sure I do this correctly. I'm resear... by Svill321 Path Finder in Getting Data In 06-14-2017 0 2	0	2
how to split log file on non-standard date and special characters Hi All, I have a log file that has a non standard date/time and special characters and i am trying to split the line... by ssaenger Communicator in Getting Data In 06-14-2017 0 2	0	2
What to do when json field conflicts with Splunk metadata? A user is reporting that their indexed json data has a 'source' key that is being extracted. "source": "[{label:'Tre... by pkeller Contributor in Getting Data In 06-14-2017 1 1	1	1
Adding and sorting key, value pairs in JSON array This is the way my data looks: { "NODE-A":{ "DATA":{ "SNR_DATA":{ "Cable3/0/3-... by evan_roggenkamp Path Finder in Getting Data In 06-14-2017 0 1	0	1
Splunk search using CSV file data as input I would like to search index=main type=router OR type=switch OR type=firewall OR type=sysproxy .. Instead i wan... by psalibindla9524 New Member in Getting Data In 06-14-2017 0 3	0	3
Is it possible to use the HTTP Event Collector with Morgan? In my Node.js(Express) Application I use Morgan as the logging library. Can we pass the logs to an Splunk Enterprise ... by tper1992 New Member in Getting Data In 06-13-2017 0 2	0	2
Spunk Forwarder troubleshooting Here's the scenario: UniversalForwarder1 already forwarding logs to Indexer1. UniversalForwarder1's IP is 10.226.xx.... by lloydknight Builder in Getting Data In 06-13-2017 0 5	0	5
No results in search deleted by patilsh Explorer in Getting Data In 06-13-2017 0 4	0	4
Why are these additional Splunk processes starting and stopping on Windows hosts configured with Universal Forwarders? I have a collection of Windows 2008R2 servers running the Universal Forwarder which I configured to forward Windows E... by TAE2112 Explorer in Getting Data In 06-13-2017 1 3	1	3
How to find domain from DNS log I am trying to compare dns log to a list of suspicions domain my dns log look like that : 22.333.xxx.apple.com www... by romiz2563 New Member in Getting Data In 06-13-2017 0 4	0	4
How to export a list containing Host Name, Host IP, Apps, Server Class, and Machine Type for a Splunk server? My group is taking over operations for a Splunk server brought over from an acquisition. We are trying to get a hand... by rbullard Engager in Getting Data In 06-13-2017 1 6	1	6
Is there a option to ingest application logs for only one applicaiton(process) on teh windows servers? Hi Is there a option to ingest the logs of only one process from the windows servers ignoring rest of the events? by kiran331 Builder in Getting Data In 06-13-2017 0 2	0	2
timestamp is outside of acceptable window I have a field in .csv file that have future dates. while uploading to Splunk, it shows the below error message and d... by rvisj New Member in Getting Data In 06-13-2017 0 3	0	3
handling future dates from csv hi, I have a csv file, having time field 'Start Time'. This field will have entries of current week dates as well as... by dsiob Communicator in Getting Data In 06-13-2017 0 7	0	7
Minimise return records by filtering date field Hi, I am running the below script successfully. However, I would like to now minimise the return results by only col... by Kaylenn New Member in Getting Data In 06-13-2017 0 3	0	3
i have column a,b,c and i want to delete only in b column where value is 2. remaining columns should have to be same. i tried with mvfilter but it makes empty all the columns. i want to delete/remove particular value and make the field empty a b c 1 2 3 2 1 4 4 1 2 1 2 3 by DataOrg Builder in Getting Data In 06-12-2017 0 3	0	3
How to troubleshoot why Splunk suddently stopped indexing logs after 1-2 months? I have splunk in domain mode set to look through 2 inputs over UNC path that are IIS logs. I have the inputs the same... by kkomar New Member in Getting Data In 06-12-2017 0 2	0	2
How can I route logs to a specific index based on host/source combo? We currently have our perf and N1 environments combined and I need to route certain logs to certain indexes based on ... by bport15 Path Finder in Getting Data In 06-12-2017 0 6	0	6
Unable to obfuscate data in IIS logs using SEDCMD Hi all, I need to strip cookie values from IIS events. The sourcetype is correctly set as "iis" and the following co... by bowendenning Path Finder in Getting Data In 06-12-2017 0 9	0	9
Why my sourcetypes under universal forwarder not showing up in Splunk GUI? We have a windows forwarder running on vm02, and forwarding data to vm01 which is the main Splunk Enterprise. we co... by ibob0304 Communicator in Getting Data In 06-10-2017 0 3	0	3
sedcmd incoming data based on host or index Hi, I have a SEDCMD simalar to SEDCMD-remove-values = s/<Value>.+<\/Value>/removed-by-splunk/g which works fin... by kritho Explorer in Getting Data In 06-09-2017 0 1	0	1