Getting Data In

Discussions

Thread Info

Universal Forwarder has to be on every machine?

The installer makes it seem like it is possible to pull data from another machine with the universal forwarder. Is th...

by New Member in

Source type websphere_activity

Hi, The source type for one of our hosts - HOST A - recently changed to websphere_activity. The source is log file...

by Communicator in

Configure index and application in Universal forwarder

Hi I configured Universal forwarder to push the windows event logs ( adfs logs ) to main splunk server. Can any...

by New Member in

Search in the earliest source

Hello! I have sourtsetype that contains multiple source. Into sourcetype permanently add new source. I need to search...

by Communicator in

Single Indexer with 2 different Search Heads?

Although I personally wouldn't want to set it up this way... Is it possible to have one indexer that works for 2 s...

by Path Finder in

How on earth do I edit indexes.conf

indexes.conf is set to read only I can't even change my frozenbucket retention period

by Explorer in

Organizing Log Data In Splunk

I have installed Splunk 5.0.2 and a universal forwarder on one of the application servers to forward glassfish logs t...

by Explorer in

Splunk Self Monitoring

My security people have asked if there is a self-monitoring capability in Splunk to track situations such as A dis...

by Communicator in

Can splunk read mlg files?

Can splunk read in mlg files or do you have to use a decode for it to be in plain text?

by Splunk Employee in

rex syntax to parse source path for a sub-directory name and the file name

I am trying to parse source path for a sub-directory name and its file name. My source files are as follows: sourc...

by Explorer in

IIS Advance Logs Forwarding

Mt question here is very similar to the question posted here: http://serverfault.com/questions/469383/iis-advanced-lo...

by Engager in

How to monitor 2 different file types in the same folder

If I need to monitor 2 different file types in the same folder and send them to different indexes, how do I do that?

by Splunk Employee in

sed combined help

I am using the following to clean up output: rex mode=sed field=search_google2 "s/\%20/ /g";"s/\%5B/[/g" | rex mod...

by Contributor in

Order of fields in json java

For java sdk, output mode as json, I am getting fields sent from splunk and their values as json. But how ever is the...

by Path Finder in

日本語を含むタイムスタンプの設定方法

以下のような日本語を含むタイムスタンプをSplunkに認識させるにはどのような設定が必要ですか？ 金 3月 22 11:24:40 2013: Total time in the report period (60.00...

by Path Finder in

splunk list monitor directories or files

Hi, When I execute command splunk list monitor: I see that there are two different types of monitoring: Monitored ...

by Explorer in

Deployment client as Universal Forwarder

I have made the UF as the deployment client. In the deployment server I have created an app that have the inputs.conf...

by Path Finder in

whitelist and blacklist input

Hi, I am trying to construct an input.conf stanza + whitelist/blacklist rule to look for the following: accept all...

by Path Finder in

Limit on number of open files when reading syslog-ng logfiles

Hi, I like the method of indexing files as they appear in the syslog-ng log directory where each host goes to a diffe...

by Explorer in

Will Splunk re-index if inputs.conf changes and a file is rotated?

I have a large number of Universal Forwarders that forward Apache access logs. On my systems, the apache access logs ...

by Builder in

Getting Data In

Discussions

Universal Forwarder has to be on every machine?

Source type websphere_activity

Configure index and application in Universal forwarder

Search in the earliest source

Single Indexer with 2 different Search Heads?

How on earth do I edit indexes.conf

Organizing Log Data In Splunk

Splunk Self Monitoring

Can splunk read mlg files?

rex syntax to parse source path for a sub-directory name and the file name

IIS Advance Logs Forwarding

How to monitor 2 different file types in the same folder

sed combined help

Order of fields in json java

日本語を含むタイムスタンプの設定方法

splunk list monitor directories or files

Deployment client as Universal Forwarder

whitelist and blacklist input

Limit on number of open files when reading syslog-ng logfiles

Will Splunk re-index if inputs.conf changes and a file is rotated?

Using Splunk Universal Forwarder and scripted inpu...

why Splunk is not able to index all the data from ...

Monitor Server Transaction Log File (.ldf) on Splu...

Collect Perfmon counters data for ASP.NET & Paging...

Splunk eStreamer for FMC version 4.011 setup page...