Getting Data In

Community Activity

2 different fields from different csv. Hi. can you please help me in making a search command for the below result? "resource name" is a field name of my csv... by mrccasi Explorer in Getting Data In 03-24-2017 0 7	0	7
How to import pdf file in Splunk with automated script Hello All, I have requirement where i need to monitor pdf files and import in splunk for searching. But found that ... by snehalk Communicator in Getting Data In 03-24-2017 2 4	2	4
Why are my Scripted Input XML events truncated to 4 lines? I have scripted input that's calling a simple rest service to get a list of messages. No matter what settings I put ... by jercra Explorer in Getting Data In 03-23-2017 0 4	0	4
How to parse Microsoft-Windows-TaskScheduler/Operational logs? Can someone help me out with a regular expression to parse Microsoft-Windows-TaskScheduler/Operational logs? I don't ... by kinkster Explorer in Getting Data In 03-23-2017 0 3	0	3
How to edit my AMI of Splunk's inputs.conf to allow TLS connections? I am inexperienced with both Splunk and AWS, so keep that in mind.  I wish to edit my AMI of Splunk Enterprise's inp... by npiagentini New Member in Getting Data In 03-23-2017 0 3	0	3
How to update input on Universal Forwarder using deployment server Presently, I configured a deployment server - the deploymentclient.conf is present on each server - Should be possibl... by arkonner Path Finder in Getting Data In 03-23-2017 0 2	0	2
How to edit my transforms.conf in order to set the sourcetype for each syslog being forwarded? Hello, I have a customer sending three different kind of logs via syslog. I am pulling the logs off of a network fee... by a548506 Path Finder in Getting Data In 03-23-2017 1 8	1	8
Add / Remove desired indexes in / from the search I'm using this search => index=_internal source="license_usage.log" type=usage idx="f" \| eval MB = round(b/104857... by mrzmsmglsnk Explorer in Getting Data In 03-23-2017 0 2	0	2
Why is the retention policy not working on certain indexes (to delete indexed data that are older then 1 year)? Hi All, Currently we facing a storage issue in one of the indexer instances, though the retention policy has set for ... by Hemnaath Motivator in Getting Data In 03-23-2017 0 4	0	4
AIX上のUFを起動するとSplunkWebサービスが起動できない旨のメッセージが表示される AIX上にあるUFを起動すると下記のエラーメッセージが splunkd.logに出力されます。 WARN DC:DeploymentClient - Restarting Splunkd... WARN Restarter - R... by CurryPan Communicator in Getting Data In 03-23-2017 1 2	1	2
Why is "machineTypesFilter" not pushing to both Windows apps? I've got an odd issues where my Linux clients are getting the 'forward logs' app, but my Windows ones are not. My Wi... by rgonzale6 Path Finder in Getting Data In 03-23-2017 0 2	0	2
How to resolve error "SRC did not 'startsrc splunkweb' on our behalf: exit code=1" when restarting a 6.0.13 universal forwarder on AIX? My Splunk Deploy Server is CentOS 6.7 The UF, Splunk Universal Forwarder 6.0.13 running on server, AIX 7.1. If you ... by sylim_splunk Splunk Employee in Getting Data In 03-23-2017 1 4	1	4
How to configure a Splunk forwarder for a network switch/router? Hello Team: We would like to capture the network traffic data at a network switch/router level and then we want to f... by lavkush New Member in Getting Data In 03-22-2017 0 9	0	9
Hide Radio Input in Dashboard Does anyone know how to hide a radio input in a Dashboard? We have a regex calculation that we've assigned to a radi... by sidekix24 Path Finder in Getting Data In 03-22-2017 0 5	0	5
How do you enable debug logging for scripted input I am trying to debug a scripted input that isn't running when it should and I want to enable debug logging. When I l... by kbecker Communicator in Getting Data In 03-22-2017 1 4	1	4
How to log REST API calls? Hi, I am trying to debug Splunk REST API calls and need verbose logging of life cycle of that transaction on server ... by abhisawa Explorer in Getting Data In 03-22-2017 1 2	1	2
How to properly parse my JSON input? Hi, I have a JSON input file, and am having two issues. First, I can't seem to get the timestamp to map appropriate... by a212830 Champion in Getting Data In 03-22-2017 0 8	0	8
Is it possible to configure Splunk to show the filename only and not the contents of the file we're monitoring? In the Splunk deployment we have, I'm using the Splunk universal forwarder to monitor changes to a folder, specifical... by haroldbe Engager in Getting Data In 03-21-2017 0 6	0	6
How to access a JSON that does not have a field name? Hi All, I've used spath before to access JSON, but the log entry i currently have does not have a name associated to... by wantjoule Engager in Getting Data In 03-21-2017 1 2	1	2
How can I pull out values in a log path and route it to a specific index? I am looking to route logs to different indexes based on a specific value identified in the log path. For example: ... by bport15 Path Finder in Getting Data In 03-21-2017 0 9	0	9
Line breaks and the 'Add Data' process I'm a fairly inexperience Splunk admin, and I've used the Add Data feature a couple of times to test out new sourcety... by _smp_ Builder in Getting Data In 03-21-2017 0 5	0	5
Is there a way to specify how Splunk handles future dates? I have a system that sometimes gets its clock messed up and starts sending events that are in the future. Splunk is ... by lyndac Contributor in Getting Data In 03-21-2017 1 3	1	3
Why is the timestamp of event data not being recognized and events are not breaking? I initially tried auto, but was getting the same issue of the event data not line breaking correctly. I tried to modi... by rewritex Contributor in Getting Data In 03-21-2017 0 5	0	5
How do I delete old log data past a certain time on an index? We're running out of disk space. How do I delete old log data past a certain time on an index? If I set a max inde... by bayman Path Finder in Getting Data In 03-21-2017 0 3	0	3
How to max out Windows forwarder file descriptors limits? I'm trying to max out Windows forwarder file limits. When using "max_fd" in limits.conf, I get the following warning:... by ehudb Contributor in Getting Data In 03-21-2017 0 1	0	1