Getting Data In

Discussions

Thread Info

TCP listener answered not all connections

I have the problem, that the TCP listener on indexer xxpu031 answered not all connections. In the TCP dump below, the...

by Explorer in

How can I use Netflow in Splunk when it's on a Windows Box without buying more software?

I'm in the middle of a POC of Splunk and would like to start putting my netflow data into it and be able to graphical...

by Explorer in

Explain param name="search"

can you pls explain tag,in all the examples they used index=_internal source=*metrics.log if i want to use .csv file...

by New Member in

Where does splunk store the logs?

we are in the process of investigating splunk for our IT datacenter. Does splunk store the old events that occure...

by Engager in

mapping headers to data in csv

I want to map headers to the data in the csv to search the fields as key=value pair, the sample log is shared below. ...

by Communicator in

Processing Windows Event Logs

Per the documentation available at the following URL... http://docs.splunk.com/Documentation/Splunk/latest/Data/Ab...

by Path Finder in

Splunk stopped collectiing Windows Event logs of Remote

Hi, We have Windows 2008 R2 SP1 with splunk 5 installed in Domain network. We have configured to collect window...

by New Member in

Can universal forwarder export data from SQL Server to a Splunk instance?

I have a MS SQL Server that manages some applications' log. I want to transport the log to a Splunk instance. Does th...

by Path Finder in

how to blacklist a log file

what command should i use to blacklist a log file named(trc_*.txt)? Please help.

by Engager in

Inconsistent fschange behaviour ?

Actually I am either doing something wrong or this is somehow inconsistent. The following configuration for a textfil...

by Communicator in

How to avoid duplicated event

We have csv type of data file which is overwritten and with new data appended to the end every night. I found Splunk ...

by Path Finder in

Indexing output of a live script correctly

I posted something about this here: http://splunk-base.splunk.com/answers/75118/line-break-involving-line-of My...

by Builder in

filtering on host

I've setup a heavy forwarder so that some feeds are going to one set of indexers, and another feed is going to a diff...

by Champion in

Renaming multiple sourcetype

How can i rename more than one soucrtypes? I have iis-2 iis-3 ... Can this work? [iis*] rename=iis

by Path Finder in

Renaming fields in transforms.conf

Hello, I was wondering what would be the impact of renaming fields that have been defined in transforms.conf. More sp...

by Communicator in

To monitor IIS Logs from remote Server

Need to monitor IIS Logs of remote windows Servers I am using universal forwarders to bring data into Splunk ...

by Contributor in

queues info

I recently installed Splunk and I've been checking the performance and I noticed many queues. Some of them I know wha...

by Explorer in

Log roation to a certain extenstion and starts at first log

We have a log rotation in place which writes logs to files names access.log.001 to access.log.005 and start back writ...

by Path Finder in

Need to set an upper size limit across multiple volumes

I need to set an upper size limit across multiple volumes, for indexing, regardless of hot/warm/cold status. It is my...

by New Member in

How can I extract a domain name from a Windows 2008 DNS Debug Log

New to SPLUNK but so far its great! I have a Windows 2008 DNS debug log that contains domain names. I need to def...

by New Member in

Getting Data In

Discussions

TCP listener answered not all connections

How can I use Netflow in Splunk when it's on a Windows Box without buying more software?

Explain param name="search"

Where does splunk store the logs?

mapping headers to data in csv

Processing Windows Event Logs

Splunk stopped collectiing Windows Event logs of Remote

Can universal forwarder export data from SQL Server to a Splunk instance?

how to blacklist a log file

Inconsistent fschange behaviour ?

How to avoid duplicated event

Indexing output of a live script correctly

filtering on host

Renaming multiple sourcetype

Renaming fields in transforms.conf

To monitor IIS Logs from remote Server

queues info

Log roation to a certain extenstion and starts at first log

Need to set an upper size limit across multiple volumes

How can I extract a domain name from a Windows 2008 DNS Debug Log

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes
and swag!

Sign up now >

Index file updates inconsistently with "collect" c...

For inputs.conf, can the time_before_close setting...

Okta Identity Cloud Add-on for Splunk Cloud in Tri...

Splunk Connect for Kubernetes

How to create a dashboard and set the sharing to "...

Getting Data In

Discussions

Free LIVE events worldwide 2/8-2/12Connect, learn, and collect rad prizes and swag!Sign up now >

Free LIVE events worldwide 2/8-2/12
Connect, learn, and collect rad prizes
and swag!

Sign up now >