Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
spin691t

How to automate the deletion of some data in a CSV file before indexing?

Hello Every day at 10:00 am, I receive a .csv file with data from 00:00 of the previous day until 10:00 of the curre...
by spin691t New Member in Getting Data In 03-11-2015
0 3
0
3
rposky

How can I filter by the first encountered combination of values?

I have results in the following form and would like to filter for only those results matching a session_id=x and an o...
by rposky Engager in Getting Data In 03-11-2015
0 4
0
4
nivedita_viswan

Does installing a universal forwarder cause re-indexing?

At present, we have a stand-alone Splunk server, monitoring a mapped directory of log files. In order to reduce the l...
by nivedita_viswan Path Finder in Getting Data In 03-11-2015
0 7
0
7
OmarDee

how to convert military time to standard time?

by OmarDee Explorer in Getting Data In 03-11-2015
0 1
0
1
splunker12er

Tcp output pipeline blocked. Attempt '300' to insert data failed. (Heavy forwarder ---> Indexer)

Case: I am gathering logs from a cisco-asa and writing them to a log file . and using monitor stanza i'm monitoring t...
by splunker12er Motivator in Getting Data In 03-11-2015
0 8
0
8
MOberschelp

props.conf not working

Hello, I try to user props.conf to change the sourcetype (in this case from cisco:asa to something else) I've set up...
by MOberschelp Explorer in Getting Data In 03-11-2015
0 6
0
6
rmasuoka

Is it possible for Splunk to make a REST call?

I would like to make a REST call from Splunk. I know there are Splunk REST APIs that we can make REST calls into Spl...
by rmasuoka Explorer in Getting Data In 03-10-2015
0 3
0
3
splunker12er

How to troubleshoot heavy-forwarder error "Tcp output pipeline blocked. Attempt '1400' to insert data failed." monitoring syslog files?

I am using a Heavy Forwarder to monitor cisco-asa logs. I have 10 cisco-asa firewalls, writing their logs to 10 diffe...
by splunker12er Motivator in Getting Data In 03-10-2015
0 2
0
2
ToniSchulz

How to configure Splunk to recognize the timestamp for events is in several columns when importing a CSV file?

Hello everyone, I am having a strange problem with importing a csv file. So far all files worked, but from a specifi...
by ToniSchulz Explorer in Getting Data In 03-10-2015
0 2
0
2
mohankesireddy

Why does a search with inputlookup work when used in Splunk Web, but returns no results when using the REST API?

"inputlookup" command works fine when I use in Splunk UI, but same search comes back with no results when I search th...
by mohankesireddy Path Finder in Getting Data In 03-10-2015
0 1
0
1
cbaiocchetti

How to configure Splunk to index syslog data from multiple sources?

Hello. First time I'm posting a question, and a relative newb to Splunk so I apologize up front if this has already ...
by cbaiocchetti New Member in Getting Data In 03-10-2015
0 4
0
4
kairobin

How to add a search head to search against our Splunk indexer?

What are the best practices for setup and using a search head server to take the load off of our indexer? We have an ...
by kairobin Path Finder in Getting Data In 03-10-2015
0 1
0
1
OldManEd

How to override the forwarder host names for 3rd party servers that share the same server name?

I have a couple of 3rd party appliances/servers that have the same server name. I tried to set up a forwarder on the...
by OldManEd Builder in Getting Data In 03-10-2015
0 5
0
5
Raghav2384

Apply SEDCMD to mutli line events in props.conf with recurring field values

Hello Experts, I have been asked to hash out one occurrence of value_key from the following logs. I have tried the f...
by Raghav2384 Motivator in Getting Data In 03-10-2015
0 4
0
4
adrianathome

Syslog in a Cluster

How should syslog data be sent to a Splunk Cluster? Should I have each of my syslog sources pointing to all indexers...
by adrianathome Communicator in Getting Data In 03-09-2015
0 2
0
2
jrodriguezap

How to merge logs that share a common field value before indexing?

Hello Maybe someone can give me an idea about this case. I have a AntiSpam sending messages like this: Aug 18 21:2...
by jrodriguezap Contributor in Getting Data In 03-09-2015
0 10
0
10
sbattista09

How to get a list of servers that are reporting into Splunk via universal forwarder, WMI or both where count > 1?

i want to get a list of servers that are reporting into splunk via UF or WMI or both, i have this going for me, but i...
by sbattista09 Contributor in Getting Data In 03-09-2015
1 6
1
6
JonSloan

What is the best practice for handling CRLF character replacement?

We have 2 large datafeeds into Splunk, email and SQL Trace outputs, but the CRLF characters in both feeds are creatin...
by JonSloan New Member in Getting Data In 03-09-2015
0 2
0
2
sbattista09

A possible timestamp match is outside of the acceptable time window.

im not getting any new logs into splunk after i set up a new input "file monitor". the CSV has no time stamps so splu...
by sbattista09 Contributor in Getting Data In 03-09-2015
0 6
0
6
lehrfeld

Why am I unable to connect my Windows universal forwarder to the Sandbox?

All - I would like to experiment with Splunk Cloud but I am having an issue getting any data into my sandbox. I in...
by lehrfeld Path Finder in Getting Data In 03-09-2015
1 1
1
1
AngusLi

Which forwarder do I need to install on SUSE Linux 10?

Hello guys, I have a question which need your help! I am using splunk enterprise 6.1.1 on win server 2003 (32bit). No...
by AngusLi New Member in Getting Data In 03-09-2015
0 1
0
1
ToniSchulz

Timestamp ascending

Hello, I have a problem concerning the timestamp of my logfiles. We want to look through a large textfile with struc...
by ToniSchulz Explorer in Getting Data In 03-09-2015
0 5
0
5
kartik13

How can i list the host under a tag?

Hi, I have tag of diff. host. Now i have made my search that it results in a list of hosts. How do I make that searc...
by kartik13 Communicator in Getting Data In 03-09-2015
0 1
0
1
gsteffen

How monitor logs on a UNC path?

Hello, I've been given the task of finding out how we can setup Splunk to monitor logs on a UNC path. What are the s...
by gsteffen Explorer in Getting Data In 03-08-2015
0 3
0
3
schose

How to set Execute rights for shell scripts on Windows Forwarder Management?

Hi all, I'm using Forwarder Management on a Splunk instance running on Windows. I've created an app to get some data...
by schose Builder in Getting Data In 03-08-2015
0 3
0
3
Get Updates on the Splunk Community!

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...
Top Solution Authors
View All