Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
teddyzena

Can I use Splunk to monitor devices connected to a wireless router in my household?

I am a rookie and need help. I want to monitor what people are doing online in my household. Netgear router--WNDR370...
by teddyzena Engager in Getting Data In 08-18-2015
2 1
2
1
efrenette11

Why do I get "Splunk is not running" trying to run "list monitor" on my forwarder, and I can't stop splunk with error "Could not kill pid 379. [FAILED]"?

I can't list monitor my forwarder. I obtain "splunk is not running" even if the splunk status says it is running. So...
by efrenette11 Path Finder in Getting Data In 08-18-2015
0 4
0
4
gcoles

Universal Forwarder High CPU after Leap Second Correction

This is an FYI to anyone else that may be seeing abnormally high CPU utilization on their universal forwarders over t...
by gcoles Communicator in Getting Data In 08-17-2015
9 11
9
11
peter_gianusso

Network latency

Regardless of one's approach with collecting data, Splunk is heavily dependent on the network. How does one deal wit...
by peter_gianusso Communicator in Getting Data In 08-17-2015
0 3
0
3
manus

When a scheduled search spans multiple indexers in different timezones, is there a way to force the location which determines where the beginning of the day snap time (@d) is?

Consider a search which spans events in indexes in London and New-York. | mysearch | bucket _time span=1d | stats co...
by manus Communicator in Getting Data In 08-17-2015
0 5
0
5
bearman

Exporting data from Splunk to Tableau over ODBC, is there a way to clean up the data (remove quotation marks) before the export?

Hi guys! We’re trying to export data from Splunk over to Tableau over ODBC. We’ve successfully managed to export/imp...
by bearman Explorer in Getting Data In 08-17-2015
0 3
0
3
kduckworth

Monitoring syslog-ng on same local Splunk server, is it possible to trigger an email when specific keywords are seen?

I have syslog-ng logging some Cisco equipment, specifically ISDN q931 debugs. These log files are created and labele...
by kduckworth New Member in Getting Data In 08-17-2015
0 4
0
4
dolejh76

What props.conf change do I need to prevent incorrect line breaking of XML data on embedded timestamps?

I have not made any props.conf changes before, so looking for some help please / thanks. I am pulling tomcat logs an...
by dolejh76 Communicator in Getting Data In 08-14-2015
0 24
0
24
vtsguerrero

How to filter events based on event's datetime as current date?

Hello! Sup? I've been into some trouble when comparing datetimes to strings, I know I should convert'em. Logs I've re...
by vtsguerrero Contributor in Getting Data In 08-14-2015
0 2
0
2
nce054

How to configure load balancing on a heavy forwarder?

I am configuring a Heavy Forwarder to point to 3 indexers. I want load balancing to be enabled. Are the individual tc...
by nce054 Path Finder in Getting Data In 08-14-2015
0 3
0
3
OMohi

After renaming a sourcetype, why is it only being applied to new data and not already indexed data?

Hi Guys: I have renamed a sourcetype, but after renaming the sourcetype and recycling the indexers, I only see new d...
by OMohi Path Finder in Getting Data In 08-14-2015
0 2
0
2
pavanae

how to get logs from a new source type?

Until Now we are getting the logs of ".log" format in our environment. in which we mention "sourcetype=log4j" in the ...
by pavanae Builder in Getting Data In 08-13-2015
0 1
0
1
a212830

How do I discard all hosts that begin with ISE in transforms.conf?

Hi, I want to look at the host field and discard all hosts that begin with ISE. How would I do that? My understandin...
by a212830 Champion in Getting Data In 08-13-2015
0 3
0
3
ngiczi

How to implement data diode-like forwarding between two distinct Splunk instances?

Our customer would like to deploy two Splunk instances. The first instance would be in an open network and the anothe...
by ngiczi Engager in Getting Data In 08-13-2015
0 1
0
1
OMohi

Adjusting data in GMT time zone so that splunk recognizes it

Is there a way to tell Splunk what time zone the data is in so it a query run for ET automatically grabs the records...
by OMohi Path Finder in Getting Data In 08-13-2015
0 2
0
2
DrFedtke

How to extract field values from a log record including blanks in the data part?

hi all, we have data records like posLabel=monitoring field posData=51.02 55.56 msg=xxxx where variables' content ...
by DrFedtke Explorer in Getting Data In 08-13-2015
0 1
0
1
Lucas_K

Universal Forwarder v6.2.3: Where have all the metrics gone?

We used to have reports we used to query to see data volume per sourcetype/index/host. Example. /opt/splunkforwarder...
by Lucas_K Motivator in Getting Data In 08-13-2015
0 1
0
1
OMohi

Why am I unable to apply proper parsing on an XML field tag with my current props.conf?

Hi Everyone: I am facing an issue where I am unable to apply proper parsing for an XML tag. I want my event started ...
by OMohi Path Finder in Getting Data In 08-13-2015
0 6
0
6
daltman4437

Can I use Splunk to track application usage on a Citrix server?

I want to track how often an application is being used on certain servers.
by daltman4437 New Member in Getting Data In 08-13-2015
0 1
0
1
jwquah

Is there a limit / best practice to how many data inputs Splunk can monitor?

Hi all, Are there recommended guidelines or best practices on what would be the optimal amount of apps or data input...
by jwquah Path Finder in Getting Data In 08-12-2015
1 8
1
8
gallantalex

Monitor by File Name Only

Hi, I would like to monitor all the web.config files on my machine and then forward the results to a Splunk receiver....
by gallantalex Path Finder in Getting Data In 08-12-2015
0 4
0
4
rongruspe

How to count number of instances when a forwarder is down?

I have a forwarder that forwards data every 60 seconds. I would like to know the count when the forwarder is down (m...
by rongruspe New Member in Getting Data In 08-12-2015
0 7
0
7
athorat

What are different ways of clearing an index automatically on the last day of the month?

We want to clear the index on the last day of the month and load the index with new data on the first of every month....
by athorat Communicator in Getting Data In 08-12-2015
0 3
0
3
jtoan

How to monitor a folder on an online site for csv files, similar to monitoring a local directory?

My splunk instance is currently monitoring a local file and indexing .csv files as they are added. I need to move thi...
by jtoan Engager in Getting Data In 08-12-2015
0 1
0
1
isedrof

Add CSV file as a source by a script

Hey guys, I'm back with an another question, the goal is to add data (CSV file ) as a source to splunk by a script. W...
by isedrof Engager in Getting Data In 08-12-2015
0 6
0
6
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...