Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
moo2k

Splunk Light Free + Universal Forwarder: How to fix my configurations to monitor input paths with wildcards and assign proper sourcetypes?

Hello guys. I am new to Splunk. Let me introduce my problem. I have installed Splunk Light Free on the server (bas...
by moo2k New Member in Getting Data In 10-21-2015
0 2
0
2
eallanjr

Why is a monitored file behaving like a batch file on a Splunk 6.2.1 Universal forwarder?

I have a monitored file input for a .tsv file that gets updated via a SQL query every hour. However, the data is onl...
by eallanjr Explorer in Getting Data In 10-20-2015
1 1
1
1
cwatterson

How can you get a complete list of all files with the path Splunk is monitoring/ingesting?

I'm trying to get a list of all files with the path that Splunk is currently monitoring. Google and searches here hav...
by cwatterson New Member in Getting Data In 10-20-2015
0 3
0
3
antlefebvre

Why does data stop getting indexed for a monitored file when Splunk is restarted, and how do I fix this?

I am attempting to monitor a file that is fairly large and on a UNC file share. It appears that the file only indexes...
by antlefebvre Communicator in Getting Data In 10-20-2015
0 4
0
4
cdevoe57

How do I troubleshoot why indexing performance is slow?

Operating System: Oracle Linux 3.8.13-55.1.5, 64 bit 2 CPUs, total of 40 cores, 128 gb memory, 1 GB network, 6 300 G...
by cdevoe57 Path Finder in Getting Data In 10-20-2015
1 4
1
4
patrickdelliot

Integrating Splunk data in Talend

Greetings. We have data in Splunk, and related data in Oracle. We are looking to integrate the two using Talend. H...
by patrickdelliot New Member in Getting Data In 10-19-2015
0 2
0
2
tmarlette

delay forwarder ingesting file

I have a script that creates a file, thoguh the command that is run, has a very long output, and it takes about 20 se...
by tmarlette Motivator in Getting Data In 10-19-2015
0 4
0
4
jmonreal

How to override host metadata?

Good day everyone! I have my Splunk cluster separated in Forwarders (inside each application server), Indexer (a set...
by jmonreal New Member in Getting Data In 10-19-2015
0 3
0
3
Bhargav99

How to get data into Splunk?

Hello Experts Could some one please let me know the procedure step by step for on boarding data into Splunk? Thank...
by Bhargav99 New Member in Getting Data In 10-19-2015
0 3
0
3
splunkDude2015

Is it recommended to use a Splunk 6.3 universal forwarder with a 6.2.X indexer / base install?

What is best practice / recommended when deploying universal forwarders relative to the splunk indexers / base instal...
by splunkDude2015 Explorer in Getting Data In 10-19-2015
0 1
0
1
OldManEd

What deployment-apps subdirectory do I need on a Linux Deployment Server to update inputs.conf and outputs.conf on a Windows Universal Forwarder?

First, if this is a repeat question, I apologize. I tried to ask this question a short time ago, but cannot find it ...
by OldManEd Builder in Getting Data In 10-19-2015
0 4
0
4
carljohan

Run indexes on different servers

We are planning to have a Splunk setup where we have: 1 server running a Splunk indexer2 servers per operation from ...
by carljohan Path Finder in Getting Data In 10-19-2015
0 8
0
8
ledaipro

How to monitor switch, router... and other Cisco devices using SNMP.

Hi. Using NET-SNMP on Windows to receive and log SNMP traps to a file, and I want Splunk monitor that file. How to ...
by ledaipro Explorer in Getting Data In 10-19-2015
0 7
0
7
ssubhani

What is the proper sourcetype for Symantec Brightmail Gateway 10.X?

Hi I need help finding the Splunk sourcetype for the Symantec Brightmail Gateway 10.X. Syslog or sendmail_syslog is...
by ssubhani Explorer in Getting Data In 10-18-2015
1 1
1
1
thambisetty

Splunk forwarder on linux: parameter format error after adding monitor

Hi, I have installed splunk forwarder on linux which is having symantec Brightmail Gateway. and i tried to forward th...
by SplunkTrust SplunkTrust in Getting Data In 10-18-2015
0 3
0
3
johns3

Universal Forwarder and Free Splunk license?

Is the universal forwarder free or do you need to have a license to use it? I am looking to use them on my Windows ma...
by johns3 Path Finder in Getting Data In 10-17-2015
2 5
2
5
bharathkumarnec

Event Breaking Issue

Hi Everyone, Need help regarding event breaking, below is my current scenario: One my log file in the indexer is up...
by bharathkumarnec Contributor in Getting Data In 10-17-2015
0 3
0
3
OldManEd

How to set hostname for the Splunk Windows Universal Forwarder

When I installed the Splunk Universal Forwarder for Windows, the inputs.conf file has the stanza; [default] host = <...
by OldManEd Builder in Getting Data In 10-16-2015
0 4
0
4
OldManEd

What deployment apps subdirectory on a Linux Deployment Server do I need to update inputs.conf and outputs.conf on a Windows Universal Forwarder?

I'm trying to follow the Splunk documentation to set up my Splunk Linux Deployment Server to update configuration fil...
by OldManEd Builder in Getting Data In 10-16-2015
0 1
0
1
jsven7

Why does CSV import look crazy?

After I import a simple CSV Splunk reflects a bunch of junk on the event field. Why??
by jsven7 Communicator in Getting Data In 10-16-2015
0 2
0
2
dcroteau

Initially, props.conf line breaking works properly and extracts the timestamp, but why does it stop working later?

We have a database log monitored input file that we are monitoring with a universal forwarder. We have a props.conf...
by dcroteau Splunk Employee Splunk Employee in Getting Data In 10-16-2015
0 3
0
3
anoopambli

Is there a REST API call or other method to check which files were processed by a Splunk forwarder in the past?

I have a customer complaining that one of the sourcetype data is not appearing for couple of days in the past. I see ...
by anoopambli Communicator in Getting Data In 10-16-2015
0 3
0
3
lguinn2

Best/optimum log file size?

I saw a recommendation that Splunk works better with smaller log files. But what does "small" mean? I would assume t...
by Legend in Getting Data In 10-16-2015
3 5
3
5
jbanda

splunk field extraction csv

Ultimately I'm trying to get meaningful data out of exchange message tracking logs (which are in single-line-record, ...
by jbanda Path Finder in Getting Data In 10-15-2015
1 17
1
17
OMohi

How to filter out an IP address that is sending syslogs to Splunk using TCP port 514 as input?

Hi Everyone I need to know whether it is possible to filter out an IP address that is sending syslogs into Splunk us...
by OMohi Path Finder in Getting Data In 10-15-2015
1 1
1
1
Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...
Top Solution Authors
View All