Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to configure different timezones for the source file that are coming into SPLUNK

Hi Team I am facing issues with the following scenario 1.I have 200 csv files daily indexing into SPLUNK. 2.These ...

by Path Finder in

forwarding syslog to multiple endpoints

Hi, I need to forwarded syslog data from a Splunk heavy forwarder to ArcSight. I can forward syslog to one ArcSigh...

by Communicator in

How to set up a centralized server for logs from network devices?

Hi Guys. How do you deal with logs from network devices? I know that logs from network devices should be sent to a ce...

by Path Finder in

Splunk universal forwarder fails to start - AIX

Hi, I installed the universal forwarder 6.1 for AIX. splunkforwarder-6.1.1-207789-AIX-powerpc.tar splunk@xx...

by Path Finder in

What is the process on the Splunk side to index syslogs through UDP?

Can anyone please explain the steps to taken on the Splunk side to get the syslogs through UDP? After configuring ...

by Builder in

Import Websense data to Splunk

Has anyone added Websense data to Splunk and would you mind sharing that process?

by New Member in

UF not sending logs from all folders monitored

Hello Splunkers. I have an issue that I've been dealing with for the past 2 days but no success in solving it. I'm...

by Communicator in

Which is the recommended way to input heavy load JSON data to Splunk?

Hi everyone, I'm developing an integration with Splunk, and right now I'm using the Splunk Java SDK with the REST API...

by Engager in

How to change which index a sourcetype is indexed to?

Hi, Currently I am using "Index1" for "sourcetype1". I want to change this "sourcetype1" to a new index "Index2"....

by Path Finder in

How to add application data into Splunk?

I have a legacy application and I want to get as much application data into Splunk as I can. I'm hoping to go well be...

by New Member in

Why am I getting "IndexError: list index out of range" trying to get the session key in a Splunk REST API call?

I am trying to get the result of a search from Splunk, but when I try to get the session key, I am getting the follow...

by Explorer in

To change the date format for events, do we modify datetime.xml on the Indexer or forwarder?

Hi, Fairly simple question, but I can't find the answer. Since we never use the illogical date format month-day-ye...

by Builder in

Why is the Host IP value from udp:514 syslog input incorrect for one device?

Hi, I'm collecting syslog events sent by different network equipment. For all devices, the host value is recorded ...

by Explorer in

Determining indexes.conf settings for all indexes combined

I've spent hours studying the documentation and articles outside of splunkbase about configuring indexing, and I'm st...

by Path Finder in

Why are inputs.conf stanzas not working properly from rsyslog host?

I have the following directories on my rsyslog forwarder (sysloghost): /var/log/remote/servacsv/2015-09-27.log /var/l...

by Path Finder in

How to receive snmp trap in window machine from the remote network device?

I have to set windows xp machine as a server which has install splunk software to receive snamp trap from other remot...

by New Member in

How to debug evt_resolve_ad_obj on a universal forwarder?

Hi, I am trying to debug evt_resolve_ad_obj not working properly? How do I enable debug to see wich Domain Co...

by Path Finder in

How to efficiently get a list of of Windows hosts WITH the Target Domain Name field?

Howdy. For quite a while we have been using this to generate a useful and pretty list of all Windows Server hosts, sh...

by Explorer in

Is there a limit to the number of whitelist/blacklist configurations for security event ID filtering?

We are trying to configure event ID filtration for security events, but even after using the below configuration, the...

by Explorer in

Multiple gzip broken pipe errors

I am seeing many errors like the below: {timestamp} INFO ArchiveProcessor - handling file=/path/to/file.gz{timesta...

by Engager in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to configure different timezones for the source file that are coming into SPLUNK

forwarding syslog to multiple endpoints

How to set up a centralized server for logs from network devices?

Splunk universal forwarder fails to start - AIX

What is the process on the Splunk side to index syslogs through UDP?

Import Websense data to Splunk

UF not sending logs from all folders monitored

Which is the recommended way to input heavy load JSON data to Splunk?

How to change which index a sourcetype is indexed to?

How to add application data into Splunk?

Why am I getting "IndexError: list index out of range" trying to get the session key in a Splunk REST API call?

To change the date format for events, do we modify datetime.xml on the Indexer or forwarder?

Why is the Host IP value from udp:514 syslog input incorrect for one device?

Determining indexes.conf settings for all indexes combined

Why are inputs.conf stanzas not working properly from rsyslog host?

How to receive snmp trap in window machine from the remote network device?

How to debug evt_resolve_ad_obj on a universal forwarder?

How to efficiently get a list of of Windows hosts WITH the Target Domain Name field?

Is there a limit to the number of whitelist/blacklist configurations for security event ID filtering?

Multiple gzip broken pipe errors

.conf23 Registration is Now Open!

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Unify Your SecOps with Splunk Mission Control

Receiving error that “could not load lookup xxx” w...

Do we have a Splunk script that will tell us the t...

Documentation for AWS app for S3

Why are Splunk some logs missing from kiwi syslog?

Get Blob Data W/O Key or SAS Token (use service ac...