Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
soldatpetit

Why I can't access data from Splunk using REST API?

Hello every body! I'm new and i 'd like to communicate with Splunk by REST API using "curl" comand. I tried some exam...
by soldatpetit New Member in Getting Data In 06-16-2015
0 3
0
3
teward001

Splunk 6.2 - "Add Data Source" with Local Server Data Itself Can't See Past 2 Tiers of Folders From / (root)

I'm getting an odd error. When using Splunk 6.2.3, and trying to access files in a folder that is read/write/execute...
by teward001 Path Finder in Getting Data In 06-16-2015
0 4
0
4
jamesonf

Why am I getting an error installing a universal forwarder on WIndows server 2008 R2 with a Powershell script?

Out of the 37 of our servers which this processed worked successfully without issue, I am running into an error on ou...
by jamesonf New Member in Getting Data In 06-16-2015
0 1
0
1
martinh3

Should I configure line breaking for a log with XML data on the universal forwarder or indexer?

I have a universal forwarder on a remote machine that forwards the splunk enterprise instance a log that may include ...
by martinh3 New Member in Getting Data In 06-16-2015
0 5
0
5
sunnyparmar

Want to see data by host

Hi, In the below given query i want to see the data by host but unable to see. Kindly suggest index=sc-perfmon (cou...
by sunnyparmar Communicator in Getting Data In 06-16-2015
0 8
0
8
brutecat

Why are my macros and search not properly filtering out data collected on weekend days from my indexes?

I have a problem with a requirement to remove data collected on weekend days from my indexes. I can do this accuratel...
by brutecat Path Finder in Getting Data In 06-15-2015
0 5
0
5
jwtrask

How to monitor OpenVPN connections for a standalone OpenVPN server on Ubuntu 14 LTS without PFsense?

I'm not using pfsense. I'm using the stand alone OpenVPN server on Ubuntu 14 LTS. How can I monitor OpenVPN conne...
by jwtrask New Member in Getting Data In 06-15-2015
0 1
0
1
a212830

Removing an indexer from an indexer cluster, what does the "decommissioning" status for a node mean?

Hi, I want to remove an indexer from a cluster, permanently. I executed ./splunk offline --enforce-counts, and on t...
by a212830 Champion in Getting Data In 06-15-2015
0 1
0
1
renems

Is there a troubleshooting guide for universal forwarder performance?

Currently, I have a couple of universal forwarders that tend not to keep up with the data coming in. I see on the ind...
by renems Communicator in Getting Data In 06-15-2015
1 1
1
1
martinh3

owner of props.conf ?

I'm fairly new to Splunk, but I use it both at home (on openSUSE linux) and at work (redhat linux). At home, most of ...
by martinh3 New Member in Getting Data In 06-15-2015
0 1
0
1
alauri

How to add an external link reference into a Splunk /services/message using the Splunk REST API?

Hi guys, I'm using the REST API "/services/messages" to send a message to Splunk and it works fine. Now, I need to i...
by alauri Explorer in Getting Data In 06-15-2015
2 10
2
10
securityninja

How to forward events to different indexes based on universal forwarder IP address?

Hi there, I have dozens of devices forwarding data through universal forwarder to a heavy forwarder, which in turn f...
by securityninja Engager in Getting Data In 06-15-2015
0 2
0
2
SirHill17

Index Log file on demand

Hi, To avoid too much data collection, I would like Splunk to only index a log file following a manual action like c...
by SirHill17 Communicator in Getting Data In 06-15-2015
0 2
0
2
yathish

How to forward logs in gzip stored on a Windows server using a heavy forwarder?

Our proxy logs are stored in windows server in gzip format. When i installed a heavy forwarder, the logs were not get...
by yathish New Member in Getting Data In 06-15-2015
0 1
0
1
Scan001

Uploading a CSV file, why am I getting error "Unable to parse timestamp" when I set source to CSV?

i am trying to upload a csv file. When I set source to CSV, I get an error "unable to parse timestamp", defaulting t...
by Scan001 Explorer in Getting Data In 06-15-2015
0 12
0
12
sunrise

How to configure BREAK_ONLY_BEFORE to split multiline event ?

Hi Splunkers, I got the following multi-line event. # Time: 150601 17:30:31 # User@Host: sample[sample] @ SAMPLEAP...
by sunrise Contributor in Getting Data In 06-15-2015
1 3
1
3
lyndac

Defining timestamp on data from .csv file

I'm trying to index some data input from a .csv file. Is it possible to tell splunk to use a specific column of data...
by lyndac Contributor in Getting Data In 06-14-2015
3 5
3
5
ronak

how to specify props.conf for EPOCH timestamp in JSON object

I've events coming in JSON format with first part of the JSON data as EPOCH_START_TIME=8797994058574 ...the events ...
by ronak Path Finder in Getting Data In 06-14-2015
0 9
0
9
robf

What is the default thruput limit and what queue size increases are recommended for a busy Windows universal forwarder?

What is the default for thruput as it's not specified? [thruput] maxKBps = <integer> If specified and not zero, thi...
by robf Path Finder in Getting Data In 06-13-2015
0 2
0
2
DuXa

the beginning and end of the event

Hello, i have logs with some event. I want see only my event. How i can remove another information. My event bigins ...
by DuXa New Member in Getting Data In 06-13-2015
0 3
0
3
shreyasathavale

Why do the indexers in my distributed search environment have different numbers of splunkd.exe processes running in the Task Manager?

We have 4 indexers in our environment and on each indexer there are different number of splunkd.exe processes. 1 Inde...
by shreyasathavale Communicator in Getting Data In 06-13-2015
0 1
0
1
tleyden

Collecting data via a python script, later putting it into Splunk

We have some customers which are running into memory issues, and we need to provide them a script to collect several ...
by tleyden Explorer in Getting Data In 06-12-2015
1 3
1
3
sbbadri

Does Splunk Support IBM HPEL log ingestion

I need to ingest a hpel log file produce from IBM websphere server. I need to know does splunk support this. Any po...
by sbbadri Motivator in Getting Data In 06-12-2015
0 1
0
1
randric

Why is Windows universal forwarder always sending performance stats to the main index every 10 seconds?

I am trying to forward the performance stats (CPU, Memory) from Windows Universal forwarder to Splunk Indexer on remo...
by randric Engager in Getting Data In 06-12-2015
1 3
1
3
lew

How do you monitor a directory in a client server

I'm new to splunk. I am trying to monitor a directory that exists on a different server other than the main splunk se...
by lew New Member in Getting Data In 06-12-2015
0 9
0
9
Top Labels
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...