Getting Data In

Thread Info

listing properties for a pre-trained sourcetype

Hi, Is there a way to list the properties for a pre-trained sourcetypes?

by Champion in

Getting Splunk to work with Syslog UDP 514

I've been reading and trying to figure this out. But i'm stomped. I configured a device to send syslog events to t...

by Explorer in

Output syslog to external system

So I setup syslog output forwarding per the Splunk docs, but am not seeing anything being sent out nor receiving it o...

by Communicator in

Internal logs forwarding to different group of indexers ?

Hi, I have a forwarder outputs configuration as below. [tcpout] defaultGroup = A_Indexers [tcpout:A_Indexers] ...

by Motivator in

Multiline field extractions

I have an event which looks like this" USERNAME HOME_DIR USER_INFO root /root ...

by Ultra Champion in

Should heavy forwarders have the same apps installed on them that are installed on the Splunk enterprise receiver?

Hi. I am working on a Splunk deployment that involves a Splunk enterprise receiver at the data center and heavy forwa...

by Communicator in

How can I see if events were truncated in Splunk 6.x?

Hi, In Splunk 5.x if events were truncated (e.g subsearch with more than 50000 events) there was a banner that say...

by New Member in

How to monitor Windows server and Oracle database server?

Hi ALL, I am new to splunk. I have a version 6.1 and i want to know how to monitor windows server and oracle datab...

by New Member in

How to Install Python SDK for Splunk on Windows Server 2008 R2 box?

Hi Splunk Community, I am attempting to install the Splunk SDK on a Windows Server 2008 R2 box, but I am having tr...

by Path Finder in

Transforming special characters in XML

I have an XML based source that has special characters defined. See below & & < < > > "...

by Builder in

Inputs.conf: Why is my file not getting picked up with my monitor configuration?

Hi, I have a file in the format /apps/logs/YYYY/MM/DD/system-hostname.log - so, /apps/logs/2014/06/30/system-pf-us...

by Champion in

Index and Analyze IBM Websphere heap dump in splunk

Hi, I have IBM Websphere heap dump file (.phd file). I want to index and analyze the same in Splunk.I tried to upl...

by Path Finder in

Add Remote Index to Heavy Forwarder

I have several heavy forwarders in my environment and when I configure data inputs on them, to get the forwarder to s...

by Path Finder in

what interface will be required to take data from API in C.

Hi I'm new to this, using trial version. By using C API, I'm getting the data and want to submit it to splunk. Can an...

by Engager in

Combine duplicate values from two search results

Hi, This question is slightly different from other related question. I have searched all the Splunk answers and co...

by Explorer in

Uploaded files not indexed

I'm trying to manually upload some text files, with a .txt extension, to Splunk. I went through the UI to Upload and ...

by Path Finder in

Universal Forwarder Receiving port

Is it possible to run multiple forwarders, from different servers, using just port 9997? Or would I need to specify d...

by New Member in

How to extract a multi-line stack dump into a single event?

I have a sourcetype that requires "SHOULD LINEMERGE=False" and I'm attempting to break out a multi-line event in that...

by Motivator in

forwardedindex.filter.disable = false ?

Hi there Please refer to the outputs.conf file below, My problem is: I am trying to send all data to group1 ...

by Engager in

Occasional screwy (future) timestamps

Running Enterprise 5.0.5, and encountering a very odd bug. (Yes, I will be upgrading to 5.0.8, some time in near futu...

by Motivator in

How to set up cron schedule for per minute data summary index?

Hi, Currently I am trying to set up a summary indexing , so there will be three summary indexes for each service 1...

by Contributor in

Hostname lost in forwarded syslog messages

Hi, I have a central syslog server, collecting auth.* messages from many Linux hosts in the /var/log/secure file. The...

by New Member in

auto extract json

I have been researching this and came up with some odd ways of doing it, and about 40 other ways, none being the same...

by Builder in

Splunk forwarder not receiving events immediately

Hi, We are using a Splunk forwarder to forward events to Splunk indexer/Server. This is what we are doing: 1. Create ...

by New Member in

How to extract data from logfiles in XML format?

I have set up a universal forwarder to monitor my server logfile. The file is written in XML format and thus has a he...

by New Member in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

listing properties for a pre-trained sourcetype

Getting Splunk to work with Syslog UDP 514

Output syslog to external system

Internal logs forwarding to different group of indexers ?

Multiline field extractions

Should heavy forwarders have the same apps installed on them that are installed on the Splunk enterprise receiver?

How can I see if events were truncated in Splunk 6.x?

How to monitor Windows server and Oracle database server?

How to Install Python SDK for Splunk on Windows Server 2008 R2 box?

Transforming special characters in XML

Inputs.conf: Why is my file not getting picked up with my monitor configuration?

Index and Analyze IBM Websphere heap dump in splunk

Add Remote Index to Heavy Forwarder

what interface will be required to take data from API in C.

Combine duplicate values from two search results

Uploaded files not indexed

Universal Forwarder Receiving port

How to extract a multi-line stack dump into a single event?

forwardedindex.filter.disable = false ?

Occasional screwy (future) timestamps

How to set up cron schedule for per minute data summary index?

Hostname lost in forwarded syslog messages

auto extract json

Splunk forwarder not receiving events immediately

How to extract data from logfiles in XML format?

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions