Getting Data In

Community Activity

Is it possible to configure a universal forwarder to send data to two different indexes on the same indexer? As part of some custom requirement we need to forward the same data to two different indexes on same physical indexer... by badrinath_itrs Communicator in Getting Data In 09-12-2015 0 8	0	8
How to troubleshoot why my universal forwarder is showing Splunk Cloud hosts as inactive? Hello, I have installed and used the Splunk universal forwarder to successfully forward my data to my local Splunk E... by pkurt Path Finder in Getting Data In 09-11-2015 0 2	0	2
Why do I get a timeout when trying to connect to Splunk Cloud from the Splunk Javascript SDK? I get a timeout when trying to connect using my splunk cloud instance URL and port 8089. Is this supported? I want t... by luisatworkpop New Member in Getting Data In 09-11-2015 0 1	0	1
Unable to add TCP Data Inputs in Splunk Cloud Hi, I'm using Splunk Cloud and I'm unable to add a new Data Input. I'm entering all the required fields but when I c... by bobbyavn Engager in Getting Data In 09-11-2015 5 2	5	2
How to filter logs with the word "version" to nullQueue on the Splunk Cloud Sandbox? I'm trying to filter logs with the 'version' word, and send them to the nullQueue. First of all, i'm using the Unive... by andremidea Engager in Getting Data In 09-11-2015 0 5	0	5
Why am I unable to get a Splunk forwarder and indexer to talk over SSL using a non-default CA? Hey all, I'm having a really tough time getting my forwarders and indexer to talk over SSL using a non-default CA. ... by ryanleerally Explorer in Getting Data In 09-11-2015 0 2	0	2
Unable to delete data from Splunk Cloud trial Hi, I managed to import the tutorial data twice into my Splunk Cloud sandbox trial (once into the wrong place). So co... by nickblack New Member in Getting Data In 09-11-2015 0 3	0	3
How to install and configure a Windows forwarder on premises and use Splunk Cloud to analyze SQL Server logs? Hi, The manager of mine isstarting out a Splunk project and is asking how expensive would it be to install and oper... by artemf New Member in Getting Data In 09-11-2015 0 1	0	1
Using Splunk modular data inputs for the REST API to ingest Twitter data, how do I delete or filter out non-English events? I am ingesting a lot of Twitter data for a project, and incidentally, I am ingesting Japanese and Hindi tweets along ... by sunnyd Engager in Getting Data In 09-11-2015 0 1	0	1
How can I forward a particular event ID to another host? I have a scenario where I need to forward a particular event ID to another host. Can I use the universal forwarder fo... by ericsolson New Member in Getting Data In 09-11-2015 0 7	0	7
Why is data received from a remote Splunk instance not being collected in the specified index? Our Splunk instance is currently receiving data from a remote Splunk instance. The remote indexer is sending data (m... by adamblock2 Path Finder in Getting Data In 09-11-2015 0 7	0	7
Reload transforms.conf, props.conf and lookups Hi! I have the habit to develope TAs and Splunk Apps right on the Splunk server. You know, 2 screens: Splunk search ... by tkiss Path Finder in Getting Data In 09-11-2015 1 5	1	5
Is it possible to configure two scripted third party authentication types in authentication.conf with precedence so it tries one, then the other? I'm wondering if I can configure 2 scripted third party authentication types at the same time. I just want to configu... by pdjhh Communicator in Getting Data In 09-10-2015 0 2	0	2
Why is the progress bar stuck at 100% when trying to upload a a sample data file? Hello! I'm new to Splunk. I'm trying to upload a sample data file. After I select the file, pass the input settings, ... by mohinder6 New Member in Getting Data In 09-10-2015 0 4	0	4
Why is the universal forwarder on the license master server not sending all license_usage.log data to the indexer cluster? Hi, I have a Universal Forwarder installed on the License Master server to send the License_usage.log to the central... by abhayneilam Contributor in Getting Data In 09-10-2015 0 2	0	2
Are there performance implications of using props.conf and transforms.conf to change Index and SourceType? Hi, I'm new to Splunk and have installed the Enterprise trial on Windows and pointed two Cisco ASA firewalls at it. ... by feisar Explorer in Getting Data In 09-10-2015 0 1	0	1
How to search and alert when when my machines with Splunk forwarders restart consecutively within 1 hour? Hi , I have 10 machines installed with the Splunk forwarder and I need a search to alert and send an email whenever ... by deepthi5 Path Finder in Getting Data In 09-10-2015 0 5	0	5
Running a vulnerability scan on my CentOS 6 Splunk forwarder, why am I getting "Deprecated SSLv2 and SSLv3 Protocol Detection: port 8089"? I am running a Centos 6 machine with splunkforwarder-6.2.5 installed. When running a vulnerability scan using OpenVAS... by terryjohn Path Finder in Getting Data In 09-10-2015 1 2	1	2
Violent file caching in Splunk 6.2.x Hi, i've started to use Splunk 6.2.x some days before and experience a really big problems with file caching. The p... by mr_brightside Explorer in Getting Data In 09-10-2015 0 3	0	3
How to define a sourcetype based on a TSV file with a long list of fields? I have datasets in TSV format where there is no header in the file. I tried to use the wizard to import the data, bas... by dominiquevocat SplunkTrust in Getting Data In 09-10-2015 0 8	0	8
How to calculate duration in seconds between two events? Hi, I have a log file in which there are two events "Sending reply for message" and "reply message sent". Both are s... by sunnyparmar Communicator in Getting Data In 09-10-2015 0 14	0	14
How to add blacklist in inputs.conf file using Linux Command Hi , We have a Splunk forwarder installed on a Linux platform. I have already added the monitor details in inputs.co... by chris1 Explorer in Getting Data In 09-10-2015 0 1	0	1
After making modifications to inputs.conf on a Windows forwarder and restart the splunkforwarder service, why are my changes reversed? Hi, I need to make some modifications on an inputs.conf file on a Windows server which is installed with a Splunk... by AllenZhang Explorer in Getting Data In 09-09-2015 0 2	0	2
If we install a 32 bit forwarder on a webserver, will our 64 bit indexer have issues indexing the data? We have our Splunk infrastructure running on 64 bit OS. Now we want to index some data which is coming from a webserv... by athorat Communicator in Getting Data In 09-09-2015 0 5	0	5
How to configure blacklist in inputs.conf file on Linux? Hi , We have Splunk forwarder on a Linux platform. I wanted to add a blacklist to my inputs.conf file. Please help m... by chris1 Explorer in Getting Data In 09-09-2015 1 2	1	2

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

Getting Data In

Is it possible to configure a universal forwarder to send data to two different indexes on the same indexer?

How to troubleshoot why my universal forwarder is showing Splunk Cloud hosts as inactive?

Why do I get a timeout when trying to connect to Splunk Cloud from the Splunk Javascript SDK?

Unable to add TCP Data Inputs in Splunk Cloud

How to filter logs with the word "version" to nullQueue on the Splunk Cloud Sandbox?

Why am I unable to get a Splunk forwarder and indexer to talk over SSL using a non-default CA?

Unable to delete data from Splunk Cloud trial

How to install and configure a Windows forwarder on premises and use Splunk Cloud to analyze SQL Server logs?

Using Splunk modular data inputs for the REST API to ingest Twitter data, how do I delete or filter out non-English events?

How can I forward a particular event ID to another host?

Why is data received from a remote Splunk instance not being collected in the specified index?

Reload transforms.conf, props.conf and lookups

Is it possible to configure two scripted third party authentication types in authentication.conf with precedence so it tries one, then the other?

Why is the progress bar stuck at 100% when trying to upload a a sample data file?

Why is the universal forwarder on the license master server not sending all license_usage.log data to the indexer cluster?

Are there performance implications of using props.conf and transforms.conf to change Index and SourceType?

How to search and alert when when my machines with Splunk forwarders restart consecutively within 1 hour?

Running a vulnerability scan on my CentOS 6 Splunk forwarder, why am I getting "Deprecated SSLv2 and SSLv3 Protocol Detection: port 8089"?

Violent file caching in Splunk 6.2.x

How to define a sourcetype based on a TSV file with a long list of fields?

How to calculate duration in seconds between two events?

How to add blacklist in inputs.conf file using Linux Command

After making modifications to inputs.conf on a Windows forwarder and restart the splunkforwarder service, why are my changes reversed?

If we install a 32 bit forwarder on a webserver, will our 64 bit indexer have issues indexing the data?

How to configure blacklist in inputs.conf file on Linux?

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

SC4S postfilter not dropping Fortigate east-west t...

PCAP Data contains media and audio file, Is it pos...

TA_Guardium API Add-on for Splunk

Transilience AI threat intel feed integration

I have question about Metrics

Getting Data In

Join the Conversation