Getting Data In

Discussions

Thread Info

How to find metrics on license usage for my Cisco sourcetype?

I want to find the license usage for my Cisco sourcetype. I found this on splunk answers http://answers.splunk.com...

by Motivator in

Can one read the data backwards?

I have an odd situation where the "endswith" transaction is not always being written out by the application so that i...

by Contributor in

Why props.conf configuration with unarchive_cmd on udp input doesn't work?

Hi, i'm trying to implement a custom Charset-Decoder for an udp input. I'm using the following settings in props.c...

by Path Finder in

How to import more than 50 fields with CSV in Splunk 6?

We are having a problem with importing all of our data fields because we are only getting the first 50 fields using v...

by New Member in

how to count the number of files and directories in a folder in splunk

Hi, Please Could someone tell me how to count the number of files and directories in a folder in splunk ? Regards

by Communicator in

Has there been a change with indexer and universal forwarder compatibility?

Earlier the Splunk docs read 6.0 indexers are backwards compatible with forwarders down to 4.x but now it says 6.0 in...

by Explorer in

Does the Universal Forwarder have a Web Interface

Does the universal forwarder have a web interface? I just installed it on an Ubuntu server and was trying to decipher...

by New Member in

How to "create" an app through the RESTAPI?

I like to keep my index configurations for indexers modular, keeping groups of indexes for a set purpose under their ...

by Motivator in

The file count for my monitored directory is higher than expected. Is my (black|white)list not being taken into account?

When I look in Manager >> Data Inputs >> Files & Directories, the entry for the monitored directory I have defined wi...

by Splunk Employee in

Windows Universal Forwarder - Missing Event Logs

I've been running a daily saved search for EventCode=1221 (Exchange space reporting). I noticed that one of my mai...

by Builder in

Reload passwd - SOLVED

I want to replace the existing passwd file on indexers with a new file. The only way to accomplish this is to restart...

by Builder in

ローカルのWindowsイベントログファイルを取り込む方法

別PCで保存時，ローカルに持ってきたWindowsイベントログファイル（.evtx）を Splunkに取り込むためにはどのような手順を踏めば良いでしょうか。既出の質問でしたら申し訳ございませんが，スレッド番号をお教えください。

by Engager in

Timezones & IIS W3C Extended Logging - why don't they work?

By way of a light forwarder, I'm receiving IIS Logs in W3C Extended Format from 5 boxes which logs events in GMT time...

by Explorer in

Input Type="Text" Length Question

Hey, I'm hoping this will be straight forward  In the following code: <fieldset> <input type="text" token="nam...

by Motivator in

What are the file locations of database connection information and input queries stored in Splunk directory?

Hi, Need to know file location of database connection information and Database input queries stored in Splunk dire...

by Communicator in

How is deployment of universal forwarders on AWS servers being done? Ideas needed.

Hello Since many companies are moving towards cloud based servers how can we handle splunk UF deployment on cloud ...

by Motivator in

Can refresh method push new apps from DS ServerClass to universal forwarder in AWS environment?

We have a large AWS Environment and I want to try if we can refresh the UF to get the apps mentioned for it the DS Se...

by Motivator in

How to build JSON object with python script?

I am making a custom module and cannot, for the life of me, figure out how the python script is working. I am using t...

by Path Finder in

Best methods for handling large events and multi-line parsing issue?

This is two part question that deals with isolating metric data within a multi-line event where the metric identifier...

by Engager in

Is it possible to find when the next scheduled run of a scripted input will occur?

Is it possible to find the time of the next scheduled run of a scripted input from within Splunk? The Searches, r...

by Contributor in

Splunk for SQL App (i.e. database activity monitoring)

Is Splunk planning to create and/or provide a general umbrella-ish Splunk for SQL App (or a solution suite) for monit...

by Splunk Employee in

How to feed Splunk with remote custom input?

Hi, I want to create an app to feed a Splunk server with my custom data. I saw in C# sdk I can build a ModularInpu...

by Engager in

Is it possible to use Splunk for real time monitoring and alerting of uptime and services?

Hi, I was wondering if it were possible to use Splunk almost like a whatsupgold or solarwinds for real time monito...

by Engager in

Can an Oracle database be used as a data source for Splunk DB Connect?

Hello, I have my log files stored on an Oracle Database. I would like Splunk to view those log files and use them ...

by New Member in

Why my truncate configuration on my universal forwarder is not working?

Hi All, I setup one universal forwarder on my windows server and forward the logs to my linux splunk instance, and...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to find metrics on license usage for my Cisco sourcetype?

Can one read the data backwards?

Why props.conf configuration with unarchive_cmd on udp input doesn't work?

How to import more than 50 fields with CSV in Splunk 6?

how to count the number of files and directories in a folder in splunk

Has there been a change with indexer and universal forwarder compatibility?

Does the Universal Forwarder have a Web Interface

How to "create" an app through the RESTAPI?

The file count for my monitored directory is higher than expected. Is my (black|white)list not being taken into account?

Windows Universal Forwarder - Missing Event Logs

Reload passwd - SOLVED

ローカルのWindowsイベントログファイルを取り込む方法

Timezones & IIS W3C Extended Logging - why don't they work?

Input Type="Text" Length Question

What are the file locations of database connection information and input queries stored in Splunk directory?

How is deployment of universal forwarders on AWS servers being done? Ideas needed.

Can refresh method push new apps from DS ServerClass to universal forwarder in AWS environment?

How to build JSON object with python script?

Best methods for handling large events and multi-line parsing issue?

Is it possible to find when the next scheduled run of a scripted input will occur?

Splunk for SQL App (i.e. database activity monitoring)

How to feed Splunk with remote custom input?

Is it possible to use Splunk for real time monitoring and alerting of uptime and services?

Can an Oracle database be used as a data source for Splunk DB Connect?

Why my truncate configuration on my universal forwarder is not working?

Enterprise Security Content Update (ESCU) | New Releases

Expert Tips from Splunk Professional Services, Ensuring Compliance, and More New ...

Observability Release Update: AI Assistant, AppD + Observability Cloud Integrations & ...

Elastic Integrator App

Intermediate Forwarder Limited to 1000 connections

CSAM Reports - 500 ERROR

Splunk Stream Addon Setup for Edgerouter X

Extracting wineventlog from Azure EventHub Windows...