Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

Universal forwarder is not collecting events on Forwarded Folder of windows server

Hi All I am new to Splunk and having some issue... we have a windows 2008r2 server setup as an event collector for...

by Path Finder in

Can splunk Index data from an HTTP address

I have a url that has a server.txt file on that that gets updated as the requests/responses are coming through. C...

by Path Finder in

Splunk on-demand indexing of a file

I currently have a FIX log file which generates HUGE amounts of data every day. With my current license its impossibl...

by Explorer in

Assign an index and sourcetype name different from forwarder in Indexers

Hi All, I have a cisco edge device with Splunk forwarder (UF) embedded in it. That means index and sourcetype is a...

by Contributor in

Windows Server 2012 - Splunkd Service Access Denied

We're having a bit of an issue with our new Splunk install on Windows Server 2012. The Splunkd and Splunkweb services...

by Engager in

/var/log/messages associated with index host NOT the correct source host

I have two dozen UF linux systems. All of them are picking up /var/log/messages and sending it to my indexer (the one...

by Path Finder in

Ruby SNMP CIM

Greetz, I know almost nothing about Ruby, could someone maybe assist by advising how to print the below fields but...

by Communicator in

Splunk WMI on Universal Forwarder

I am writing a WQL on my universal forwarder to read data from my BizTalk server. I have configured my wmi.conf as be...

by Explorer in

Parsing syslog, extracting all the basic fields, while setting correct timestamp - is it possible?

I wonder if there is a way of parsing/searching syslog messages, simpler than editing config files, and writing appli...

by New Member in

Splunk TCP input from python program

Hey guys, I've crated a python program that does some auditing and then tried to upload to a splunk server. It doe...

by Path Finder in

Universal Forwarder ParsingQueue KB Size

Hi All, We use a Splunk Universal Forwarder to monitor Websphere log files on our environment. During normal daily op...

by Communicator in

Cannot Login to Forwarder

After installing the Forwarder, I cannot login to it. I have executed SPLUNK CLEAN ALL, but cannot login. I also trie...

by New Member in

Splunk VMware "logincreator.pl" returns error

Hi Im trying to use logincreator.pl to create an account in my hosts. it returns an error saying "Insufficient ...

by Explorer in

How do I force IP address for host property instead of hostname

In the inputs.conf file you have the option to specific a 'host' property. Per the documentation. If not set ...

by New Member in

syslog parsing...

Hi, I need to process a syslog feed, but only keep certain hosts, and throw the rest away. I first setup the f...

by Champion in

How do you increase maximum UDP log size?

We are experiencing a complete loss of the log message if it's over approx. 1400 characters. The message doesn't show...

by Engager in

Universal Forwarder not connecting to indexer

OS=Windows Server 2008 SP1 64-bit, Forwarder version = 5.0, Indexer version = 5.0 Windows Firewall = OFF Scenar...

by New Member in

How to rename an index?

Can we rename indexes in Splunk? If so, how?

by Contributor in

Monitoring large number of files

We have a server that generates 100k log files a day. The logs must be forwarded to an indexer. Due to the critical n...

by Path Finder in

How to reduce index size on a Heavy Forwarder

We use a heavy forwarder to read and transmit data from a Windows Event Collectors "Forwarded Events". The license is...

by Contributor in

Getting Data In

Discussions

Universal forwarder is not collecting events on Forwarded Folder of windows server

Can splunk Index data from an HTTP address

Splunk on-demand indexing of a file

Assign an index and sourcetype name different from forwarder in Indexers

Windows Server 2012 - Splunkd Service Access Denied

/var/log/messages associated with index host NOT the correct source host

Ruby SNMP CIM

Splunk WMI on Universal Forwarder

Parsing syslog, extracting all the basic fields, while setting correct timestamp - is it possible?

Splunk TCP input from python program

Universal Forwarder ParsingQueue KB Size

Cannot Login to Forwarder

Splunk VMware "logincreator.pl" returns error

How do I force IP address for host property instead of hostname

syslog parsing...

How do you increase maximum UDP log size?

Universal Forwarder not connecting to indexer

How to rename an index?

Monitoring large number of files

How to reduce index size on a Heavy Forwarder

Splunk errors generated alongside successful data ...

Smart Store Producing a High Volume of 204 and 404...

Ingest messages from slack channels to splunk

Need to give add data capability to user in splunk...

Load Balancing UF to 3rd third party receivers