Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
pkeller

Why is deployment of new indexes.conf via serverclass setting incorrect group ID in NIS+ environment?

I'm using splunk 6.1.3 with a deployment server. I distribute indexes.conf to my indexers via an indexer serverclass....
by pkeller Contributor in Getting Data In 12-18-2014
0 2
0
2
joseph_hazlett

How can I ignore internal splunk data when searching?

Without having to add a filter every time I search, is it possible to ignore all the internal splunk data when runnin...
by joseph_hazlett Explorer in Getting Data In 12-18-2014
1 2
1
2
splunk_zen

inputs.conf files starting and ending with different patterns

I'm sure I'm missing something, but is there any way to get an input stanza equivalent to unix ls /opt/logs/connect...
by splunk_zen Builder in Getting Data In 12-18-2014
0 1
0
1
ebaileytu

Why did adding an indexer to our deployment server uninstall all of our custom applications after the required restart?

After a time of constant change to deal with issues I am rebuilding our deployment server using all defaults configur...
by ebaileytu Communicator in Getting Data In 12-18-2014
0 4
0
4
stefanlasiewski

Why is each line of syslog prepended with a number in angle brackets like <123>?

Our central syslog server forwards syslog data to my Splunk server, using TCP (secure syslog). In the Splunk web GUI...
by stefanlasiewski Contributor in Getting Data In 12-18-2014
2 8
2
8
ronogle

How do I get Splunk for Cisco ASA to recognize names for src or dest?

Our Cisco ASA logs sometimes contain names that represent objects instead of the IP address. Example: Dec 18 05:37:4...
by ronogle Explorer in Getting Data In 12-18-2014
0 1
0
1
splunk_zen

props.conf TIME_FORMAT for middle of the line DATETIME

I'm having trouble recognizing the timestamp for a logs with this structure, (field timestamp appears = none in Splun...
by splunk_zen Builder in Getting Data In 12-18-2014
0 3
0
3
varunanand

How to add a static field using a lookup file for a partial match in the Universal forwarder?

I am new to splunk and trying to add a static field (action) using a lookup file. It needs to be a partial match with...
by varunanand New Member in Getting Data In 12-17-2014
0 4
0
4
andywt123

Using syslog to forward data or Universal forwarder

I have setup splunk 6.1.1. In our environment we are running rsyslog in a failover configuration. Rsyslog is collecti...
by andywt123 New Member in Getting Data In 12-17-2014
0 1
0
1
musskopf

Splunk DB Connect: Why Web Access data is being logged into jbridge.log?

Hello, I noticed today that Web Access data is being logged inside the DB Connect Logfile $SPLUNK_HOME/var/log/splun...
by musskopf Builder in Getting Data In 12-17-2014
2 7
2
7
randymw59

What is the path for input files

I am new to Splunk...I have been given a query that uses an input file. I know the name of the input file, but how c...
by randymw59 Explorer in Getting Data In 12-17-2014
0 9
0
9
jagasiab

Need to re-create similar data chart within splunk with Windows Event ID's

Hello everyone, I'm trying to re-create a similar bar chart as seen below, within splunk. Example: http://i.imgur....
by jagasiab Engager in Getting Data In 12-17-2014
0 7
0
7
ursarun

Is there a way in which we can filter the records fetched, based on a datetime column by specifying the start and end datetimes?

I have a requirement where i have to filter the records fetched between 2 date times. How to include this filter crit...
by ursarun New Member in Getting Data In 12-17-2014
0 2
0
2
ginger8990

datainput issue

We used free enterprise splunk. we import logs into splunk. Some log files data won't show in splunk I want to make...
by ginger8990 Explorer in Getting Data In 12-17-2014
0 9
0
9
trafiguraltd

Splunk indexer showing events intermittently

Hi All, My splunk indexer if checked for the last 2 days shows intermittent logs. I cannot see events for a good 22 ...
by trafiguraltd New Member in Getting Data In 12-16-2014
0 1
0
1
chadman

How to configure Splunk to read a csv file sent from a forwarder?

Hello! I'm new to Splunk and trying to setup a proof of how Splunk could read log files from an application I wrote ...
by chadman Path Finder in Getting Data In 12-16-2014
0 2
0
2
feickertmd

Get Perfmon drive info for specific disks Splunk 6.1

This is somewhat of a repeat question, but since the original is a couple of years old and does not produce results f...
by feickertmd Communicator in Getting Data In 12-16-2014
1 13
1
13
jackiewkc

headers in csv do not appear as field names in search result

Hi, I have a csv file which contains data like this: "region","country","city" "emea","united kingdom","london" "eme...
by jackiewkc Path Finder in Getting Data In 12-16-2014
0 9
0
9
carmitstead

Create aliases for common sourcetypes

I'd like to create a custom name for a common sourcetype. For instance: inputs.conf [monitor:///my/special/directo...
by carmitstead Explorer in Getting Data In 12-16-2014
0 1
0
1
sina_shafaei

How to extract the first and last start time (as conditional term) and only use them in a search?

Hi Guys, in my data I have time slots in this format: starttime="1403032818" for each field. the number of startti...
by sina_shafaei Explorer in Getting Data In 12-15-2014
0 3
0
3
brod_geico

How to set up an alert on all search heads if any universal forwarder has not sent data for a certain amount of time?

I need to setup an alert on all search heads if any universal forwarder has not sent data in last 6 or 4 hours. The a...
by brod_geico Path Finder in Getting Data In 12-15-2014
0 1
0
1
rnr

Is it possible to configure load balancing on universal forwarders with preferable servers in tcpout group?

I'd like to configure universal forwarders on boxes in multiple AZ to forward event to a preferable heavy forwarder l...
by rnr Path Finder in Getting Data In 12-15-2014
1 1
1
1
hlarimer

How does Splunk handle timestamps from different timezones when it doesn't know the offset?

How does Splunk handle timestamps from different timezones when it doesn't know offset? I'm seeing different behavio...
by hlarimer Communicator in Getting Data In 12-15-2014
0 4
0
4
ardave

Fields missing only when queried via SDK / Rest API

I have a query to average out the performance of requests each individual server for the last one minutes, as follows...
by ardave Explorer in Getting Data In 12-15-2014
0 6
0
6
harish_ka

How to omit duplicate values of a column

Hi i have a report as below, Col A -----Col B--------Col C-----Col D -----------------------------------------------...
by harish_ka Communicator in Getting Data In 12-15-2014
0 6
0
6
Get Updates on the Splunk Community!

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...
Top Solution Authors
View All