Getting Data In

Community Activity

Forwarder add Windows Event log command line Is it possible to add to the splunk forwarder via the command line items from Windows Event viewer? I know we can upd... by kceleslie Engager in Getting Data In 03-23-2016 0 6	0	6
Why am I unable to monitor Apache logs with my current configuration? Hi, I'm trying to monitor some Apache logs and I can't seem to get the statement correct. I'm trying to monitor "a... by wweiland Contributor in Getting Data In 03-23-2016 0 7	0	7
Computing latency between event time, arrival, and indexing I know I can get lag between the timestamp of the event, and its index time on the indexer by using \|eval lag = _in... by droth333 Explorer in Getting Data In 03-23-2016 3 2	3	2
Cooked data from heavy forwarder and feild extraction on the indexer We are sending cooked ( parsed ) data from the heavy forwarders to the indexer . We perform some transforms on the h... by deepthir New Member in Getting Data In 03-23-2016 0 1	0	1
Getting data from remote server Hi there. I have a splunk enterprise setup. I have gone through forwarders concept. If I need a remote system to be m... by Meenakarnan New Member in Getting Data In 03-22-2016 0 2	0	2
Connection errors to heavy forwarders we have the following setup 2 heavy forwarders (HF) forwarding data to 4 indexers We just added another 100 Univers... by ebaileytu Communicator in Getting Data In 03-22-2016 0 3	0	3
Hunk bucket archive question? When HUNK does its bucket pushes to HDFS, it also pushes a couple small supporting files, metadata, etc... With Hadoo... by tsunamii Path Finder in Getting Data In 03-22-2016 0 1	0	1
Help with regex whitelist Hi, I need to whitelist files that match this format in a directory. Hoping someone can help me.... WebAPIServ_RTP... by a212830 Champion in Getting Data In 03-22-2016 0 4	0	4
Record extract based on data value: KV Store/CSV Hello, We have a requirement where we have one csv file which contains around 30K records of data and need to extrac... by hemendralodhi Contributor in Getting Data In 03-22-2016 0 3	0	3
Is replication possible with only two indexers? I only have two machines/servers/indexers. Can I get true replication with only two systems? Server-1 and Server-2.... by hartcl1 Explorer in Getting Data In 03-22-2016 0 3	0	3
Return correlating fields from more than one source (multiple condition statements) This is long because I wanted to make sure all the right info was passed along. I've been racking my brain on this fo... by HLVarian Path Finder in Getting Data In 03-21-2016 0 3	0	3
only monitor FILE NAME not Content Good day is it possible to only monitor FILE NAMES within a Directory and sub directories and not the Content of the... by hoggjade Engager in Getting Data In 03-21-2016 1 2	1	2
How to use cmd parsetest for troubleshooting? From http://docs.splunk.com/Documentation/Splunk/6.2.1/Troubleshooting/CommandlinetoolsforusewithSupport Example: ... by splunk_zen Builder in Getting Data In 03-21-2016 3 2	3	2
Newbie soure type question (SLF4J) Hi, We are importing a file that is in SLF4J into Splunk (cloud version). Is the log4j source type equivalent? Or ... by dbcase Motivator in Getting Data In 03-21-2016 0 1	0	1
Is it possible to use a deployed app on a UF to add local configuration files for a separate app? I'm considering using the deployment server to distribute an app per UF with settings specific to that UF. One app be... by cnestrud Explorer in Getting Data In 03-21-2016 0 2	0	2
INPUTS.CONF HI, Beginner at splunk here, can I add custom stanzas to windows -add -on to collect server roles data, or should i ... by tejasplunk Engager in Getting Data In 03-21-2016 0 1	0	1
Help with extracting and filtering header preambles Hi, We have an ugly custom log file, and we'd like to filter out the beginning of the file. We'd like to start from... by a212830 Champion in Getting Data In 03-21-2016 0 5	0	5
Monitor Active Directory With Linux Indexer Hello, I'm trying to capture Active Directory information from an AD server. I installed an universal forwarder in t... by cjaramilloc Explorer in Getting Data In 03-18-2016 1 2	1	2
Splunk Light: After creating a server class to collect Windows event logs from one server, why am I unable to modify it or create an additional server class? I'm evaluating Splunk Light for purchase and running in to some issues collecting Windows Event Logs from multiple se... by motoxrdr21 Explorer in Getting Data In 03-18-2016 1 8	1	8
Indexer stops receiving data from forwarders This is less of a question and more of a record on Splunk Answers of an issue we ran into. Symptoms: You are on Red ... by jhupka Path Finder in Getting Data In 03-18-2016 2 2	2	2
Remote installtion of U FWDs on Windows - Specify the deployment server HI We need to remotely install U FWD on thousands of Linux and WIndows systems. On Linux systems, in the installat... by Thuan Explorer in Getting Data In 03-18-2016 0 3	0	3
Time formatting from a single field I have a field where time format in: 20020523135537Z which is 05/23/2002 13:53:37 GMT . How can I convert to human re... by muralianup Communicator in Getting Data In 03-18-2016 0 2	0	2
Indexing distributed data - distributed indexes or Forward? Hello. I'm a new Splunk user, and I'm quite uncertain about how to index some distributed data. I have one SH and mul... by _smp_ Builder in Getting Data In 03-18-2016 0 4	0	4
How to troubleshoot why 1 indexer in a Splunk indexer cluster crashed and won't restart with a "Bad Decrypt" error? HI, I have inherited a clustered Splunk setup and I noticed that 1 of my 2 indexers had crashed a couple of days ago... by basher590 Engager in Getting Data In 03-18-2016 0 1	0	1
How do I extract syslog code to carry out a lookup and create new indexed fields for syslog facility and severity? Hi I'm running Splunk 5.0.4. In the environment I have 2 servers deploy/heavy forwarder Search head/indexer. On the... by corners New Member in Getting Data In 03-18-2016 0 2	0	2