Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
ghostd0g

Can the Splunk universal forwarder forward Sybase audit logs to Splunk?

Hi, Can the Splunk Universal Forwarder forward Sybase audit logs to Splunk? thanks
by ghostd0g Engager in Getting Data In 03-31-2016
0 1
0
1
pasokkum

Splunk forwarder accept files from remote server

Hi Team, We are installing forwarder on one server and would require to connect to a remote server for getting the l...
by pasokkum Path Finder in Getting Data In 03-31-2016
0 1
0
1
nagendra008

How to copy the field values of one event to another event of different sources by comparing with IP and MAC ?

I tried to extract fields form different sources by comparing two IPs. I want to copy the fields of location and stat...
by nagendra008 Explorer in Getting Data In 03-31-2016
0 3
0
3
daniel333

Add a field to a sourcetype with a static value

I wanted to add a field to a specific sourcetype basically nocmessage="ignore this server" Seemed easy enough pr...
by daniel333 Builder in Getting Data In 03-30-2016
2 3
2
3
banderson7

Log4j events line-break not consistent

I'm bringing in alfresco logs, in this case share.log and for the most part the events are broken up by line correctl...
by banderson7 Communicator in Getting Data In 03-30-2016
0 7
0
7
606866581

Searching across clustered and standalone indexers

Hi, I've been reading related questions on this topic but I fear they're outdated as of 6.3. Can I configure a sear...
by 606866581 Path Finder in Getting Data In 03-30-2016
0 8
0
8
jmaguire1992

Anonymize only Child Nodes

Hello, I was wondering could anyone help me figure out the sed script required and regex to Anonymize child nodes fro...
by jmaguire1992 Explorer in Getting Data In 03-30-2016
0 1
0
1
Stevelim

How to extract a key and value from the Raw data?

While I understand the regex command and click based extraction of data fields. How do I extract both of them via the...
by Stevelim Communicator in Getting Data In 03-29-2016
0 1
0
1
gbowden_pheaa

Why are my Splunk 6.3.1 AIX forwarders only forwarding _internal data, not the file being monitored?

I have several AIX forwarders that are not liking what I think is a simple monitor. We are looking for 1 file to ing...
by gbowden_pheaa Path Finder in Getting Data In 03-29-2016
0 12
0
12
mprreddy51

How to over ride sourcetype using curl command for Http event collector?

Hi, I configured Http Event collector(EC) in my local through GUI (generated token,created index and source type) an...
by mprreddy51 Explorer in Getting Data In 03-29-2016
0 6
0
6
SirHill17

TCP Routing and Anonymizing data

Hi, I am trying to anonymize data at the forwarder level (or deployment-server) before forwarding the data to the in...
by SirHill17 Communicator in Getting Data In 03-29-2016
0 6
0
6
tmaltizo

Need SailPoint data in Splunk

SailPoint is our new Identity Governance application. I need to access SailPoint data from within Splunk. I'm not a S...
by tmaltizo Path Finder in Getting Data In 03-28-2016
0 2
0
2
ajlBXsplunk

Splitting fields with slashes

Anyone else having trouble or have guidance to split fields backslashes such as with file paths? The field value is ...
by ajlBXsplunk New Member in Getting Data In 03-28-2016
0 6
0
6
the_wolverine

Create new index without restarting Splunk indexer?

I understand that in the year 2013 it may be possible to create a new index without having to restart the indexer? I...
by the_wolverine Champion in Getting Data In 03-28-2016
4 13
4
13
abhayneilam

Why am I unable to delete an index via CLI with error "bundle=indexes stanza=aaa Missing, cannot edit or remove"?

Hi, I am unable to delete an index from the CLI. When I am giving the following command : ./splunk remove index AAA...
by abhayneilam Contributor in Getting Data In 03-28-2016
0 3
0
3
fhjfong

Indexing some and forwarding some on a full Splunk instance

Hello, I have a Splunk instance that is a search head and an indexer. I would like this Splunk instance to index ...
by fhjfong New Member in Getting Data In 03-28-2016
0 2
0
2
shivarpith

how to setup forwarder to ingest logs from a specific date / last day's log and carry on monitoring the future files as they are created?

i am dealing with a imilar issue, i am trying to ingest webserver logs and the historical log data in webserver is hu...
by shivarpith Path Finder in Getting Data In 03-28-2016
0 2
0
2
saipavan

Need to get data from a stored procedure in DB using the data connect app

I tried various ways to execute a stored procedure using the DB connect app in splunk. But i am not able to do so. Th...
by saipavan Explorer in Getting Data In 03-28-2016
2 7
2
7
splunkDude2015

Does splunk Enterprise run on Windows Hyper V?

If I want to run an operate splunk 6.3 on Microsoft Hyper-V, what are the requirements? Is this supported?
by splunkDude2015 Explorer in Getting Data In 03-28-2016
0 1
0
1
chadwagonerKGI

Splunk SSL Question

So I have a Splunk environment signed by a 3rd party CA. However, the forwarders are using self-signed certificates b...
by chadwagonerKGI Engager in Getting Data In 03-26-2016
0 1
0
1
adlireza

Can anyone help to get this data into Splunk properly?

I have tried to index this file without much success. It's driving me nuts how the fields are never separated correct...
by adlireza Path Finder in Getting Data In 03-26-2016
0 3
0
3
Unister

Why is splunktcp-ssl + ciphersuite not working to disable weak ciphers for Splunk forwarder ports on my Splunk 6.3.3 indexer?

Hello, I want to disable weak ciphers for Splunk forwarder ports on my 6.3.3 indexer. The following snippet does not...
by Unister Explorer in Getting Data In 03-26-2016
0 3
0
3
kenoski

Does anyone know where a heavy forwarder stores events to be sent to a splunk indexer when using Acknowledgement?

We are using Splunk 6.2.6. I am using heavy forwarder at remote sites to forward data to a central indexer. To make...
by kenoski Path Finder in Getting Data In 03-25-2016
0 1
0
1
ishaanshekhar

index entire file as a single event but avoid duplicate indexing

I need to monitor a folder where each file should be treated as a single event. The files get their entire content o...
by ishaanshekhar Communicator in Getting Data In 03-25-2016
0 3
0
3
prem07it50

Receiving '400 Bad Request' when posting data through REST Client. Is there a way to track the detailed description of the error through Splunk logs?

Receiving '400 Bad Request' when posting data through REST Client. Is there a way to track the detailed description o...
by prem07it50 Engager in Getting Data In 03-25-2016
0 1
0
1
Get Updates on the Splunk Community!

.conf26 Registration is Live: Secure Your Early Bird Pass Now

  Lock in Your Spot: Registration Open for .conf26 in Denver Hello Splunkers, I have exciting news! Your ...

Mile High Learning with Splunk University, Denver, Colorado

If Denver is known for its mile-high elevation, Splunk University is about to raise the bar on technical ...

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

We are excited to announce the June release of Splunk IT Service Intelligence (ITSI) 5.0. This update ...
Top Solution Authors
View All