Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
basanthp

Splunk DB Connect: Why am I getting jbridge.log error "java.io.IOException: Server returned HTTP response code: 401 for URL..."?

I get the following error in jbridge.log. Can someone advice on the fix. 2015-01-13 08:21:11,348 DEBUG options=['-Xm...
by basanthp Path Finder in Getting Data In 01-13-2015
0 2
0
2
theouhuios

Why is Splunk dropping data from a log file with error "Dropping data without forwarding since the size is greater than 67108864, event size=95536310"?

Hello Splunk is dropping lot of data from a log file in our Prod environment. It errors out as below in _internal ...
by theouhuios Motivator in Getting Data In 01-13-2015
0 7
0
7
monalisadas

Does Splunk write back to the file that it's monitoring?

Can Splunk writeback to the file that it's reading for reporting?
by monalisadas New Member in Getting Data In 01-13-2015
0 2
0
2
linuxprophet

Monitoring User Activity in Active Directory

How do I monitor user account creation in AD? I need to accomplish the following: Who created the user?What privile...
by linuxprophet New Member in Getting Data In 01-13-2015
0 5
0
5
shane_berry

How to configure proper line breaking for indexing ftp log files?

I have some ftp log files that I am indexing and when I search, there will be events that have 275 lines in them inst...
by shane_berry Engager in Getting Data In 01-13-2015
0 1
0
1
pedromvieira

What is the correct syntax to change Database Monitor (dbmon-tail) in setup.xml?

What is the correct syntax to change Database Monitor (dbmon-tail) in setup.xml? Example: [dbmon-tail://MY_DB/mydbq...
by pedromvieira Communicator in Getting Data In 01-13-2015
0 4
0
4
will_paxata

Can I configure defaultGroup when remotely deploying a *nix universal forwarder with a static configuration?

I am deploying universal forwarders with a bash script that is based on the sample script in http://docs.splunk.com/D...
by will_paxata Explorer in Getting Data In 01-12-2015
0 1
0
1
nir_sheep

How to index XML files in a directory location?

Hi, I am new to Splunk. i was able to get data indexed for regular lg files., but we have some Ora audit XML files t...
by nir_sheep New Member in Getting Data In 01-12-2015
0 2
0
2
appzen

What am I missing to get a successful connection between my Universal Forwarder and the sandbox?

I followed the tutorial very carefully on setting up the forwarder on my two Tomcat servers. Now I am trying to verif...
by appzen Path Finder in Getting Data In 01-12-2015
2 35
2
35
proletariat99

How do you make a Search Head talk to an Indexer?

Yeah, I realize this is a really ridiculous question, but I just can't seem to find the answer -- which I assume is r...
by proletariat99 Communicator in Getting Data In 01-12-2015
0 4
0
4
JoeSco27

Why are servers connecting to my deployment server, but not the indexers?

I have created and deployed the following serverclass.conf stanza: [serverClass:dt-exdata] whitelist.0 = dt1exdata* ...
by JoeSco27 Communicator in Getting Data In 01-12-2015
0 1
0
1
franklucas30

Sonicwall syslogs and Splunk

Does anyone out there use Splunk to collect Sonicwall Syslogs? We only have the 2GB splunk license and in hardly touc...
by franklucas30 Engager in Getting Data In 01-12-2015
0 2
0
2
thiru25

Indexing only partial events

Hello, I have 1000s files that I am indexing but I only need first 3 fields to be indexed in each event, is there a...
by thiru25 Explorer in Getting Data In 01-12-2015
0 2
0
2
adityapavan18

TimePicker to work in EST timezone and not in GMT

I have a scenario where in the splunk servers(Search Heads & Indexers) the server time is set as UTC But when a user...
by adityapavan18 Contributor in Getting Data In 01-12-2015
0 1
0
1
jrdba

using wildcard to index logs monitor config in inputs.conf fails

Hi folks. We are currently trying to pick up some log files by using a wildcard settings in our inputs.conf file. We ...
by jrdba Explorer in Getting Data In 01-12-2015
0 3
0
3
mwong

Poor indexing rate in indexer

In SoS app, it is found that the indexing rate is limited to about 200Kb/s.
by mwong Splunk Employee Splunk Employee in Getting Data In 01-11-2015
0 1
0
1
appzen

Why am getting error "There are currently no forwarders configured as deployment clients to this instance" on my Sandbox after installing a universal forwarder on my server?

I installed the universal forwarder to my server, specified by sandbox host-url and port 9997 in the command "./splun...
by appzen Path Finder in Getting Data In 01-10-2015
0 3
0
3
jpincin

How to "add oneshot" to a cluster of indexers

I want to import a large set of files, one time, into a cluster. Reading the documentation here: http://docs.splunk.c...
by jpincin Engager in Getting Data In 01-09-2015
2 2
2
2
sushmitha_mj

How to get Splunk to recognize the date for data in a CSV file, not the creation time of the data entry?

Hi, I am new to splunk and hence, just to experiment with the tool I added some bank statement data into splunk in th...
by sushmitha_mj Communicator in Getting Data In 01-09-2015
1 3
1
3
mbarrie_splunk

How can I create custom indexed fields for Splunk DB Connect database inputs?

Currently using a pair of custom indexed fields for qualifying some of our data. For normal inputs this works great ...
by mbarrie_splunk Splunk Employee Splunk Employee in Getting Data In 01-09-2015
0 1
0
1
helge

Default delimiters for key value extraction

I have been sending key value data like the following to Splunk: metric1=1.0 metric2=22 metric3="Some string" I ha...
by helge Builder in Getting Data In 01-09-2015
0 8
0
8
AaronMoorcroft

With my index configuration for archive data, is it safe to move this folder elsewhere due to size and will the archive job continue as it hits the configured settings?

Hi Guys I have my Index archive data as per the below index config: [default] frozenTimePeriodInSecs = 62899200 [...
by AaronMoorcroft Communicator in Getting Data In 01-09-2015
0 1
0
1
rb51

How can I collect remote logs from member servers using a universal forwarder installed on a domain controller?

hi all, I have installed a Universal Forwarder on a Domain controller (using domain creds - service account). How ...
by rb51 Explorer in Getting Data In 01-09-2015
0 1
0
1
kendrickt

Splunk Universal Forwarder using 2GB of RAM?

Hi guys, I've just installed the Universal Forwarder on my NAS server(Windows Server 2008 R2) and I have configured ...
by kendrickt Path Finder in Getting Data In 01-09-2015
1 8
1
8
lukasz92

How to set a new field at index-time based on matching event pattern?

I am trying to parse a complicated log for malware data model. I want to set a new field: action="allowed" or action...
by lukasz92 Communicator in Getting Data In 01-09-2015
0 1
0
1
Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...
Top Solution Authors
View All