Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
eyirik

Reading vehicle network data ..

Hi i want to read vehicle data in Splunk.. Data is seen on vehice network like below: ID data le...
by eyirik Explorer in Getting Data In 11-20-2016
0 1
0
1
gianpaolodelgro

How should I implement a Splunk architecture on a 2 virtual machine, development environment?

Hi, we have to implement a Splunk architecture (for a development/test environment). We have 2 virtual devices, and w...
by gianpaolodelgro New Member in Getting Data In 11-18-2016
0 4
0
4
pavanae

Deployment client is not indexing data to the Deployment server? (50 credit will be rewarder for the person who found the solution)

Hi the following were the splunkd.log messages in the deployment client. I don't know why it isn't showing any warnin...
by pavanae Builder in Getting Data In 11-18-2016
0 7
0
7
nmensah

How do I configure the Deployment Server to have a Universal Forwarder send logs to a specific index?

Hello everyone, I have in theory a very simple question. Hopefully this is as simple as I think it is. I have a depl...
by nmensah Explorer in Getting Data In 11-18-2016
1 5
1
5
TheJagoff

An index was not prepared to ingest data, so I cannot see events from previous days. How do I fix this?

Hello, I forgot to have an index ready when I started to ingest data (log file with data from last week to present) ...
by TheJagoff Communicator in Getting Data In 11-18-2016
1 2
1
2
yqifan83

In props.conf, why is BREAK_ONLY_BEFORE_DATE not properly line breaking my events?

My props.conf is like: BREAK_ONLY_BEFORE_DATE = true TIME_PREFIX = GMT TIME_FORMAT = %Y-%m-%dT%H:%M:%S.%3N MAX_DAYS_...
by yqifan83 New Member in Getting Data In 11-18-2016
0 6
0
6
brian1_tate

What do Splunk Ninjas think are the top three daily Splunk tasks in a large distributed environment?

Hello all, I am trying to build a workflow for our new Splunk product and want to know what top three regular daily ...
by brian1_tate Path Finder in Getting Data In 11-18-2016
0 8
0
8
anaqvi

How to edit my universal forwarder monitor stanza to index Active Directory server logs?

I am trying to monitor the Active Directory Server for logs. I have a universal forwarder installed on a Windows AD S...
by anaqvi Explorer in Getting Data In 11-18-2016
0 1
0
1
prabhasgupte

How to add modular data inputs using Splunk command line?

I am trying to install a TA from Splunk command line. Referring to http://docs.splunk.com/Documentation/Splunk/6.5.0/...
by prabhasgupte Communicator in Getting Data In 11-18-2016
0 1
0
1
guimilare

How to alert when the last event in an index is older than 1 hour, and if any forwarder has not phoned home in the last hour?

Hello Splunkers. I'm working on 2 scenarios, and I'm sure you guys can help me. Scenario 1: We have about 15 indexe...
by guimilare Communicator in Getting Data In 11-18-2016
0 2
0
2
rodneyjerome

Custom command for json event

Hi, I'm using the below line, while creating custom command for key value field extraction. My events are in json f...
by rodneyjerome Explorer in Getting Data In 11-18-2016
0 7
0
7
khreddy777

How to load data into multiple indexes based on the event data?

Can I dynamically assign index value at the indexer level to the events based on the data and load the data into the ...
by khreddy777 New Member in Getting Data In 11-18-2016
0 1
0
1
gijoesplunk

How to configure Splunk to log IP information from Squid proxy servers?

Hi everyone, I want to ask about Splunk and Squid proxy serveri have 3 proxies, let say: IP Proxy1: 192.168.1.10 IP P...
by gijoesplunk New Member in Getting Data In 11-18-2016
0 3
0
3
fisuser1

Where do I put the outputs.conf file to disable indexing on my search head?

Where do I put the outputs.conf file to disable indexing on my search head? Does this go in /splunk/etc/system/local...
by fisuser1 Contributor in Getting Data In 11-17-2016
0 2
0
2
abhsha

How to best configure Splunk syslog and Cisco Sourcefire Defense Center?

Hi, I am new to Splunk and I'm trying to configure the Syslog for Sourcefire Defense Center. I am using the latest v...
by abhsha Engager in Getting Data In 11-17-2016
0 20
0
20
criferr

Where can I find data I added into Splunk?

Hi, I followed the Splunk guide http://docs.splunk.com/Documentation/Splunk/6.1.11/SearchTutorial/Getthetutorialdata...
by criferr New Member in Getting Data In 11-17-2016
0 6
0
6
pereest

IP address vs hostname

Dear Splunkers, We recently have set up SPLUNK as a syslog to gather all the logs of our Cisco routers and switches....
by pereest New Member in Getting Data In 11-17-2016
0 6
0
6
phagunbaya

Events missing via http event collector

I'm seeing a behaviour where some of my events are missing after been sent to http event collector. I'm sending singl...
by phagunbaya Explorer in Getting Data In 11-17-2016
1 6
1
6
knutsod

Splunk Deployment App Configurations on Universal Forwarder not Working

I am using a deployment server to push out an "app" that has an input.conf file and output.conf file in the local dir...
by knutsod Path Finder in Getting Data In 11-17-2016
0 5
0
5
joepappano

How to resolve the parsing of key value pairs in a URL?

I have log data that contains URLs like the example below. The automatic parsing of key value pairs works very well. ...
by joepappano New Member in Getting Data In 11-17-2016
0 1
0
1
joy76

ip2decimal command is exist. Is decimal2ip command exist?

Hi~ ip2decimal command is exist. Is decimal2ip command exist? example> | eval foo="210.192.120.23" | ip2decimal | ...
by joy76 Path Finder in Getting Data In 11-17-2016
0 3
0
3
jacksonecac

How can I configure Splunk to parse the date and time from my sample log?

I am probably having a simple problem that me being a Splunk noobie is having trouble solving. I have logs that I wou...
by jacksonecac New Member in Getting Data In 11-17-2016
0 1
0
1
jmp13

export to CSV file empty

I am trying to export data to a CSV file which has always worked before I upgraded to version 6. The CSV file is blan...
by jmp13 Explorer in Getting Data In 11-17-2016
1 1
1
1
dahraziel

Why is my splunkweb service not running?

Splunk Ent Vers. 6.0 Windows Server 2012 Browser IE 10 Port http://localhost:8080 I am unable to access the Splunk W...
by dahraziel New Member in Getting Data In 11-16-2016
0 2
0
2
mmensch

How to edit my props.conf to linebreak a Simple XML log into multiple events?

Hi, I have been trying to implement a stanza to break a long line of XML into multiple events, but it is not functio...
by mmensch Path Finder in Getting Data In 11-16-2016
0 1
0
1
Get Updates on the Splunk Community!

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...
Top Solution Authors
View All