Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
simpkins1958

Can a macro be created for an application based on the application setup.xml?

Our server can input data into Splunk either via Syslog or Http Event Collector. In our Splunk application, we want t...
by simpkins1958 Contributor in Getting Data In 04-14-2016
0 3
0
3
dbcase

How to configure a universal forwarder to send data to a specific index on our Splunk Cloud instance?

Hi, I'm trying to send data to a specific index on our Splunk Cloud instance I've tried several methods found in an...
by dbcase Motivator in Getting Data In 04-14-2016
0 7
0
7
prakash007

How to troubleshoot why universal forwarders are reporting "Could not send data to output queue (parsingQueue), retrying..."?

I'm getting this message below on Universal Forwarders' splunkd.log... INFO BatchReader - Could not send data to ou...
by prakash007 Builder in Getting Data In 04-14-2016
0 5
0
5
abhay24

How to configure all forwarders from an old deployment server to a new deployment server?

We are migrating deployment-apps, Forwarders, from one Deployment server to another Deployment server. In the process...
by abhay24 Engager in Getting Data In 04-14-2016
0 2
0
2
stuartrking

How do I fix a large amount of duplicate events that are locking out my instance?

I've been tasked with installing Splunk Cloud on our hosted Windows environment, and I'm running into issues getting ...
by stuartrking Engager in Getting Data In 04-14-2016
0 9
0
9
nbowman

How to edit local a universal forwarder configuration that was pushed via deployment server?

I use my deployment server to deploy the Splunk Add-on for Microsoft Windows to Universal Forwarders. Splunk_TA_wind...
by nbowman Path Finder in Getting Data In 04-14-2016
0 4
0
4
Kaushikkatta03

Can we delete the Splunk internal log files which are running in the path /opt/splunk/var/log/splunk?

We have a storage outage in one of our client's Splunk servers. Can we delete the internal logs?
by Kaushikkatta03 Explorer in Getting Data In 04-14-2016
0 3
0
3
srinathd

Why are events that are sent to splunktcp://9816 from one Universal Forwarder to another UF going into the main index?

Events sent from one Universal Forwarder to another UF are going directly into the main index, even after I have spec...
by srinathd Contributor in Getting Data In 04-14-2016
0 7
0
7
joao_amorim

How to troubleshoot why a data input script inside an app is not running?

Hi I have a script that I want to put inside the appName/bin dir inside a specific app. Previously, the script was...
by joao_amorim Communicator in Getting Data In 04-14-2016
0 3
0
3
akira_splunk

Splunk Forwarder Windows Installation Fails with Error Code 1625

=== Verbose logging started: 4/4/2016 8:59:13 Build type: SHIP UNICODE 5.00.9600.00 Calling process: C:\Windows\sy...
by akira_splunk Splunk Employee Splunk Employee in Getting Data In 04-13-2016
0 1
0
1
jgarland_gap

Script to automate uploading diags to box.com

I wrote a script that will create a diag and upload it to a folder on box.com. I have a copy of this script in my NFS...
by jgarland_gap Engager in Getting Data In 04-13-2016
0 2
0
2
mdufrasne

Is it possible to add HttpEventCollectorTraceListener in .NET config file?

I am going off the question here: https://answers.splunk.com/answers/312914/httpeventcollectortracelistener-doesnt-fl...
by mdufrasne Explorer in Getting Data In 04-13-2016
0 11
0
11
sperschall

How to configure a forwarder to listen on tcp/udp for syslog for Splunk Light cloud service?

Hey, I'm new to Splunk, so I may be missing something... However, I can't seem to configure a forwarder to listen ...
by sperschall New Member in Getting Data In 04-13-2016
0 5
0
5
hulahoop

If compressing tsidx files in frozen archives, is it possible to ressurect frozen data without uncompressing?

In the sample cold to frozen script $SPLUNK_HOME/bin/compressedExport.sh.example, Splunk's tsidx files are gzipped du...
by hulahoop Splunk Employee Splunk Employee in Getting Data In 04-13-2016
1 3
1
3
sakarunanitk

How do I configure a universal forwarder to send data to the Splunk Cloud free trial?

Hi, I recently started using the Splunk Cloud free trial. I installed a universal forwarder locally and authorized i...
by sakarunanitk Explorer in Getting Data In 04-13-2016
0 13
0
13
dgrubb_splunk

On a Splunk 6.4.x system -- Unable to see remote inputs from Settings / Data Inputs / .. get 404 NOT found

I have run into this issue a couple of times, where an end user is unable to access the remote inputs on e.g. remote...
by dgrubb_splunk Splunk Employee Splunk Employee in Getting Data In 04-13-2016
0 1
0
1
splunkfly

I don't want to monitor or forward the Apache log files to Splunk server anymore. Is there any solution to stop it or delete it?

sudo /opt/splunkforwarder/bin/splunk add monitor /var/log/apache2 -index main -sourcetype Apache2 I don't want to m...
by splunkfly New Member in Getting Data In 04-13-2016
0 2
0
2
dmenon

Why is Splunk line breaking a single IDS Alert event into two events?

Splunk is breaking ids single event into two events, such as: 4/11/16 2:42:46.152 PM 04/11-14:42:46.152985 00:05:00...
by dmenon Explorer in Getting Data In 04-13-2016
0 7
0
7
splunkfly

How to configure Syslog-ng to receive Cisco switch log files into destination file /var/logs/cisco_switch.log

I'm able to get the Cisco switch log files from switch IP address to my machine, but how do I use and configure Syslo...
by splunkfly New Member in Getting Data In 04-13-2016
0 2
0
2
rbal_splunk

Upgrading a Splunk 5.0.5 Heavy Forwarder to a 6.x Universal Forwarder, how do we prevent reindexing of all events during migration?

Migrating from a Splunk 5.0.5 Heavy Forwarder to 6.x Universal Forwarder, we want to take over current checkpoints to...
by rbal_splunk Splunk Employee Splunk Employee in Getting Data In 04-13-2016
0 1
0
1
ajayvvs

How to configure outputs.conf on a forwarder to route logs to different sets of indexers?

We have single server where we installed a Splunk forwarder and we want to configure outputs.conf such a way that cer...
by ajayvvs New Member in Getting Data In 04-13-2016
0 1
0
1
TONYBYERS

Upgrading a univeral forwarder to a heavy weight forwarder

I need to upgrade a forwarder from a universal to a heavy weight one. Now I could just blow away my instance and star...
by TONYBYERS Path Finder in Getting Data In 04-13-2016
1 4
1
4
Arismore

How to extract JSON data based on a specific value, and why Splunk reordering my JSON data generated from a script at index-time?

Hello everybody, I have JSON data that I generate from a Python script. It looks like this: { "leaderboard": [ ...
by Arismore Explorer in Getting Data In 04-13-2016
0 3
0
3
seanbarbour

How do I figure out why custom conf files are not being imported?

I am in the process of moving my indexer to a new server, and in the process, I thought it would be a good idea to co...
by seanbarbour New Member in Getting Data In 04-12-2016
0 5
0
5
raby1996

How to ingest more than 1000 events using the monitor setting from the WUI

Hello all, My question is that I have a cvs file that is being updated every hour or so lets say its called test.csv...
by raby1996 Path Finder in Getting Data In 04-12-2016
0 1
0
1
Get Updates on the Splunk Community!

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...
Top Solution Authors
View All