Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
KarlGechlik

Masking account numbers

Hello we are trying to mask an account#'s last 5 digits. I have added this to props.conf [annon] TRANSFORMS-anonymiz...
by KarlGechlik Explorer in Getting Data In 03-20-2015
0 6
0
6
sim_tcr

Splunk DB Connect: Why am I getting an error trying to select a column for my dbmon-tail input?

Hello, I am trying to setup a tailing query using Splunk DB Connect app. My query is: select * from table WHERE C...
by sim_tcr Communicator in Getting Data In 03-20-2015
0 3
0
3
ptah23

How do I install Splunk on Windows without system admin access?

Hi I am unable to install Splunk on my local machine for development purposes. I do not have access to an admin acco...
by ptah23 New Member in Getting Data In 03-20-2015
0 5
0
5
ibatalla

How much license do I need if I'm using a heavy forwarder to send data only to a syslog server, not to an indexer?

Hi guys, I'm using a heavy forwarder to send data to a syslog server. If I don't send data to an indexer and only us...
by ibatalla New Member in Getting Data In 03-20-2015
0 1
0
1
domenico_perre

How to troubleshoot why I can see network traffic, but no data is being indexed in Splunk from our Cisco FWSM?

Hi All, I have been having issues with getting logs into splunk from our cisco fwsm. When I open up wireshark I can...
by domenico_perre Path Finder in Getting Data In 03-19-2015
0 13
0
13
skoelpin

Where in Splunk_Home on the forwarder do I make the configuration to change a target index?

I have several web services which need to be in the same index. Currently they are going to 2 different indexes.. W...
by SplunkTrust SplunkTrust in Getting Data In 03-19-2015
0 1
0
1
venkat_d

What is the best way to update an index in Splunk to reflect a change in data pulled via a script from a database?

What is the best possible way to update an index in Splunk? Here is my usecase: Two lines are getting forwarded to S...
by venkat_d New Member in Getting Data In 03-19-2015
0 1
0
1
sundaresh83

How to configure a forwarder to regularly pick up data from a CSV file on a Linux server?

I have log and other data in a linux server. I am parsing the data using awk code and converting it into csv files. T...
by sundaresh83 Explorer in Getting Data In 03-19-2015
0 2
0
2
spbayer

Setting tag values through REST API

Is it possible create tags and set tag values through the REST API?
by spbayer Engager in Getting Data In 03-19-2015
1 5
1
5
acidkewpie

Are there any issues with Splunk reading and indexing gzip files via a universal forwarder?

Hi, I've heard comments against configuring Splunk to read gzipped files, horror stories of it not always noticing ...
by acidkewpie Path Finder in Getting Data In 03-19-2015
0 3
0
3
HeinzWaescher

Form Input - Add submit button for each panel

Hi, I would like to add a seperate submit button for each panel of a form. At the moment there is only one button at...
by HeinzWaescher Motivator in Getting Data In 03-19-2015
1 1
1
1
malkiz_walkme

Why can't I find the screen with the form for "file upload" to add data to my Splunk Cloud trial?

Hi, I'm new to Splunk. I signed up for the Cloud trial. When I first logged in I was presented with a "file upload" f...
by malkiz_walkme Explorer in Getting Data In 03-19-2015
0 3
0
3
benedetto

Heavy Forwarder filter

Hi, I have this example of log: hhhh/mm/dd hh:mm:ss :MGR ,nnnnn:nnn(text):1 [-07728 text.] : Event : Done by > 'tex...
by benedetto Engager in Getting Data In 03-19-2015
0 15
0
15
tobiasvollrath

Timestamp recognition of multi timestamp formats in one Logfile

Hey, I have a problems with the timestamp recognition at index time. How can Splunk recognize different time/date for...
by tobiasvollrath Explorer in Getting Data In 03-18-2015
1 4
1
4
johnsmithman2

Forwarder stopped forwarding after restart of server

I am using the VMware Syslog collector to collect the logs from my ESXi hosts and send them to Splunk with the univer...
by johnsmithman2 New Member in Getting Data In 03-18-2015
0 5
0
5
xiyangyang

Get logs again

There is a .html file I got via Splunk 4 months ago. Now I want get it again via Splunk because we only save logs in...
by xiyangyang Path Finder in Getting Data In 03-18-2015
0 5
0
5
smolcj

sourcetype is not listing

i have taken a backup of my app and uploaded in another splunk instance(free license). when i am ttrying to add datai...
by smolcj Builder in Getting Data In 03-17-2015
0 3
0
3
some_guy

What are recommendations for our current file monitoring setup?

My setup looks like this: syslog collector with UF -> HF -> Index cluster File input in a directory on the syslog co...
by some_guy Path Finder in Getting Data In 03-17-2015
0 1
0
1
ravenind

Filter a syslog to only a couple fields, make into a report

Pardon my brand-newness to Splunk, please. I just installed it.  We have a Sourcefire unit that we would like to pu...
by ravenind New Member in Getting Data In 03-17-2015
0 6
0
6
pkeller

How do I setup TCP ROUTING when using an intermediate forwarder

I have some sourcetypes that I'd like to go to two indexing destinations. Universal Forwarder: (inputs.conf) [monit...
by pkeller Contributor in Getting Data In 03-17-2015
1 4
1
4
rene847

How to configure a universal forwarder to forward 2 syslogs from 1 IP address to 2 different indexes?

Hi, I have a Linux server and the syslog is functional. Here is UF config (inputs.conf) : [udp://xx.xx.xx.140:514] ...
by rene847 Path Finder in Getting Data In 03-17-2015
0 7
0
7
joe_bayreaux

How to update only the inputs.conf blacklist stanza on a universal forwarder with a deployment server?

Have a myriad of webservers in a webfarm where I need to blacklist certain eventIDs/Types (from time to time) to pr...
by joe_bayreaux Explorer in Getting Data In 03-17-2015
1 4
1
4
the_wolverine

Is it possible to configure cloning AND autoLB simultaneously?

I have a light forwarder sending data to my indexer. I'm bringing two new Splunk indexers online and want to use aut...
by the_wolverine Champion in Getting Data In 03-17-2015
0 4
0
4
felix_fxm

How to re-index the deleted data in splunk.

I indexed some data into splunk by .csv file, but there is some problem with it. So I removed them by "|delete" comma...
by felix_fxm Engager in Getting Data In 03-17-2015
1 4
1
4
shariinPH

How to blacklist or whitelist logs monitored in a Windows directory?

Hi I have to monitor a specific folder in a certain directory For example my path is G:\opdata\my_data\motherfolder\...
by shariinPH Contributor in Getting Data In 03-16-2015
0 6
0
6
Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...
Top Solution Authors
View All