Getting Data In

Community Activity

How can I tell whats the avarage EPS per indexer over a day ? Hi, I've been asked to give statistics whats the avarage EPS that each indexer get. and show it over a day etc. any s... by sbeamro Explorer in Getting Data In 01-18-2015 0 3	0	3
field extraction based on "=>" I am consuming facter data from Puppet in the format of "virtual => vmware". Each host has on average 180 unique data... by ebailey Communicator in Getting Data In 01-16-2015 0 2	0	2
Is it possible to send host grouping information from a forwarder? In an inputs.conf I can define a forwarder's host field which I can use in searches. Identifying a single host is not... by d044160 Explorer in Getting Data In 01-16-2015 0 2	0	2
Heavy Forwarder parsing error, CPU 100% utilized Hi, I have heavy forwarders which do the complete parsing in my setup but I see below errors in the splunkd.log and ... by meenal901 Communicator in Getting Data In 01-16-2015 0 1	0	1
How to configure windows event (example login access) to send to splunk? Hi, I'm using splunk recently. How can I configure "windows events" (example login access) to send them to splunk? I... by StefanoLodola New Member in Getting Data In 01-16-2015 0 2	0	2
is it possible to have a custom command return json to splunk? I have a RESTful webservice which returns me a fairly complex json. I wish to pass it as-is to splunk and hope for sp... by dominiquevocat SplunkTrust in Getting Data In 01-16-2015 0 1	0	1
How Can I Compare Fields Against Another SourceType? I have two source types - One with a list of hosts and their software (DataIn).The other with a list of ideal versi... by taylornat New Member in Getting Data In 01-15-2015 0 6	0	6
How to edit my current configuration for correct multiline event breaking? Hi, I have a flat file multiline log: Here is my props.conf [emailAlerts2] SHOULD_LINEMERGE=true BREAK_ONLY_BEFOR... by chrisboy68 Contributor in Getting Data In 01-15-2015 0 13	0	13
Is it possible to migrate summary indexes from Splunk 4 to Splunk 6? I know this is probably a longshot, but is it possible to create a new summary index in our splunk 4 cluster with dat... by sonicZ Contributor in Getting Data In 01-15-2015 1 1	1	1
How can i list logs files indexed by indexing date? Hi guys! I have a folder monitoring stanza (E.g: "C:\|logs\|client\|") and I want list all indexed files from these dir... by chlima Explorer in Getting Data In 01-15-2015 0 2	0	2
Is it possible to set monitor paths dynamically without the use of wildcards? I want to create an app that will be deployed on a few forwarders to monitor log files. Problem is with the paths of ... by d044160 Explorer in Getting Data In 01-15-2015 0 5	0	5
Strip "Original Address" text in splunk Hi, i would like to strip the "Original Address" Text that splunk appends. How do i do this ? Original Address=xx.... by nishan_perera Explorer in Getting Data In 01-15-2015 0 4	0	4
Negation in Transforms.conf Hi, I have a lot in which the below lines are coming AAA good BBB good AAA good CCC good DDD bad AAA bad I want to... by abhayneilam Contributor in Getting Data In 01-15-2015 0 7	0	7
REST API: Why am I hitting a limit of 100 exported results? Hi, I am trying to get some results out of Splunk using the REST API, I have the following in my script: uri = "/se... by MHibbin Influencer in Getting Data In 01-14-2015 0 2	0	2
How to collect metrics of vmware performance in Splunk? Hello! Can someone advise me how I can collect metrics of perfomance of vmware vms? by vinchakov_a Path Finder in Getting Data In 01-14-2015 0 4	0	4
Can I run Splunk on a Virtual Machine in a NetLab environment to monitor traffic, Active Directory, etc? I will be competing in a CCDC event and was wondering if I will be able to use Splunk on a VM in a NetLab environment... by zrheinecker8495 New Member in Getting Data In 01-14-2015 0 4	0	4
How do I send my own data into a Splunk Cloud Sandbox Trial? How do you send data from a forwarder into a Splunk Cloud Sandbox trial environment? by khourihan_splun Splunk Employee in Getting Data In 01-14-2015 9 12	9	12
Can you forward data to the sandbox server with a universal forwarder? I have setup a sandbox and wish to test the universal forwarder to send data to the sandbox. I do not see a way to a... by svertner New Member in Getting Data In 01-14-2015 0 5	0	5
WIndows DNS debug log becomes deleted On a Windows 2008 domain controller, DNS debug logging enabled, so that queries can be captured by Splunk. The DNS d... by realdridgespl Explorer in Getting Data In 01-13-2015 1 8	1	8
Splunk DB Connect: Why am I getting jbridge.log error "java.io.IOException: Server returned HTTP response code: 401 for URL..."? I get the following error in jbridge.log. Can someone advice on the fix. 2015-01-13 08:21:11,348 DEBUG options=['-Xm... by basanthp Path Finder in Getting Data In 01-13-2015 0 2	0	2
Why is Splunk dropping data from a log file with error "Dropping data without forwarding since the size is greater than 67108864, event size=95536310"? Hello Splunk is dropping lot of data from a log file in our Prod environment. It errors out as below in _internal ... by theouhuios Motivator in Getting Data In 01-13-2015 0 7	0	7
Does Splunk write back to the file that it's monitoring? Can Splunk writeback to the file that it's reading for reporting? by monalisadas New Member in Getting Data In 01-13-2015 0 2	0	2
Monitoring User Activity in Active Directory How do I monitor user account creation in AD? I need to accomplish the following: Who created the user?What privile... by linuxprophet New Member in Getting Data In 01-13-2015 0 5	0	5
How to configure proper line breaking for indexing ftp log files? I have some ftp log files that I am indexing and when I search, there will be events that have 275 lines in them inst... by shane_berry Engager in Getting Data In 01-13-2015 0 1	0	1
What is the correct syntax to change Database Monitor (dbmon-tail) in setup.xml? What is the correct syntax to change Database Monitor (dbmon-tail) in setup.xml? Example: [dbmon-tail://MY_DB/mydbq... by pedromvieira Communicator in Getting Data In 01-13-2015 0 4	0	4