Getting Data In

Community Activity

Input data getting source type changed I used to have a PaloAlto firewall and i had it setup to syslog on ump/5514. I was also running a couple of PaloAlto ... by Jon_Irish Explorer in Getting Data In 03-27-2017 0 6	0	6
how to Generate report for top IP's on monthly basis? We receive 45-50 millions of data daily from various log sources(servers, network devices, proxy, cloud). we need to ... by swapsplunk Explorer in Getting Data In 03-27-2017 0 5	0	5
How to add a CSV lookup table - Splunk Light Free eval How can a CSV based lookup table be added to Splunk Light Free; and are lookup tables supported in Splunk Light Free?... by L479 Engager in Getting Data In 03-26-2017 0 7	0	7
Multicharacter Event Delimiter All, I have data that looks like this event_timestamp \| vendor_action \| http_method \| url \| user_dn \| src_ip \| sour... by jwhughes58 Contributor in Getting Data In 03-25-2017 0 3	0	3
Where can I get application logs regarding Splunk API? One of our Web/mobile team is considering an innovation project involving Splunk integration. Basically, better track... by Kaushikkatta03 Explorer in Getting Data In 03-25-2017 0 3	0	3
How to query against Splunk API a saved search without the search Id? Can someone suggest how to query against Splunk API for a saved search without the Search Id? Basically we have a req... by Mathanjey Explorer in Getting Data In 03-25-2017 0 7	0	7
2 different fields from different csv. Hi. can you please help me in making a search command for the below result? "resource name" is a field name of my csv... by mrccasi Explorer in Getting Data In 03-24-2017 0 7	0	7
How to import pdf file in Splunk with automated script Hello All, I have requirement where i need to monitor pdf files and import in splunk for searching. But found that ... by snehalk Communicator in Getting Data In 03-24-2017 2 4	2	4
Why are my Scripted Input XML events truncated to 4 lines? I have scripted input that's calling a simple rest service to get a list of messages. No matter what settings I put ... by jercra Explorer in Getting Data In 03-23-2017 0 4	0	4
How to parse Microsoft-Windows-TaskScheduler/Operational logs? Can someone help me out with a regular expression to parse Microsoft-Windows-TaskScheduler/Operational logs? I don't ... by kinkster Explorer in Getting Data In 03-23-2017 0 3	0	3
How to edit my AMI of Splunk's inputs.conf to allow TLS connections? I am inexperienced with both Splunk and AWS, so keep that in mind.  I wish to edit my AMI of Splunk Enterprise's inp... by npiagentini New Member in Getting Data In 03-23-2017 0 3	0	3
How to update input on Universal Forwarder using deployment server Presently, I configured a deployment server - the deploymentclient.conf is present on each server - Should be possibl... by arkonner Path Finder in Getting Data In 03-23-2017 0 2	0	2
How to edit my transforms.conf in order to set the sourcetype for each syslog being forwarded? Hello, I have a customer sending three different kind of logs via syslog. I am pulling the logs off of a network fee... by a548506 Path Finder in Getting Data In 03-23-2017 1 8	1	8
Add / Remove desired indexes in / from the search I'm using this search => index=_internal source="license_usage.log" type=usage idx="f" \| eval MB = round(b/104857... by mrzmsmglsnk Explorer in Getting Data In 03-23-2017 0 2	0	2
Why is the retention policy not working on certain indexes (to delete indexed data that are older then 1 year)? Hi All, Currently we facing a storage issue in one of the indexer instances, though the retention policy has set for ... by Hemnaath Motivator in Getting Data In 03-23-2017 0 4	0	4
AIX上のUFを起動するとSplunkWebサービスが起動できない旨のメッセージが表示される AIX上にあるUFを起動すると下記のエラーメッセージが splunkd.logに出力されます。 WARN DC:DeploymentClient - Restarting Splunkd... WARN Restarter - R... by CurryPan Communicator in Getting Data In 03-23-2017 1 2	1	2
Why is "machineTypesFilter" not pushing to both Windows apps? I've got an odd issues where my Linux clients are getting the 'forward logs' app, but my Windows ones are not. My Wi... by rgonzale6 Path Finder in Getting Data In 03-23-2017 0 2	0	2
How to resolve error "SRC did not 'startsrc splunkweb' on our behalf: exit code=1" when restarting a 6.0.13 universal forwarder on AIX? My Splunk Deploy Server is CentOS 6.7 The UF, Splunk Universal Forwarder 6.0.13 running on server, AIX 7.1. If you ... by sylim_splunk Splunk Employee in Getting Data In 03-23-2017 1 4	1	4
How to configure a Splunk forwarder for a network switch/router? Hello Team: We would like to capture the network traffic data at a network switch/router level and then we want to f... by lavkush New Member in Getting Data In 03-22-2017 0 9	0	9
Hide Radio Input in Dashboard Does anyone know how to hide a radio input in a Dashboard? We have a regex calculation that we've assigned to a radi... by sidekix24 Path Finder in Getting Data In 03-22-2017 0 5	0	5
How do you enable debug logging for scripted input I am trying to debug a scripted input that isn't running when it should and I want to enable debug logging. When I l... by kbecker Communicator in Getting Data In 03-22-2017 1 4	1	4
How to log REST API calls? Hi, I am trying to debug Splunk REST API calls and need verbose logging of life cycle of that transaction on server ... by abhisawa Explorer in Getting Data In 03-22-2017 1 2	1	2
How to properly parse my JSON input? Hi, I have a JSON input file, and am having two issues. First, I can't seem to get the timestamp to map appropriate... by a212830 Champion in Getting Data In 03-22-2017 0 8	0	8
Is it possible to configure Splunk to show the filename only and not the contents of the file we're monitoring? In the Splunk deployment we have, I'm using the Splunk universal forwarder to monitor changes to a folder, specifical... by haroldbe Engager in Getting Data In 03-21-2017 0 6	0	6
How to access a JSON that does not have a field name? Hi All, I've used spath before to access JSON, but the log entry i currently have does not have a name associated to... by wantjoule Engager in Getting Data In 03-21-2017 1 2	1	2