Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
sarnagar

What does the technical term "indexing on the server" mean?

Does indexing mean forwarding the data?
by sarnagar Contributor in Getting Data In 04-22-2015
0 1
0
1
kartik13

How can i append the values of one field to another field?

I have two different fields, but they have the same type of value for eg. "host". So How can I join two fields to hav...
by kartik13 Communicator in Getting Data In 04-21-2015
0 7
0
7
yschiff

Why is my Splunk Light instance not showing any forwarders configured as deployment clients?

I have installed Splunk Light on a server and installed the Windows Forwarding agent on a separate server to forward ...
by yschiff New Member in Getting Data In 04-21-2015
0 8
0
8
michaelrtesco

Is it possible to use Splunk as a static data store with a single log entry per line?

We have a process that extracts data from a SQL Server in CSV format. We want the Splunk agent to pick up that data ...
by michaelrtesco Engager in Getting Data In 04-21-2015
0 4
0
4
joxley

Monitoring an incrementing file name in a directory with a lot of different log files, how do I monitor just that file name?

A system that I am watching generates log files and rotates them such that the filenumbers increase, every X rows. C...
by joxley Path Finder in Getting Data In 04-21-2015
0 1
0
1
scottsavaresevi

How to configure Splunk to not merge Juniper VPN logs in one event?

I am currently sending my Juniper VPN logs to splunk. Periodically I see multiple log entries from the VPN appear as ...
by scottsavaresevi Path Finder in Getting Data In 04-21-2015
0 1
0
1
akash_l

Installed Splunk Enterprise on Windows 7, but why am I not able to log in with the default credentials?

Installed Splunk Enterprise on Windows 7, but why am I not able to log in with the default credentials?
by akash_l New Member in Getting Data In 04-21-2015
0 1
0
1
lewis269

When I log into the Splunk indexer and go to the distributed management console, why do I not see the search head instance listed?

I've added the indexer as a peer on the search head and can edit the roles of both the indexer and the search head fr...
by lewis269 Explorer in Getting Data In 04-20-2015
0 3
0
3
davisr7

Does anyone use Incapsula API to integrate Incapsula security events into Splunk?

I am looking for a way to integrate Incapsula security events into Splunk. The events API response does not appear to...
by davisr7 Engager in Getting Data In 04-20-2015
2 4
2
4
rubeniturrieta

Make a lot of frozen data searchable

Hi to everyone. I have a lot of frozen data (like 20 gb), and a i need to make it searchable again. How can i do this...
by rubeniturrieta Communicator in Getting Data In 04-20-2015
0 1
0
1
92607547

With splunkd behind a firewall, S3 and sshfs work to access logs, but can a Splunk forwarder collect logs in redis?

Hi. Currently, splunk indexer works behind firewall, and it must stay behind firewall. Now I am using S3 and sshfs w...
by 92607547 New Member in Getting Data In 04-20-2015
0 2
0
2
acidkewpie

Is it possible to enable useACK without sending cooked data?

Hi, Is it possible to enable useACK without sending cooked data? If we have two independent splunk worlds, and I'm ...
by acidkewpie Path Finder in Getting Data In 04-20-2015
1 3
1
3
SilviaGebel

When to add a new index or sourcetype?

Hello  I am wondering, when it is useful or reasonable to create a new index or sourcetype. If I have data that I ...
by SilviaGebel Path Finder in Getting Data In 04-20-2015
0 6
0
6
scottb61

Why am I getting "Error in PivotCell" using NOT operators to apply a filter with pivots and drop-downs in a dynamic dashboard?

Hi All, I'm looking to create a dynamic dashboard where the search results get updated by way of a Drop-down select...
by scottb61 New Member in Getting Data In 04-20-2015
0 5
0
5
maciej_sawicki

How do I configure password protection for a deployment server and secure inputs for universal forwarders on VMs if the IPs change frequently?

Hi, I have Splunk Enterprise hosted on my Domain Controller, but in addition to that, I would like to collect data f...
by maciej_sawicki Engager in Getting Data In 04-18-2015
1 4
1
4
leroygsmith

How do I remove Splunk from my Mac?

How do i remove splunk from my mac, including the spunk folder which reappears every time i send it to trash?
by leroygsmith New Member in Getting Data In 04-18-2015
0 2
0
2
redc

Why is my forwarder sending data from monitored files twice just a couple minutes apart?

I just set up a new forwarder on a new Linux server and set it to monitor some files. For some reason, it is sending...
by redc Builder in Getting Data In 04-17-2015
1 6
1
6
BT_Neophyte

Why is a specific log file not getting forwarded when others in the same directory do?

I'm having an issue where a specific log file is not forwarding, but others in the same directory and Splunk app are ...
by BT_Neophyte Explorer in Getting Data In 04-17-2015
0 5
0
5
cdyates

Can I reconfigure Splunk forwarders on Windows to point to a new indexer without reinstalling?

I want to point my windows forwarders to a new indexer. Do I have to reinstall to do that or can the redirect be don...
by cdyates New Member in Getting Data In 04-17-2015
0 1
0
1
careybrucem

Is it possible to get more granular on Windows system events as far as retention is concerned on the indexer?

Or am I at the mercy of the settings for index rotation settings? In other words, we have the following requirements...
by careybrucem Explorer in Getting Data In 04-17-2015
0 2
0
2
nowellca

OPSEC LEA with CheckPoint: SIC ERROR 119 - SIC Error for ssl_opsec: Client could not choose an authentication method for service ssl_opsec

We Installed OPSEC LEA on RedHat to connect to CheckPoint 75.40. The app is enabled and connected. CheckPoint shows...
by nowellca Engager in Getting Data In 04-17-2015
2 9
2
9
Tim80

Parsing CheckPoint Archive logs without "FW" tool

Hi, I have checkpoint archived logs stored in a binary format as described here : http://answers.splunk.com/answ...
by Tim80 New Member in Getting Data In 04-17-2015
0 1
0
1
ts_splunk

Splunk組み込みPython以外でUnicodeEncodeErrorが発生する

splunk cmd python xxxxxx.py と実行すると正しく実行されるPythonスクリプトがあります。 同じスクリプトを別途インストールしたPython環境ではUnicodeEncodeErrorが発生します。 Py...
by ts_splunk Path Finder in Getting Data In 04-16-2015
0 1
0
1
desi-indian

event tagging ..Multiple format lines in same log file

Hi , I am trying to do a field extraction for a log ...the issue I am facing is the field lay out remains con...
by desi-indian Path Finder in Getting Data In 04-16-2015
0 3
0
3
singhbc

How to convert date_* fields to epoch time after a join to calculate time difference?

I have a search that uses "join" which uses two sourcetypes to search the events and then joins them using a common f...
by singhbc Path Finder in Getting Data In 04-16-2015
1 6
1
6
Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...
Top Solution Authors
View All