Getting Data In

Community Activity

Changes to Tranforms.Conf not reflected I have a scripted input that gather SQL Perfmon counters via wmi. It is gathering data and working without issue, ho... by JOverbey New Member in Getting Data In 06-02-2015 0 1	0	1
Indexer isn't receiving data from the Universal Forwarder Hello, I'm having issues receiving data on my Indexer from the Universal Forwarder. Prior to installing the Universa... by tjohnson2 Explorer in Getting Data In 06-02-2015 0 3	0	3
How do you filter Windows:Security:Events: 5145 using use transforms.conf and props.conf? I am trying to filter Windows:Security:Events: 5145. I created the props.conf and the transforms.conf file listed be... by rfrazier New Member in Getting Data In 06-02-2015 0 3	0	3
How to forward log files to two different servers? Hi, I need to send some logfiles twice - send one set to my prod system, and another to a dev system. I have two dif... by a212830 Champion in Getting Data In 06-02-2015 0 2	0	2
What is the default REST API URL to post data to the default index? What is the default REST API url to post data at default index? I have rest api APP configured as input in splunk. by birarich Explorer in Getting Data In 06-02-2015 0 3	0	3
How can I set a TIME_PREFIX without prefix Hi folks, I wanted to add the first field as timestamp : 150503;ULSTTTK073TTTXXX;XXXXXXXX;15/04/27;13:11:35 bu... by nicolasydder Explorer in Getting Data In 06-02-2015 0 1	0	1
Indexing FortiGate firewall syslog data, why does Splunk License Usage show 543MB indexed, but our Kiwi syslog server shows 2.7GB for the same data? I have a FortiGate firewall sending logs via syslog protocol to a Kiwi syslog server on one host, and to Splunk on an... by whitby Engager in Getting Data In 06-02-2015 0 6	0	6
How to configure the WMI event collection start date so when I add a new Windows server, Splunk doesn't retrieve historical data? Hi! I'm pretty new to Splunk and at the moment, I'm trying to set up a centralized repository for all my Windows eve... by ewicher New Member in Getting Data In 06-02-2015 0 4	0	4
How to configure Splunk to recognize data is from a specific timezone? Hi there, I need some help regarding time zone (I think). I have data that was collected in Europe (CET time). My an... by brutecat Path Finder in Getting Data In 06-02-2015 0 1	0	1
How to import data from file *.log from Active Directory to SPLUNK? Hello All, After uploading Windows Active Directory data from file '.log' to SPLUNK, i recognized that all data is n... by mazurmateusz Engager in Getting Data In 06-01-2015 0 2	0	2
Simple text file suddenly (but thoroughly) being ignored I've got this little file Oracle appends a row to every hour, and it stopped being monitored mysteriously sometime ar... by mikeely Path Finder in Getting Data In 06-01-2015 0 1	0	1
Why are only 10 of my 16 forwarders showing up in my receiver/indexer? Greetings, I have set up 17 micro AWS boxes, One running a splunk 6.2.0 indexer, 8 with databases (8 mongo and 4 mon... by pwhitebe Engager in Getting Data In 06-01-2015 0 2	0	2
Why is my line breaking configuration for BREAK_ONLY_BEFORE in props.conf not working? I have the following two messages that are merging into one event in Splunk and I need to teach Splunk to break the e... by ebailey Communicator in Getting Data In 06-01-2015 1 5	1	5
help with line-breaking Hi, I have a feed coming in from db connect, which I can't get to line-break properly. My props is: [Performance] ... by a212830 Champion in Getting Data In 06-01-2015 0 3	0	3
How to encrypt communication between a universal forwarder and heavy forwarder? I am not able to configure heavy forwarder inputs.conf file to receive encrypted traffic. 1) config inputs.conf on h... by shaileshmali Path Finder in Getting Data In 05-31-2015 0 1	0	1
How to use the where clause and wildcard to filter results? Hi, I am trying to run this search without success (the search runs however there are 0 results) sourcetype=dhcplog... by shiftey Path Finder in Getting Data In 05-30-2015 0 1	0	1
Is it possible to add an option to the UI in Simple XML to allow users to select a file or folder and run a oneshot python script to index it? Hello, I am working on an App that will allow users to select a file or folder and then call a python script in the ... by sanurd Path Finder in Getting Data In 05-30-2015 0 2	0	2
Correlate logs when time order is inconsistent I have spent a lot of time trying to get something that works perfectly here, and I just can't get more than partial ... by andrewholmes New Member in Getting Data In 05-29-2015 0 1	0	1
Wrong time offset in indexed data Hello. There is a few cisco routers are sending syslogs via UDP to splunk server. Earlier everything was ok, but rece... by let_eat_bee New Member in Getting Data In 05-29-2015 0 3	0	3
extract time from events but date from modification time Hello, I've read Precedence rules for timestamp assignment. What I want is to extract time)(hour,minute,second,mill... by kurt28 Path Finder in Getting Data In 05-29-2015 0 1	0	1
encrypt splunk deployment server and client communication I went through security guide and blogs on splunk , but I am still not clear how to encrypt communication between sp... by shaileshmali Path Finder in Getting Data In 05-29-2015 0 1	0	1
How can we monitor a CIFS Filesystem and its host (storage server) through splunk enterprise? I am having a storage server and have created a CIFS filesystem on that which is mounted to a Windows server on which... by swati_sharma New Member in Getting Data In 05-29-2015 0 2	0	2
Exception logging by time Hey Guys, I'm having problems analyzing log files, which are printing out exceptions, traces and exceptions that are... by ruffson New Member in Getting Data In 05-29-2015 0 1	0	1
email not sending from windows search head From splunkd.log 05-29-2015 07:53:02.696 -0700 ERROR HttpListener - Handler for /en-US/api/shelper?snippet=true&snip... by tyronetv Communicator in Getting Data In 05-29-2015 0 4	0	4
How to troubleshoot why a universal forwarder is not forwarding contents of a file? Beating my head off this one guys. I'm simply trying to forward several logs from my SEPM (SYmantec EndPoint Manager... by cdupuis123 Path Finder in Getting Data In 05-29-2015 0 6	0	6

Get Updates on the Splunk Community!

How to find the worst searches in your Splunk environment and how to fix them

Everyone knows Splunk is a powerful platform for running searches and doing data analytics. Your ...

Share Your Feedback: On Admin Config Service (ACS)!

Help Us Build a Better Admin Config Service Experience (ACS) We Want Your Feedback on Admin Config Service ...

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

AI is changing how teams investigate incidents, detect threats, automate workflows, and build intelligent ...

Getting Data In

Changes to Tranforms.Conf not reflected

Indexer isn't receiving data from the Universal Forwarder

How do you filter Windows:Security:Events: 5145 using use transforms.conf and props.conf?

How to forward log files to two different servers?

What is the default REST API URL to post data to the default index?

How can I set a TIME_PREFIX without prefix

Indexing FortiGate firewall syslog data, why does Splunk License Usage show 543MB indexed, but our Kiwi syslog server shows 2.7GB for the same data?

How to configure the WMI event collection start date so when I add a new Windows server, Splunk doesn't retrieve historical data?

How to configure Splunk to recognize data is from a specific timezone?

How to import data from file *.log from Active Directory to SPLUNK?

Simple text file suddenly (but thoroughly) being ignored

Why are only 10 of my 16 forwarders showing up in my receiver/indexer?

Why is my line breaking configuration for BREAK_ONLY_BEFORE in props.conf not working?

help with line-breaking

How to encrypt communication between a universal forwarder and heavy forwarder?

How to use the where clause and wildcard to filter results?

Is it possible to add an option to the UI in Simple XML to allow users to select a file or folder and run a oneshot python script to index it?

Correlate logs when time order is inconsistent

Wrong time offset in indexed data

extract time from events but date from modification time

encrypt splunk deployment server and client communication

How can we monitor a CIFS Filesystem and its host (storage server) through splunk enterprise?

Exception logging by time

email not sending from windows search head

How to troubleshoot why a universal forwarder is not forwarding contents of a file?

How to find the worst searches in your Splunk environment and how to fix them

Share Your Feedback: On Admin Config Service (ACS)!

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

Transilience AI threat intel feed integration

I have question about Metrics

How to integrate threat armor with splunk?

How to integrate Google Cloud armor with splunk?

How to Integrate Iraje PAM with splunk? Is there a...

Getting Data In

Join the Conversation