Getting Data In

Discussions

Thread Info

ERROR script - command="runshellscript", Cannot find script

Hello I have installed the app http://splunk-base.splunk.com/apps/50967/use-python-mail-for-scripted-alerts and i hav...

by New Member in

Indexer and Heavy Forwarder in once?

Hello community, we would like to forward a subset of syslog data to a 3rd party syslog host. So, no problem, this...

by Path Finder in

Upgrade to Splunk 6.3 on Windows is failing with no useful error messages

I'm upgrading our environment from 6.2.6 to 6.3.0 on Windows (2012 R2) We have 1 x master, 3 x indexers and 1 x searc...

by Path Finder in

Pass variable to a scripted alert

Hi, I would like to pass variable to run a perl script. I did it with fixed value and it runs well, but now i want...

by Explorer in

Sourcetypes not searchable

Hello Splunk world, I am having a weird issue where I am seeing SourceTypes that are not searchable. If i click...

by Explorer in

Logs with same RecordNumber

Hi , we are having some issues with duplicated logs from one server, the logs have the same record number field is t...

by Communicator in

How to configure different timezones for the source file that are coming into SPLUNK

Hi Team I am facing issues with the following scenario 1.I have 200 csv files daily indexing into SPLUNK. 2.These ...

by Path Finder in

forwarding syslog to multiple endpoints

Hi, I need to forwarded syslog data from a Splunk heavy forwarder to ArcSight. I can forward syslog to one ArcSigh...

by Communicator in

How to set up a centralized server for logs from network devices?

Hi Guys. How do you deal with logs from network devices? I know that logs from network devices should be sent to a ce...

by Path Finder in

Splunk universal forwarder fails to start - AIX

Hi, I installed the universal forwarder 6.1 for AIX. splunkforwarder-6.1.1-207789-AIX-powerpc.tar splunk@xx...

by Path Finder in

What is the process on the Splunk side to index syslogs through UDP?

Can anyone please explain the steps to taken on the Splunk side to get the syslogs through UDP? After configuring ...

by Builder in

Import Websense data to Splunk

Has anyone added Websense data to Splunk and would you mind sharing that process?

by New Member in

UF not sending logs from all folders monitored

Hello Splunkers. I have an issue that I've been dealing with for the past 2 days but no success in solving it. I'm...

by Communicator in

Which is the recommended way to input heavy load JSON data to Splunk?

Hi everyone, I'm developing an integration with Splunk, and right now I'm using the Splunk Java SDK with the REST API...

by Engager in

How to change which index a sourcetype is indexed to?

Hi, Currently I am using "Index1" for "sourcetype1". I want to change this "sourcetype1" to a new index "Index2"....

by Path Finder in

How to add application data into Splunk?

I have a legacy application and I want to get as much application data into Splunk as I can. I'm hoping to go well be...

by New Member in

Why am I getting "IndexError: list index out of range" trying to get the session key in a Splunk REST API call?

I am trying to get the result of a search from Splunk, but when I try to get the session key, I am getting the follow...

by Explorer in

To change the date format for events, do we modify datetime.xml on the Indexer or forwarder?

Hi, Fairly simple question, but I can't find the answer. Since we never use the illogical date format month-day-ye...

by Builder in

Why is the Host IP value from udp:514 syslog input incorrect for one device?

Hi, I'm collecting syslog events sent by different network equipment. For all devices, the host value is recorded ...

by Explorer in

Determining indexes.conf settings for all indexes combined

I've spent hours studying the documentation and articles outside of splunkbase about configuring indexing, and I'm st...

by Path Finder in

Why are inputs.conf stanzas not working properly from rsyslog host?

I have the following directories on my rsyslog forwarder (sysloghost): /var/log/remote/servacsv/2015-09-27.log /var/l...

by Path Finder in

How to receive snmp trap in window machine from the remote network device?

I have to set windows xp machine as a server which has install splunk software to receive snamp trap from other remot...

by New Member in

How to debug evt_resolve_ad_obj on a universal forwarder?

Hi, I am trying to debug evt_resolve_ad_obj not working properly? How do I enable debug to see wich Domain Co...

by Path Finder in

How to efficiently get a list of of Windows hosts WITH the Target Domain Name field?

Howdy. For quite a while we have been using this to generate a useful and pretty list of all Windows Server hosts, sh...

by Explorer in

Is there a limit to the number of whitelist/blacklist configurations for security event ID filtering?

We are trying to configure event ID filtration for security events, but even after using the below configuration, the...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

ERROR script - command="runshellscript", Cannot find script

Indexer and Heavy Forwarder in once?

Upgrade to Splunk 6.3 on Windows is failing with no useful error messages

Pass variable to a scripted alert

Sourcetypes not searchable

Logs with same RecordNumber

How to configure different timezones for the source file that are coming into SPLUNK

forwarding syslog to multiple endpoints

How to set up a centralized server for logs from network devices?

Splunk universal forwarder fails to start - AIX

What is the process on the Splunk side to index syslogs through UDP?

Import Websense data to Splunk

UF not sending logs from all folders monitored

Which is the recommended way to input heavy load JSON data to Splunk?

How to change which index a sourcetype is indexed to?

How to add application data into Splunk?

Why am I getting "IndexError: list index out of range" trying to get the session key in a Splunk REST API call?

To change the date format for events, do we modify datetime.xml on the Indexer or forwarder?

Why is the Host IP value from udp:514 syslog input incorrect for one device?

Determining indexes.conf settings for all indexes combined

Why are inputs.conf stanzas not working properly from rsyslog host?

How to receive snmp trap in window machine from the remote network device?

How to debug evt_resolve_ad_obj on a universal forwarder?

How to efficiently get a list of of Windows hosts WITH the Target Domain Name field?

Is there a limit to the number of whitelist/blacklist configurations for security event ID filtering?

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?

UF after Sleep/Hibernate

No such file or directory: 'java' adding JMX acco...

WARN SSLCommon [53742 FwdDataReceiverThread] - Re...

What is the correct format for including the API k...

Configuring Splunk OTel Collector for Linux/Window...