Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
prakash007

How to troubleshoot why universal forwarders are reporting "Could not send data to output queue (parsingQueue), retrying..."?

I'm getting this message below on Universal Forwarders' splunkd.log... INFO BatchReader - Could not send data to ou...
by prakash007 Builder in Getting Data In 04-14-2016
0 5
0
5
abhay24

How to configure all forwarders from an old deployment server to a new deployment server?

We are migrating deployment-apps, Forwarders, from one Deployment server to another Deployment server. In the process...
by abhay24 Engager in Getting Data In 04-14-2016
0 2
0
2
stuartrking

How do I fix a large amount of duplicate events that are locking out my instance?

I've been tasked with installing Splunk Cloud on our hosted Windows environment, and I'm running into issues getting ...
by stuartrking Engager in Getting Data In 04-14-2016
0 9
0
9
nbowman

How to edit local a universal forwarder configuration that was pushed via deployment server?

I use my deployment server to deploy the Splunk Add-on for Microsoft Windows to Universal Forwarders. Splunk_TA_wind...
by nbowman Path Finder in Getting Data In 04-14-2016
0 4
0
4
Kaushikkatta03

Can we delete the Splunk internal log files which are running in the path /opt/splunk/var/log/splunk?

We have a storage outage in one of our client's Splunk servers. Can we delete the internal logs?
by Kaushikkatta03 Explorer in Getting Data In 04-14-2016
0 3
0
3
srinathd

Why are events that are sent to splunktcp://9816 from one Universal Forwarder to another UF going into the main index?

Events sent from one Universal Forwarder to another UF are going directly into the main index, even after I have spec...
by srinathd Contributor in Getting Data In 04-14-2016
0 7
0
7
joao_amorim

How to troubleshoot why a data input script inside an app is not running?

Hi I have a script that I want to put inside the appName/bin dir inside a specific app. Previously, the script was...
by joao_amorim Communicator in Getting Data In 04-14-2016
0 3
0
3
akira_splunk

Splunk Forwarder Windows Installation Fails with Error Code 1625

=== Verbose logging started: 4/4/2016 8:59:13 Build type: SHIP UNICODE 5.00.9600.00 Calling process: C:\Windows\sy...
by akira_splunk Splunk Employee Splunk Employee in Getting Data In 04-13-2016
0 1
0
1
jgarland_gap

Script to automate uploading diags to box.com

I wrote a script that will create a diag and upload it to a folder on box.com. I have a copy of this script in my NFS...
by jgarland_gap Engager in Getting Data In 04-13-2016
0 2
0
2
mdufrasne

Is it possible to add HttpEventCollectorTraceListener in .NET config file?

I am going off the question here: https://answers.splunk.com/answers/312914/httpeventcollectortracelistener-doesnt-fl...
by mdufrasne Explorer in Getting Data In 04-13-2016
0 11
0
11
sperschall

How to configure a forwarder to listen on tcp/udp for syslog for Splunk Light cloud service?

Hey, I'm new to Splunk, so I may be missing something... However, I can't seem to configure a forwarder to listen ...
by sperschall New Member in Getting Data In 04-13-2016
0 5
0
5
hulahoop

If compressing tsidx files in frozen archives, is it possible to ressurect frozen data without uncompressing?

In the sample cold to frozen script $SPLUNK_HOME/bin/compressedExport.sh.example, Splunk's tsidx files are gzipped du...
by hulahoop Splunk Employee Splunk Employee in Getting Data In 04-13-2016
1 3
1
3
sakarunanitk

How do I configure a universal forwarder to send data to the Splunk Cloud free trial?

Hi, I recently started using the Splunk Cloud free trial. I installed a universal forwarder locally and authorized i...
by sakarunanitk Explorer in Getting Data In 04-13-2016
0 13
0
13
dgrubb_splunk

On a Splunk 6.4.x system -- Unable to see remote inputs from Settings / Data Inputs / .. get 404 NOT found

I have run into this issue a couple of times, where an end user is unable to access the remote inputs on e.g. remote...
by dgrubb_splunk Splunk Employee Splunk Employee in Getting Data In 04-13-2016
0 1
0
1
splunkfly

I don't want to monitor or forward the Apache log files to Splunk server anymore. Is there any solution to stop it or delete it?

sudo /opt/splunkforwarder/bin/splunk add monitor /var/log/apache2 -index main -sourcetype Apache2 I don't want to m...
by splunkfly New Member in Getting Data In 04-13-2016
0 2
0
2
dmenon

Why is Splunk line breaking a single IDS Alert event into two events?

Splunk is breaking ids single event into two events, such as: 4/11/16 2:42:46.152 PM 04/11-14:42:46.152985 00:05:00...
by dmenon Explorer in Getting Data In 04-13-2016
0 7
0
7
splunkfly

How to configure Syslog-ng to receive Cisco switch log files into destination file /var/logs/cisco_switch.log

I'm able to get the Cisco switch log files from switch IP address to my machine, but how do I use and configure Syslo...
by splunkfly New Member in Getting Data In 04-13-2016
0 2
0
2
rbal_splunk

Upgrading a Splunk 5.0.5 Heavy Forwarder to a 6.x Universal Forwarder, how do we prevent reindexing of all events during migration?

Migrating from a Splunk 5.0.5 Heavy Forwarder to 6.x Universal Forwarder, we want to take over current checkpoints to...
by rbal_splunk Splunk Employee Splunk Employee in Getting Data In 04-13-2016
0 1
0
1
ajayvvs

How to configure outputs.conf on a forwarder to route logs to different sets of indexers?

We have single server where we installed a Splunk forwarder and we want to configure outputs.conf such a way that cer...
by ajayvvs New Member in Getting Data In 04-13-2016
0 1
0
1
TONYBYERS

Upgrading a univeral forwarder to a heavy weight forwarder

I need to upgrade a forwarder from a universal to a heavy weight one. Now I could just blow away my instance and star...
by TONYBYERS Path Finder in Getting Data In 04-13-2016
1 4
1
4
Arismore

How to extract JSON data based on a specific value, and why Splunk reordering my JSON data generated from a script at index-time?

Hello everybody, I have JSON data that I generate from a Python script. It looks like this: { "leaderboard": [ ...
by Arismore Explorer in Getting Data In 04-13-2016
0 3
0
3
seanbarbour

How do I figure out why custom conf files are not being imported?

I am in the process of moving my indexer to a new server, and in the process, I thought it would be a good idea to co...
by seanbarbour New Member in Getting Data In 04-12-2016
0 5
0
5
raby1996

How to ingest more than 1000 events using the monitor setting from the WUI

Hello all, My question is that I have a cvs file that is being updated every hour or so lets say its called test.csv...
by raby1996 Path Finder in Getting Data In 04-12-2016
0 1
0
1
oliverj

How to edit my configuration to collect Windows event logs with a universal forwarder to send to a syslog collector?

Yes, this question has been asked a hundred times. I have looked at all of the examples, but my grasp of the differen...
by oliverj Communicator in Getting Data In 04-12-2016
0 5
0
5
dhavamanis

How to troubleshoot why a universal forwarder is forwarding duplicate events for monitored CSV files?

We are processing CSV files to index in Splunk, but the Splunk forwarder is always forwarding files twice. Can you pl...
by dhavamanis Builder in Getting Data In 04-12-2016
0 2
0
2
Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...
Top Solution Authors
View All