Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
AlesFrohlich

What happened if universal forwarder is pointed to a new Deployment server?

Hello, Situation: - Universal forwarder pointed to a temp Deployment server - Two applications are deployed on the U...
by AlesFrohlich Explorer in Getting Data In 05-04-2017
0 1
0
1
onkarkore1

Search query to check 50-100 forwarders phoning home status from thousands of forwarders.

Hi, We have thousands of forwarders installed. Our requirement is to check status of only 50-100 forwarders from tho...
by onkarkore1 Explorer in Getting Data In 05-04-2017
0 13
0
13
sahils

SPlunk API

How grant required access & end point information for accessing the Splunk API? Please help us how we can grant acce...
by sahils New Member in Getting Data In 05-04-2017
0 1
0
1
andreigro

How to filter search result based on case condition

Hi guys, I'm new to splunk and I have one issue with filtering my search results based on a case condition My search ...
by andreigro New Member in Getting Data In 05-04-2017
0 3
0
3
namrithadeepak

Regex in summary index

Hi, I have a lot of searches like this: Search 1: | common regex | stats using some fields extracted in regex Sea...
by namrithadeepak Path Finder in Getting Data In 05-03-2017
0 2
0
2
monteirolopes

Parsing XML log files

Hi, I would to like to index a log in xml format and I would to like to parse it so that the content of each event w...
by monteirolopes Communicator in Getting Data In 05-03-2017
0 1
0
1
vysakhnubelity

Splunk server not recieving data from node

I have a splunk enterprise server and a node configured with Linux forwarder. These are the things configured in both...
by vysakhnubelity New Member in Getting Data In 05-03-2017
0 2
0
2
Bill_B

Windows events: Why no data in the "Message" field?

I have a heavy forwarder on a win2008R2 server. Windows security logs are being written to a file on that forwarder a...
by Bill_B Communicator in Getting Data In 05-03-2017
0 10
0
10
wardallen

Has anyone come across monitoring an XML logfile that gets completely re-indexed when an event is added? How do you handle this?

I need to monitor an application logfile, and have a problem with the default way Splunk "tails" a file. This partic...
by wardallen Path Finder in Getting Data In 05-03-2017
2 3
2
3
nathanlhopkins

DateParserVerbose - Failed to parse timestamp. Defaulting to timestamp of previous event

In my Splunkd log for one of our webspheres I'm finding multiple entries with; DateParserVerbose - Failed to parse t...
by nathanlhopkins Path Finder in Getting Data In 05-03-2017
1 4
1
4
varunchhabra

How to extract fields from my log when every record in the log has different position of the field?

I have a log file that contains time stamped events. The type of action done is defined by the string parameter like ...
by varunchhabra New Member in Getting Data In 05-03-2017
0 2
0
2
sgurugubelli

Log file looks like below. In this log file two events are there and remaining stack trace. Need to group these two events. For each error starts with extra time stamp "06:45:00,186". How do we set values in Splunk prop file. Thanks in advance.

FINEST|3016/0|16-11-03 06:45:00|06:45:00,186 ERROR [SecurityManagerAudit] [Overall test] [134981.test] .getGebruiker(...
by sgurugubelli New Member in Getting Data In 05-03-2017
0 3
0
3
ddrillic

How do we determine whether a forwarder phoned home recently?

Is there a rest call to figure out whether a forwarder phoned home in the past hour? We would like to run this call a...
by ddrillic Ultra Champion in Getting Data In 05-03-2017
0 3
0
3
sylim_splunk

HTTP_PROXY and modular input

We developed an Splunk app which uses a modular input going out to the internet to collect data. We have to go throug...
by sylim_splunk Splunk Employee Splunk Employee in Getting Data In 05-02-2017
0 1
0
1
vsabbis

Does Splunk have OCR capability?

I am trying to utilize Splunk to implement entity extraction or text mining. I have huge number of PDF, TIFF, and HTM...
by vsabbis New Member in Getting Data In 05-02-2017
0 4
0
4
derekslenk

Some logs have timestamps in filename, some don't, combine into 1

Hello, We are having problems with logging a certain file pattern, which is coming from Sitecore (shouldn't matter)....
by derekslenk New Member in Getting Data In 05-02-2017
0 2
0
2
gregwilliams

remove out section of log

We just installed the universal forwarder on our domain controllers and are getting events just fine, however in most...
by gregwilliams Path Finder in Getting Data In 05-02-2017
1 9
1
9
tollops

Forwarder Management - Clients list unsorted

Hi; When in the Forward Management - > Client list, it shows a list of all the current Forwarders that are connectin...
by tollops Explorer in Getting Data In 05-01-2017
1 4
1
4
a548506

How do I ignore a string of asterisks ("*") in props.conf?

Hello I am trying to ignore a string of ***** that are showing up in my data. The asterisks are showing up before Pro...
by a548506 Path Finder in Getting Data In 05-01-2017
0 3
0
3
perfecto25

Windows splunk forwarder not sending data

Hello, I have a win2008 fwd not sending data to a custom index we have several indexers + 1 searchhead (all centos) ...
by perfecto25 Path Finder in Getting Data In 05-01-2017
0 5
0
5
MousumiChowdhur

Splunk Universal Forwarder is not able to send monitored file's logs to Splunk Indexers though sending internal logs properly

Hi All, I have six forwarders and two indexers to which these are supposed to send data. The six forwarders have mul...
by MousumiChowdhur Contributor in Getting Data In 04-30-2017
0 2
0
2
mudragada

Splunk UF clients phoned but are not indexing logs

I've deployed the deployment-app on the deployment client from deployment server. The server appeared on the phoned ...
by mudragada Path Finder in Getting Data In 04-30-2017
0 10
0
10
himynamesdave

How to edit my outputs.conf to distribute data between different indexers?

I have 3 indexers (A, B, C) A and B are in one zone, C in another zone. From my forwarders I want to load balance d...
by himynamesdave Contributor in Getting Data In 04-29-2017
0 1
0
1
jtsplunk1

Is there a way to retrieve Universal Forwarder configuration remotely for security configuration compliance auditing?

Hi, I am developing a plugin for my organisation's security configuration compliance auditing system, and some Window...
by jtsplunk1 Engager in Getting Data In 04-29-2017
0 10
0
10
vr2312

Inputs for Windows Registry

Hello All I am looking for suggestions on monitoring Windows Registry for a particular attribute. We are looking to ...
by vr2312 Builder in Getting Data In 04-28-2017
0 10
0
10
Get Updates on the Splunk Community!

Unlocking Unified Insights: New Gigamon Federated Search App for Splunk

In today’s data-heavy environment, organizations are caught in a data distribution dilemma. As data volumes ...

GA: New Data Management App in Splunk Platform

Streamlining Data Management: Introducing a unified experience in Splunk Managing data at scale shouldn’t feel ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...
Top Solution Authors
View All