Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
ukrishnakanth

How to collect the requests and responses exchanged between website and webserver in Splunk Light?

HI team, I am very new to Splunk and I have already installed Splunk Light on my machine. I would like to see the we...
by ukrishnakanth New Member in Getting Data In 02-17-2016
0 1
0
1
anoopambli

After upgrading a Windows forwarder from Splunk 6.x to 6.3.2, why is the description/message getting cut off for Windows event log data?

Seeing this weird problem after upgrading a forwarder on a Windows server from 5.x to 6.3.2 After the upgrade, the W...
by anoopambli Communicator in Getting Data In 02-17-2016
0 1
0
1
karthikTIL

How to search the total number of business hours of an event from a csv file?

HI, I have a file called file1.csv whose fields are start_time,close_time start_time close_time 22/08/...
by karthikTIL Path Finder in Getting Data In 02-17-2016
0 6
0
6
sunrise

How can I increase the interval of time between the arrival of events for proper line breaking?

Hi Splunkers, Considering delayed syslog data, I have tried the following scripts which output messages to the monit...
by sunrise Contributor in Getting Data In 02-17-2016
0 3
0
3
IRHM73

Why is my simple drop-down menu not filtering results in the dashboard panel?

Hi, I wonder whether someone could help me please. I'm trying to put together a dashboard which is set out as follow...
by IRHM73 Motivator in Getting Data In 02-17-2016
0 10
0
10
PIETRO_CENTANNI

How to delete data in an index from a certain host?

Hi I have a need to save space on an indexer server. In the main index, I have a data from a host that is not used...
by PIETRO_CENTANNI New Member in Getting Data In 02-17-2016
0 7
0
7
bkumarm

How to filter initial data from a file and process it as a JSON file?

HI I am reading an input from a TCP input that is coming as below. However, each event is having a set of data prepe...
by bkumarm Contributor in Getting Data In 02-16-2016
0 2
0
2
alex1895

Transaction Search: How to search after matching IPs from different sourcetypes.

I want to search for matching IPs (dest_ip) between my events from my sourcetype "Vectra-CEF" and other sourcetypes w...
by alex1895 Path Finder in Getting Data In 02-16-2016
0 8
0
8
fredkaiser

dynamically assign sourcetype on folder

I'll like to assign the sourcetype on the folder the logs are sitting in What I have File location pick up by forw...
by fredkaiser Path Finder in Getting Data In 02-16-2016
0 6
0
6
dsollen

What is the cleanest way to store when a search was last run?

I have a search which is run to generate data and output the CSV to be processed later by another program. Due to th...
by dsollen Explorer in Getting Data In 02-16-2016
0 2
0
2
laytonj76

Should we have more servers with less storage or less servers with more storage in an indexer clustering environment?

We are in the middle of designing an Integration environment that we ultimately want to replace our Production enviro...
by laytonj76 Explorer in Getting Data In 02-16-2016
0 2
0
2
reswob4

Why does the distributed management console show my search head as an indexer?

So I've tried the following suggested configurations: http://docs.splunk.com/Documentation/Splunk/6.2.0/DistSearch/F...
by reswob4 Builder in Getting Data In 02-16-2016
0 1
0
1
amoldesai

How to troubleshoot why a Splunk peer node is failing to connect to the master node in an indexer clustering environment?

I am using Splunk 6.3.3. My Splunk indexer clustering environment was working fine earlier. Now one of the peer nodes...
by amoldesai Explorer in Getting Data In 02-16-2016
0 3
0
3
mecrass

How do I format my date/time in a CSV file so that Splunk will recognize it as a timestamp?

I've tried Time_Format= %m/%d/%y %h:%m and i still get a parsing error saying it can't parse 12/01/2015 0:00 which ma...
by mecrass New Member in Getting Data In 02-15-2016
0 1
0
1
nhanzlik

Why is a blacklisted log file still counting against our daily indexing volume?

I had an issue with a host that is outside of my control sending a very large log file causing me to go over the dail...
by nhanzlik Engager in Getting Data In 02-15-2016
0 1
0
1
mrglover

How to utilize Splunk Enterprise to perform automated audits on Windows event logs on a standalone environment?

Trying to use Splunk Enterprise as a tool to perform automated auditing of my event logs. I have a couple standalone...
by mrglover New Member in Getting Data In 02-15-2016
0 1
0
1
dfigurello

How to monitor Exchange logs on Splunk without the premium Exchange app?

Hi all, Can splunk read exchange logs like audit logs on event log of windows. I don't have Exchange premium app, ...
by dfigurello Communicator in Getting Data In 02-15-2016
0 2
0
2
Epicism1

Why am I getting error "Received event for unconfigured/disabled/deleted index="wineventlog"" when the index does exist?

Hello, I am trying to log the Sysmon/Operational Windows event logs via the Sysmon TA app: [WinEventLog://Microsoft...
by Epicism1 Explorer in Getting Data In 02-15-2016
0 9
0
9
jnassar

Run Syslog-ng as non -root user

I need to run splunk as non-root user as per security policy of the customer. The challenge I have faced is with Sysl...
by jnassar Explorer in Getting Data In 02-15-2016
0 7
0
7
igor1705

How to load a comma separated file to Splunk by using REST API

Is it possible to load a CSV file to Splunk only by using a REST API search? I have Splunk installed on another mach...
by igor1705 New Member in Getting Data In 02-15-2016
0 2
0
2
Ananton

DB Connect 1.1.7: Why am I getting error "Java Bridge not running : Unable to create persistentstorage/dbx/global"?

Hello, after installing the DB Connect 1.1.7, the Java Bridge Server is not running. The Error code in the jbridge....
by Ananton Explorer in Getting Data In 02-15-2016
0 5
0
5
guahos

One multisite indexing cluster or several single site indexing clusters?

I am planning a multisite architecture. I have 3 sites in 3 different locations (different countries across Europe) ...
by guahos Explorer in Getting Data In 02-15-2016
0 2
0
2
pavanae

How to Configure Splunk Enterprise to receive Active Directory/Windows Event Logs from Snare without using a Splunk forwarder?

Can anyone please tell me how to Configure Splunk Enterprise to receive Active Directory/Windows Event Logs from Snar...
by pavanae Builder in Getting Data In 02-14-2016
0 1
0
1
premdutt

Splunk DB Connect 1: Configuring my data input using select from both an HDR and DTL table, how can I specify which rising column will be used?

Hi I have same AUD_UPDT_TMSTP column in my table HDR and DTL table and I am configuring my data input using select ...
by premdutt Explorer in Getting Data In 02-14-2016
0 3
0
3
Graham_Hanningt

Best method for batched (periodic or en masse ad hoc, not real time) ingestion?

What I've read I ask this question after reading the following Splunk Dev articles, among others: "Getting data in"...
by Graham_Hanningt Builder in Getting Data In 02-13-2016
0 5
0
5
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...