Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
vad34

How to filter Windows event logs on a Splunk 6.2.3 forwarder?

Hello How do I filter events (Windows event log) on a forwarder? btw how do I install a heavy forwarder? I have Splu...
by vad34 Path Finder in Getting Data In 01-12-2016
0 59
0
59
Philip_spl

How do I write a filter for each value of a multivalued field?

I have a table like the following: col1 col2 value1 a value2 b value2 c value1 d value3 e value2...
by Philip_spl Engager in Getting Data In 01-12-2016
0 3
0
3
adamblock2

How to configure a Windows Splunk forwarder to pick up where it left off if the forwarder server stops and events are not forwarded?

I am in the process of adding the following to an inputs.conf file with the intent of forwarding events from a Window...
by adamblock2 Path Finder in Getting Data In 01-11-2016
0 1
0
1
demodav

How to give a user access "full control" over his forwarder inputs on the configure server, but restrict access to any other forwarders?

I want the ability to grant a user access to his forwarder inputs on the configure server, so that he can add Windows...
by demodav Path Finder in Getting Data In 01-11-2016
0 3
0
3
pavanae

WARN TcpOutputProc - Forwarding to indexer group proidx blocked for 249600 seconds. in splunkd.log?

After configuring everything I couldn't able to index the data while was checking in the splunkd.log. I could see the...
by pavanae Builder in Getting Data In 01-11-2016
1 1
1
1
newmember

How do I edit my current inputs.conf and props.conf for proper monitoring, setting a sourcetype, and line breaking?

Sorry newbie questions. I have been looking at trying my hand at customizing the setup, instead of using the GUI. The...
by newmember New Member in Getting Data In 01-11-2016
0 3
0
3
superiorlabels

I set my receiver to also forward data to itself by mistake. How do I remove the forwarder instance without uninstalling the receiver?

I'm running 6.3.2 and when I did the initial setup for my receiver, I misunderstood the directions I was getting and ...
by superiorlabels Explorer in Getting Data In 01-11-2016
0 5
0
5
Spiere

Why are Apache access logs not appearing after configuration and ogs show the server is rejecting the connection between itself?

Hey guys, I have configured the forwarder to send apache access logs to itself from localhost. However, when I look...
by Spiere Path Finder in Getting Data In 01-11-2016
0 1
0
1
agoebel

How to integrate AWS Autoscale with Splunk indexers to automate high availability without an admin redeploying configurations

Last year we had great luck with our Splunk configuration and I'm trying to adapt it to use multisite clustering for ...
by agoebel Path Finder in Getting Data In 01-11-2016
0 2
0
2
sdaghfous

How can I ensure a high availability on Splunk servers using VMware (2 ESXI Servers)?

I installed Spunk Enterprise on a VM "Win Server 2012" on ESXI server. How can I ensure a high availability on Splun...
by sdaghfous Explorer in Getting Data In 01-11-2016
0 1
0
1
dschmidt_cfi

After identifying future timestamps in indexed events, is there any way to adjust time / date after fixing the issue?

Basically, my wineventlog is showing a 'latest event' of Dec 01, 2020 and I need to revert that back to the proper ti...
by dschmidt_cfi Path Finder in Getting Data In 01-11-2016
0 1
0
1
raju4244

In deploymentclient.conf, how can we use a variable to mention the hostname of the machine for the clientname entry?

Dear All, In our environment, we are planning to push a splunkforwarder to a Windows server. Part of that, we are co...
by raju4244 Explorer in Getting Data In 01-11-2016
0 2
0
2
sreelesh_n

Selective join

Trying out for below 1) sourcetype="A" has login details 2) sourcetype ="B" has success login details When I sel...
by sreelesh_n New Member in Getting Data In 01-11-2016
0 1
0
1
fdi01

how monitor amazone EC2 linux with splunk ?

I have a instance amazone EC2 LINUX in my account amazone AWS. my probleme is : i want monitor my amazone EC2 instanc...
by fdi01 Motivator in Getting Data In 01-11-2016
0 2
0
2
Difference

Can I use Splunk to monitor user and agent activity on a network to ensure adherence to policies e.g. stopping password sharing, etc?

With multiple applications both cloud and on premise in use, I am looking for a toolset which can automate the manual...
by Difference New Member in Getting Data In 01-11-2016
0 2
0
2
phoenixdigital

TCP input - tcp-raw not splitting rows by newline

Hi All, I have written a python HTTP downloader which is pulling down multiple zip files and extracting the contents...
by phoenixdigital Builder in Getting Data In 01-11-2016
1 2
1
2
mfeeny1

Install Windows Deployment Client WITHOUT DEPLOYMENT_SERVER flag. Can it work??

Hi. I've been struggling with this for a more days than I'd care to admit. I'm HOPING someone can advise... (Enable...
by mfeeny1 Path Finder in Getting Data In 01-11-2016
2 6
2
6
splunkIT

How to configure Splunk DB Connect 1 to support TLS encryption?

I am using DBX v1, and would like to take advantage of splunkd using TLS 1.2 (this is in [sslconfig] for server.conf)...
by splunkIT Splunk Employee Splunk Employee in Getting Data In 01-11-2016
4 4
4
4
pduflot

Why is the Splunk compression rate at 500% for 6GB of CSV data?

Hi, I have indexed 6GB of CSV data in Splunk. When I look at the compression rate using this search: | dbinspect in...
by pduflot Path Finder in Getting Data In 01-11-2016
0 5
0
5
s0rbeto

How to edit the clientName across all forwarders in my environment?

Hi everyone, We have an environment of about 3000 forwarders installed. Recently, I was told to edit the clientName...
by s0rbeto Explorer in Getting Data In 01-11-2016
1 7
1
7
rgomatha

How do I edit my Hosts > Heavy Forwarder > Heavy Forwarder > Indexers configuration to route data to different target groups based on metadata?

I have gone through the docs: routing based on meta data (source, host, sourcetype) to send specific data to a differ...
by rgomatha Explorer in Getting Data In 01-10-2016
1 1
1
1
CREVITCH

How do I select different sourcetypes for multiple logs coming from multiple servers using rsyslog.conf (no universal forwarders)?

How do I select different sourcetypes for multiple logs coming from multiple servers (no universal forwarders, using ...
by CREVITCH Path Finder in Getting Data In 01-10-2016
0 3
0
3
Rocky31

How to find the IP address of the AWS(f5) data coming through port 9997 to a heavy forwarder?

The port 9997 is enabled, data hitting the Heavy Forwarder. How to validate specific data and IP address?
by Rocky31 Path Finder in Getting Data In 01-09-2016
0 4
0
4
mattkun

How to schedule a search to run every morning at 6:00AM?

Hi, We have a search that retrieves data for the last 24 hours and will send a CSV to an email distribution list. I...
by mattkun New Member in Getting Data In 01-09-2016
0 2
0
2
a212830

Can I set up Splunk so that only certain forwarders use encryption?

Hi, I have a request from a customer to encrypt their feed to Splunk. The doc looks pretty simple, but after readi...
by a212830 Champion in Getting Data In 01-09-2016
0 2
0
2
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...