Getting Data In

Community Activity

Events being cut when Linecount > 206. How to increase this limit? For a web service call, my event has a linecount=220. But when looking at the response in Splunk, it is cutting the e... by skoelpin SplunkTrust in Getting Data In 02-11-2015 1 2	1	2
Universal Forwarder - Timezone by sourcetype not working? Just starting out with Splunk recently, still using the free version for now. My Splunk head, indexer & deployment se... by alexism New Member in Getting Data In 02-11-2015 0 1	0	1
How to set a correct line breaks in my props.conf The first picture is my original logs The second picture is my logs in the splunk Now,we can see the splunk wrap ... by perlish Communicator in Getting Data In 02-11-2015 0 7	0	7
Why SEDCMD configured in props.conf is working during Data Preview but not during SEARCH? Hello, I have configured a SEDCMD in props.conf to remove a few unwanted lines of logs. During data preview, the SED... by DavidHourani Super Champion in Getting Data In 02-11-2015 0 6	0	6
Can Splunk strptime() work with the date before 1970-01-01 in epoch format? Sometime I have a timestamp like -633945600.000 in my data. I found a previous post where someone said Splunk only su... by luxiaobin Explorer in Getting Data In 02-11-2015 0 8	0	8
UF persistentQueue tcp,UF persistentQueueSize tcp://8088 We have an application that sends it's data to the UF on tcp port 8088. When the indexers are down we want the UF to ... by arjangoos Path Finder in Getting Data In 02-11-2015 0 3	0	3
WMI not working on one system I have installed the UF on 4 systems, but one is giving me the following error... 03-02-2012 10:46:33.860 -0500 ERRO... by mcbradford Contributor in Getting Data In 02-11-2015 0 3	0	3
How splunk calculate license? Hi, I just want to ask how the enterprise license will be calculated by splunk. I have a 5gb license. My current set... by sympatiko Communicator in Getting Data In 02-10-2015 0 4	0	4
Splunk not receiving syslog events, but telnet works I've got splunk working properly on a CentOS 6.5 box. I have another CentOS box client, and I can telnet to the port ... by bclapp New Member in Getting Data In 02-10-2015 0 2	0	2
How to create a new key-value pair name and value based on text within a log? I would like to create a whole new KV Pair, and based on the text from within a log, give it a specific value. Examp... by jizzmaster Path Finder in Getting Data In 02-10-2015 0 3	0	3
Should I use an ellipsis or * in my inputs.conf monitor stanza? I have an IIS server and the path to the files I want to monitor looks like this: d:/web/logfiles/W3SVC1 d:/web/log... by mcbradford Contributor in Getting Data In 02-10-2015 0 2	0	2
How to configure data base inputs? I want to enable a data base inputs which I disabled before and take the logs from that day only. How to configure th... by avis1119 New Member in Getting Data In 02-10-2015 0 3	0	3
Can cflowd format be Splunked? Hello. A customer is getting external firewall logs from a vendor in "cflowd format". Can cflowd format be Splunked?... by juthsn Engager in Getting Data In 02-10-2015 0 3	0	3
Extracting event date/time from record with multiple date/times I have a data input with the following format for which I am struggling to extract the correct data for the SPLUNK ev... by garryclarke Path Finder in Getting Data In 02-10-2015 0 2	0	2
How to get Windows .NET perfmon inputs working? I am attempting to enable several Windows perfmon inputs with mixed success. Inputs such as CPU, LogicalDisk, Memory,... by eckdale Path Finder in Getting Data In 02-09-2015 0 1	0	1
How to monitor change in scripted input? How do you make sure to send logs from a scripted input only when the output is changed? Lets say the script is doin... by ben_leung Builder in Getting Data In 02-09-2015 0 1	0	1
re-index windows event logs I would like to force the re-indexing of events in a local Windows Event Log channel, let's say "Security". I have tr... by bjoernjensen Contributor in Getting Data In 02-09-2015 0 4	0	4
Is it possible to monitor whether there are any files in a folder without indexing them? Hi, Is it possible to monitor whether there are any files in a folder without indexing them? thks by newbiesplunk Path Finder in Getting Data In 02-09-2015 0 1	0	1
Why is my monitor with a whitelist not picking up files? Hi, I have a monitor and a whitelist that aren't picking up my required files, and I'm not sure why. Here's my inpu... by a212830 Champion in Getting Data In 02-09-2015 0 2	0	2
How to Best Test if my SSL Certificate is valid I am trying to enable Splunk forwarder via SSL, I received the message: 02-06-2015 10:10:45.415 -0700 ERROR TcpOutpu... by mzorzi Splunk Employee in Getting Data In 02-09-2015 2 1	2	1
Calculating "browsing time" from Ironport proxy access logs We're currently using another software package to generate reports from our Ironport proxy access logs and we need to... by AlexD Explorer in Getting Data In 02-09-2015 0 7	0	7
Why is timestamp different in Splunk compared to the logs and can I view the timezone setting in Splunk Web? I have a question, Can I view time zone setting in the Splunk web? I need to check what time zone been set in Splunk... by rais317 New Member in Getting Data In 02-06-2015 0 2	0	2
IIS Advanced Logging Sourcetype I have been trying to find some information on getting IIS Advanced logging data parsed correctly in splunk. I worke... by tross33 Explorer in Getting Data In 02-06-2015 1 1	1	1
Why is the python SDK throwing Bad Gateway errors using the Splunk examples with Splunk 6.2.1 on Windows 2008? I am running Splunk 6.2.1 on Windows 2008 and just installed the Python SDK. It took a while to get it configured but... by kmattern Builder in Getting Data In 02-06-2015 0 1	0	1
Can I remotely monitor Windows performance using a universal forwarder or do I have to install Splunk and then forward WMI? I am trying to troubleshoot a performance issue on a server on our network. I would like to setup some Windows Perfo... by Bliide Path Finder in Getting Data In 02-06-2015 0 2	0	2