Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
MikeBertelsen

How to disable KVStore on a heavy forwarder?

I have KVStore taking up drive space on a HF. Documentation warns about this and says KVStore can be disabled in the ...
by MikeBertelsen Communicator in Getting Data In 12-22-2015
1 1
1
1
Laya123

How to use a dashboard time range picker to reference a time column in a CSV file generated by an inputcsv search?

Hi, I have a csv file that I have not indexed and am using it directly through the inputcsv command. The problem is ...
by Laya123 Communicator in Getting Data In 12-22-2015
1 3
1
3
sbattista09

Should I build out a cluster master with the same hardware spec requirements as my heavy forwarder?

Should I build out a cluster master with the same hardware requirements as my heavy forwarder?
by sbattista09 Contributor in Getting Data In 12-22-2015
0 4
0
4
joelshprentz

Raw TCP forwarded events contain ForwarderInfo in Splunk 5.0.1

After upgrading to Splunk 5.0.1 from 4.3.1, TCP streams of forwarded events began to include lines such as this: For...
by joelshprentz Path Finder in Getting Data In 12-21-2015
2 3
2
3
vad34

How to troubleshoot why no events are getting indexed in Splunk 6.3.1 on Linux CentOS 6.7?

Hello guys, I have new Splunk 6.3.1 installation on Centos 6.7. After installation, there are no events coming to Sp...
by vad34 Path Finder in Getting Data In 12-21-2015
0 2
0
2
benjaminruland

Importing CSV files with numbers formatted in German localization (ex: 1.3400,39), how to configured SEDCMD in props.conf to switch commas and decimal points?

Hey everybody, We recently got the request to import CSV files into Splunk. However, the files include some number f...
by benjaminruland Explorer in Getting Data In 12-21-2015
2 6
2
6
dmacgillivray

can multiple sourcetypes stanza's in a props.conf - point to one single report extract (see below)

Hello Splunk Community, Does this seem logical below? I am unsure if ASCII precedence is in play when I use the belo...
by dmacgillivray Communicator in Getting Data In 12-21-2015
0 4
0
4
jkponnuri

What would be the best way to upgrade our Splunk environment and add additional indexers and forwarders?

I have an existing Splunk setup with 2 indexers and 2 forwarders with a clustered architecture. Now we are trying to ...
by jkponnuri Explorer in Getting Data In 12-20-2015
1 1
1
1
smudge797

Importing txt files, how do I configure props.conf so "£" characters do not appear as "\xA0"?

Below is the format and I want to import. The data is showing \xA0 where there should be a £. Please can you send t...
by smudge797 Path Finder in Getting Data In 12-20-2015
0 4
0
4
sdaruna

Retrieving saved search data using the REST API and showing results in CSV format, is there a way to specify pipe as the delimiter?

Hi, I am trying to receive saved search data using REST API and showing the results in csv format. Is there a way th...
by sdaruna Explorer in Getting Data In 12-20-2015
0 1
0
1
adrianmiron

Help with windows security event log search string

In order to find out if and when a member was added to a security group,I have done a search for EventCode=4728. The...
by adrianmiron Explorer in Getting Data In 12-20-2015
1 3
1
3
efrenette11

Why are my props.conf settings not being applied to my data

Here's my local props.conf. [tmweb@app1.splunkdev.jetdev2.syseng.tmcs ~]$ cat /opt/splunk-efr/splunk/etc/system/loca...
by efrenette11 Path Finder in Getting Data In 12-19-2015
0 7
0
7
efelder0

Indexing ZIP files

Can Splunk index gzip/zip files (flat-file format)?
by efelder0 Communicator in Getting Data In 12-18-2015
2 6
2
6
Afef

How could i filter network firewall data using a filed value ?

Hello, I have a firewall that sends a lot of data, i would like to filter events using a specific field value (exemp...
by Afef Communicator in Getting Data In 12-18-2015
0 11
0
11
mark19632

Scripted input with powershell - SplunkTime not working

Hi, I have a PowerShell script that's being executed, but the event time is showing as the time the script runs. Th...
by mark19632 New Member in Getting Data In 12-18-2015
0 3
0
3
leopapadopoulos

Newbie Universal forwarding. Is there a full example to forward a simple file or directory?

Dear Group: Splunk Universal Forwarder 6.0 (build 182037) I have my splunk indexer working on one machine "vm251.fo...
by leopapadopoulos New Member in Getting Data In 12-18-2015
0 2
0
2
arkonner

How to monitor specific Active Directory user groups, and set up a search to alert when members of these groups perform a login?

I am looking to monitor specific AD user groups and want to create a search that alerts me to when the members of the...
by arkonner Path Finder in Getting Data In 12-18-2015
0 4
0
4
mlorch

What is the precedence for identical stanzas within a single conf file? Is this a valid configuration?

Hi, I'm facing the situation that there is the identical stanza twice within a single conf file. E.g. authorize.conf...
by mlorch Path Finder in Getting Data In 12-18-2015
0 2
0
2
leujinlove

Why am I unable to execute script file to collect data using 'add oneshot' command.

I have difficulty making a right script to collect data not in real time but on schedule. first, I made 'inputs.con...
by leujinlove Explorer in Getting Data In 12-18-2015
1 2
1
2
johnsonlui

ERROR ArchiveProcessor with zip files

Hello all, We have met this error when we try to indexing the archive files into Indexer 04-17-2014 14:01:02.292...
by johnsonlui New Member in Getting Data In 12-17-2015
0 3
0
3
hagjos43

How to send some of our index data in an indexer cluster to a frozen bucket on another server?

Here's our situation: We have a single site indexer cluster with a search head, two indexers, and a deployment server...
by hagjos43 Contributor in Getting Data In 12-17-2015
0 4
0
4
o_calmels

How to troubleshoot why the maximum size is not used for an index?

Hi, My main index has a maximum size of 620 GB approx. So my index size was about 615 ~ 619 GB as it should be. 4 we...
by o_calmels Communicator in Getting Data In 12-17-2015
0 3
0
3
renems

What are recommendations for monitoring static files?

Hi all, I tried searching for this issue, since I'd expect this question should be asked a numerous times already. U...
by renems Communicator in Getting Data In 12-17-2015
0 2
0
2
brianpreston

How come the index set on the forwarder is not respected on the indexer?

Hello! I have a number of transforms setting indexes on my forwarder in transforms.conf, like: [syslog_change_innob...
by brianpreston Path Finder in Getting Data In 12-17-2015
0 5
0
5
sahils

Trying to configure Splunk SSO with Apache, getting error "The Proxy server received an invalid response from an upstream server...could not handle the request GET"

We are tying to Configure Splunk SSO. From Splunk Side SSO is enabled, but when we are trying to access the Apache se...
by sahils New Member in Getting Data In 12-17-2015
0 1
0
1
Top Labels
Get Updates on the Splunk Community!

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...