Getting Data In

Ask a Question

Discussions

Thread Info

How to get data from two sheets of a single excel file after converting to a CSV file?

Hi All. I am a newbie to splunk. Till yesterday I was importing from only one sheet of excel (excel converted to c...

by Contributor in

data mapping in csv file during splunk search

Hi, I have a csv file, and i don't have access to raw data. csv file is created by some other software. its struct...

by Communicator in

Can we zip CSV files before emailing them?

Can we zip files before sending them as email? For example: | outputcsv Splunk.csv | zip splunk.csv | sendmai...

by Engager in

When does outputcsv create the csv file?

I'd like to know at what time does outputcsv create a csv file? Is it created at the same time you schedule your repo...

by Path Finder in

How to limit the scope of fields.conf stanzas to only apply configurations to data for certain indexes or sourcetypes?

I wanted to auto convert data within these logs: field_a="value1|value2|value3", field_b="value_x|value_y" to multiva...

by Communicator in

Why are Windows event logs not being forwarded after installing a universal forwarder on a Windows 2008 R2 DC?

After installing UF on a Windows 2008R2 DC, only Active Directory logs are being forwarded. Checks were made for Appl...

by New Member in

Warm/Cold to Frozen frequency

Hi I'm trying to be certain I understand the process of moving to Frozen - ie deleted in our case.. I have added som...

by Path Finder in

Specify a timestamp field from indexed RESTful JSON

Hi, I am using the REST Modular Input to query some RESTful services. I am having trouble defining the timestamp f...

by Explorer in

Is it possible to convert binary AIX audit logs and send it to Splunk?

Dear Experts, I am receiving this error: FileClassifierManager - The file '/audit/trail' is invalid. Reason: binar...

by New Member in

What happen when an index is deleted?

Hi I have multiple index. If I delete an index, would the data in it would be erase completely from Splunk?

by Builder in

Specific and non-specific stanzas

I have some input stanzas that look like this: [monitor:///opt/app/master_proc*/logs/*] [monitor:///opt/app/backup...

by Path Finder in

Best practice to ship a file-based lookup in an app, so users can edit it without subsequent app upgrades clobbering those edits.

The Problem: Unlike with conf, I don't think lookups have any default/local layering. So if your app has one or more...

by SplunkTrust in

How to set up timezone settings properly

I have indexer in UTC+3 timezone and universal forwarder on syslog server in UTC+6 timezone. I tried to set up timezo...

by Path Finder in

Configuration of props.conf and input.conf

Hi I am interested to upload two distinct files form multiple directories. I have done this previously by using Splu...

by Builder in

Why is scripted input not forwarding to peers ?

Our setup comprises of 1 heavy forwarder, 3 searchheads and 3 peers/indexers all in the clustered environment. We ar...

by Path Finder in

Changing syslog timezone to Eastern Standard time.

I am having the same issue described here http://answers.splunk.com/answers/57543/splunk-displaying-events-with-the-c...

by New Member in

Line breaking

How can I set the start and end of events in the source selection. To output only my event . I use MUST_BREAK_AFTER a...

by New Member in

How to convert Cisco Call Manager CDR files in telephone bills using Splunk?

Hello everyone, does someone know if it is possible to create a billing report for our internal and external telep...

by Engager in

Different sourcetypes in a single search

Hi, I have to search for data from two different sourcetypes. There is a common field in both the sourcetypes call...

by Explorer in

We have to get the logs of SNMP from an external party. How do we get those?

We are planning to get the SNMP logs to our Splunk from a third party server (ISP), is there anything we need to do i...

by Path Finder in

Does splunk apps available on splunkbase work with splunk universal forwarders?

Case:- Splunk enterprise server version 6.1 Lets say I have around 100 production servers with Universal forwarder...

by Explorer in

Why site doesn't load trying to access Splunk via proxy with Splunk 6.2 SSO using Windows 2012R2 IIS Server?

I've tried to implement Splunk 6.2 SSO using Windows 2012R2 IIS Server. But when i try to access splunk via proxy the...

by Engager in

Windows Event collection - A really basic question, Doh

Guys, I want to use Splunk for some eval work on Windows 7 prof and server 2008 and 2012. I want to stick strictly to...

by New Member in

Why my windows Server 2008 doesn't send performance ?

Hello, I installed a universal forwarder (6.2.2) on two servers Active directory (windows 2008), I configured inpu...

by Communicator in

SNMP Modular input installation

I installed splunk as root, can anyone help me please. how can i install SNMP modular input? at which directory shoul...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to get data from two sheets of a single excel file after converting to a CSV file?

data mapping in csv file during splunk search

Can we zip CSV files before emailing them?

When does outputcsv create the csv file?

How to limit the scope of fields.conf stanzas to only apply configurations to data for certain indexes or sourcetypes?

Why are Windows event logs not being forwarded after installing a universal forwarder on a Windows 2008 R2 DC?

Warm/Cold to Frozen frequency

Specify a timestamp field from indexed RESTful JSON

Is it possible to convert binary AIX audit logs and send it to Splunk?

What happen when an index is deleted?

Specific and non-specific stanzas

Best practice to ship a file-based lookup in an app, so users can edit it without subsequent app upgrades clobbering those edits.

How to set up timezone settings properly

Configuration of props.conf and input.conf

Why is scripted input not forwarding to peers ?

Changing syslog timezone to Eastern Standard time.

Line breaking

How to convert Cisco Call Manager CDR files in telephone bills using Splunk?

Different sourcetypes in a single search

We have to get the logs of SNMP from an external party. How do we get those?

Does splunk apps available on splunkbase work with splunk universal forwarders?

Why site doesn't load trying to access Splunk via proxy with Splunk 6.2 SSO using Windows 2012R2 IIS Server?

Windows Event collection - A really basic question, Doh

Why my windows Server 2008 doesn't send performance ?

SNMP Modular input installation

Can’t make it to .conf25? Join us online!

Take Action Automatically on Splunk Alerts with Red Hat Ansible Automation Platform

Calling All Security Pros: Ready to Race Through Boston?

Beyond Detection: How Splunk and Cisco Integrated Security Platforms Transform ...

Forwarding all logs from HF to third-party using s...

Splunk Observability Cloud/SignalFx - Related Cont...

Regex works but transforms.conf extracts only part...

Splunk Answers Content Calendar May 2025 🎉

Edge Processor Destination not showing up in Pipel...

Getting Data In

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!