Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

Is it essential to restart splunk universal forwarder after deletion of monitored logs?

Hello fellow ninjas, Good day. I'd like to ask if splunk uf restart is essential after I deleted a log file that i...

by Communicator in

How can I find a listing of all universal forwarders that I have in my Splunk environment?

Hello. How can I find a listing of all universal forwarders that I have in my Splunk environment?

by New Member in

HTTP Event Collector: How to troubleshoot why I'm getting a connection refused error?

I'm attempting to send a log event from a piece of Go code, but am receiving a connection refused error. If I use cur...

by Explorer in

How to index the "What's New in Splunk" Release Notes web pages?

I'd like to index "What's New in Splunk" for each version of Splunk as it becomes available, perhaps from the webpage...

by Motivator in

Splunk Universal Forwarder 6.5.3 installed on Windows 10 workstations stop

I am running Splunk Enterprise on a Windows Server 2012 R2 and have installed both the Splunk Universal Forwarder 6.5...

by Communicator in

Unable to find distsearch.conf file on my system and it is causing an error. Are my inputs and outputs configurations correct?

I'm having an issue getting the data in my .log files into splunk. I've tested connections, there are no firewall iss...

by Path Finder in

Indexing Zipped Files

I have about 500 excel files that I need to index into Splunk. If I upload each file individually, I pick my sourc...

by Communicator in

How do I forward to a vm and forward it out again?

Hi, how does one forward something like sysmon from 1 vm (guest1) to another vm (guest2) and then out to another p...

by Path Finder in

Splunk addon for Jboss vs addon for Tomcat

I have several Jboss web servers that I would like to perform monitoring on with Splunk. I've been doing research int...

by Explorer in

Filtering syslog inputs

Trying to filter syslog input from ESX hosts, without impacting any other syslog inputs. The ESX host names are 192.1...

by Communicator in

Host-Only Guest to Host-only Guest Forwarding not working?

Hi, Is it possible to forward data from a vmnet1 Host-Only VM Guest to another vmnet1 Host-Only VM Guest? I actual...

by Path Finder in

unarchive_cmd for python script to decode binary file in Windows

Further to my question the other day about decoding a binary file I finally got it working in Linux!!! https://ans...

by Builder in

How to add a timestamp to a CSV file that will display the creation time instead of default modtime when parsing?

I have the following problem: I receive some text files (comma separated) which I need to index and search. Proble...

by New Member in

How to Read a CSV file (with time-stamped data for past 24 hours) and Index the data

Hello All, My client's machine generates a daily data log (in csv format). How do one configure splunk to read & inde...

by Path Finder in

timestamp recognition on a split date and time with no prefix

I have events that start with a format similar to: 14-Jul-17,7:23:00 PM,7:23:36 PM,7:23:36 PM,-36,206 where the...

by Splunk Employee in

Calculating latency based on uuid

I'm trying to calculate request times for a web app to analyze latency. When a user clicks a button in the client UI,...

by New Member in

Upgrading Universal Forwarder from 5.0.2 to 6.5.4

Hello Splunk Experts, Recently, I've been tasked to upgrade a distributed Splunk environment with the condition as...

by Communicator in

What does splunk-parameter "--auto-ports"do?

This parameter is used in auto-install-scripts for the Universal Forwarder but I could not find any information about...

by Communicator in

Extract values for fields with the same name, but specifics come after value.

I'm using splunk to search my Cisco ISE logs. There is an ISE app, which is great, but has a pretty significant probl...

by Path Finder in

How can I tell if a heavy forwarder or universal forwarder was installed on a box?

I have a box that I didn't install that has a forwarder on it, but I'm not certain whether it's a Heavy Forwarder or ...

by Communicator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Is it essential to restart splunk universal forwarder after deletion of monitored logs?

How can I find a listing of all universal forwarders that I have in my Splunk environment?

HTTP Event Collector: How to troubleshoot why I'm getting a connection refused error?

How to index the "What's New in Splunk" Release Notes web pages?

Splunk Universal Forwarder 6.5.3 installed on Windows 10 workstations stop

Unable to find distsearch.conf file on my system and it is causing an error. Are my inputs and outputs configurations correct?

Indexing Zipped Files

How do I forward to a vm and forward it out again?

Splunk addon for Jboss vs addon for Tomcat

Filtering syslog inputs

Host-Only Guest to Host-only Guest Forwarding not working?

unarchive_cmd for python script to decode binary file in Windows

How to add a timestamp to a CSV file that will display the creation time instead of default modtime when parsing?

How to Read a CSV file (with time-stamped data for past 24 hours) and Index the data

timestamp recognition on a split date and time with no prefix

Calculating latency based on uuid

Upgrading Universal Forwarder from 5.0.2 to 6.5.4

What does splunk-parameter "--auto-ports"do?

Extract values for fields with the same name, but specifics come after value.

How can I tell if a heavy forwarder or universal forwarder was installed on a box?

Splunk Security Content for Threat Detection & Response, Q1 Roundup

Splunk Life | Happy Pride Month!

SplunkTrust | Where Are They Now - Michael Uschmann

how to ingest large volume of data to Splunk via R...

How to install a remote app into a Splunk Search H...

Splunk OTEL Forwarder- Is there a values.yaml file...

Renamed serverclass, but not updated in data input...

How do I ship json file uusing HTTP Event Collecto...