Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
CanadianTrevorS

Extracting data from complicated JSON, match a value

I have JSON in the following format: [ { "nameValues": [], "offeringId": "a" }, { "n...
by CanadianTrevorS New Member in Getting Data In 01-28-2017
0 4
0
4
momori

How to prevent numeric values from turning into a string using the REST API?

I'm trying to do a summation of different fields doing a CURL call using the Splunk REST API. Here's what I have: c...
by momori Explorer in Getting Data In 01-28-2017
0 3
0
3
PepePelotas

Where do I configure the host in Splunk Light to collect data from a socket of an external device?

I am evaluating Splunk Light. I want to collect data from a socket port on an external device. I was hoping that by c...
by PepePelotas New Member in Getting Data In 01-28-2017
0 2
0
2
wyfwa4

Why am I getting duplicate saved search results after copying an app?

I have two apps which have the same saved searches defined in their own savedsearches.conf files, however, rather tha...
by wyfwa4 Communicator in Getting Data In 01-27-2017
0 3
0
3
lib_systems

After installing a Splunk 6.4 universal forwarder, why are events indexed with the shortname instead of FQDN for the hostname?

After an initial installation of the Universal Forwarder (6.4.0), I immediately changed the hostname values to use th...
by lib_systems Path Finder in Getting Data In 01-27-2017
0 5
0
5
kcnolan13

Why is REST API removing a leading pipe before an "inputcsv" command?

It appears that my use of the REST API is somehow causing a leading pipe to be stripped before an inputcsv command. I...
by kcnolan13 Communicator in Getting Data In 01-27-2017
1 20
1
20
gjacobson

Can I run Splunk Light on a Microsoft Windows Virtual Server?

I am trying to determine if I can run Splunk Light on a Microsoft Windows Virtual Server. Is this possible?
by gjacobson New Member in Getting Data In 01-27-2017
0 3
0
3
heathramos

Windows Infrastructure: What would cause the Print Job Viewer to stop working?

I set up our print server to send print job info to Splunk recently and it worked for awhile. For some reason, it ha...
by heathramos Path Finder in Getting Data In 01-27-2017
0 1
0
1
mlorch

How do I reindex data with change of crcSalt if crcSalt = is used?

I have a data input which uses crcSalt = <SOURCE> Task is to reindex these data. Preferably using the crcSalt opt...
by mlorch Path Finder in Getting Data In 01-27-2017
0 5
0
5
Jason

Force Re-Enumeration of all AD objects with ADmon?

From my understanding, ADmon will pull down all objects in AD on first run, then only report changes from then on. Ho...
by Jason Motivator in Getting Data In 01-27-2017
3 6
3
6
patriziadepaola

In Windows Security logs, why does Splunk incorrectly solves some data?

Good morning, I noticed that Splunk (v. 6.5.1) does not properly report some fields of security event logs collected...
by patriziadepaola Explorer in Getting Data In 01-27-2017
0 9
0
9
ankithreddy777

Can we configure some Universal Forwarders to forward data to port 9998 with SSL on indexers and the remaining Universal Forwarders to forward data to port 9997 without SSL on same indexers?

Can we configure some Universal Forwarders to forward data to port 9998 with SSL on indexers and the remaining Univer...
by ankithreddy777 Contributor in Getting Data In 01-26-2017
0 1
0
1
jimrantoday

TCP data input: Why is splunk receiving only some data? Is there a limit that needs to be configured?

Hello team, When sent data from my cloudbees syslog java client using tcp data input, only some data is making it to...
by jimrantoday Explorer in Getting Data In 01-26-2017
2 8
2
8
schose

After configuring props and transforms to extract the host from events, why are no results returned searching the host field?

Hi Forum, i'm dealing with collectd data. This data generates events looking like this: hostname.cpu-0.cpu-wait 0 ...
by schose Builder in Getting Data In 01-26-2017
1 5
1
5
ankithreddy777

Can we configure the forwarders to use SFTP for transferring the files?

Can we configure the forwarders to use SFTP for transferring the files? If not is there any way to encrypt data by Un...
by ankithreddy777 Contributor in Getting Data In 01-26-2017
1 1
1
1
splunker12er

date_zone field has value 'local' & '0'

HI, Splunk Version : Splunk 6.1.1 Splunk Universal forwarder : version 5.0.4 I see the field 'date_zone' has values...
by splunker12er Motivator in Getting Data In 01-26-2017
1 3
1
3
packet_hunter

Why does my tstats search only show results for the main index?

|tstats values(sourcetype) by index I have 10 indexes, but I only get "main" when I run the search above. How can ...
by packet_hunter Contributor in Getting Data In 01-26-2017
0 1
0
1
splunkto

Is there a way to set a tag by source in inputs.conf?

I'm writing an app where it has multiple sources that will be assigned to the sourcetype log4j. Searching for these l...
by splunkto Explorer in Getting Data In 01-26-2017
0 2
0
2
brent_weaver

How to bulk delete multiple hosts from Splunk that have not phoned home within a set interval?

Good morning. I am brand new to Splunk and so far so good  We operate in the MS Azure Cloud and many of our systems...
by brent_weaver Builder in Getting Data In 01-26-2017
1 10
1
10
tesorrells

How to pull Sharepoint document library meta data into Splunk?

I want to create a Splunk app that uses document meta data from a document library to create reports based on their m...
by tesorrells New Member in Getting Data In 01-26-2017
0 5
0
5
dshakespeare_sp

Why has Splunk stopped indexing my files?

Customer reported that a standalone Splunk Indexer had stopped indexing any monitored files. They also noticed that :...
by dshakespeare_sp Splunk Employee Splunk Employee in Getting Data In 01-26-2017
1 2
1
2
dshakespeare_sp

Why am I unable to delete indexes from the Splunk Web? Why do I have to restart Splunk when I create a new Index from Splunk Web?

Customer reported several issue with Index Management using the Splunk Web: - Unable to create new Indexes from Setti...
by dshakespeare_sp Splunk Employee Splunk Employee in Getting Data In 01-26-2017
1 1
1
1
gpaks

Why is an indexer in a cluster reporting "CMMessages - got genid thats invalid or out of range, setting to INVALID_GENID"?

Hello, I have an indexer node running Splunk Version 6.3.2 (build aaff59bb082c) that constantly outputs the followin...
by gpaks Engager in Getting Data In 01-26-2017
2 3
2
3
rewritex

How do i convert/fix my cooked data to human readable data?

I've installed a universal forwarder(A) on a linux box which monitors a .log file and forwards data to an intermediat...
by rewritex Contributor in Getting Data In 01-25-2017
0 5
0
5
gph12

How do I remove host from Data Summary screen but keep data?

Hello, I'm looking for advice on how to handle systems that are removed from the network. We have several hundred...
by gph12 Explorer in Getting Data In 01-25-2017
0 2
0
2
Get Updates on the Splunk Community!

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...
Top Solution Authors
View All