Getting Data In

Community Activity

file integrity checking question Hi there -- One thought I had of deploying Splunk was the following scenario: Install it on one of our network serve... by kaplan71 New Member in Getting Data In 07-22-2014 0 2	0	2
File Integrity Monitoring PCIDSS Hi All, has anyone using Splunk as a file integrity monitoring system for PCIDSS? We currently use a fantastic produc... by servebase New Member in Getting Data In 07-22-2014 0 6	0	6
Windows Universal Forwarder stopped logging perfmon: How can I restore this feature? I have ~ 800 windows servers getting their configs from a deployment server. Often when i roll a new version of the p... by twinspop Influencer in Getting Data In 07-21-2014 1 4	1	4
How to delete data from disk without removing searchable portions of the index? We have a dataset that we hid from the index via a "\| delete" command, but we need the data purged from disk as well,... by mmccul SplunkTrust in Getting Data In 07-21-2014 0 1	0	1
How to configure Splunk to split logs from a single event? Hi, In my prod env, I am logging sql log in files with below given format. but splunk are not able identify each log... by rameshlpatel Communicator in Getting Data In 07-21-2014 1 3	1	3
Why props.conf configurations not taking effect? Hi, I am receiving syslog data from various type of devices, but all are on udp:514. I need to overwrite the sourcet... by ankireddy007 Path Finder in Getting Data In 07-21-2014 0 5	0	5
For Hunk, how do you configure indexes.conf to use MR v2? My provider configuration inside indexes.conf looks like [provider:analytics-emr] vix.env.HADOOP_HOME = /opt/hadoop-... by jimjh Path Finder in Getting Data In 07-18-2014 1 2	1	2
Forwarder not sending data to indexer I had a little test environment set up to test forwarding to a test indexer and it worked fine. Now, I altered the f... by OldManEd Builder in Getting Data In 07-18-2014 0 3	0	3
issues with scripted inputs and secondary groups Customer has reported an issue with Splunk scripted inputs and setgroups. An very simple example would be I have a sc... by dshakespeare_sp Splunk Employee in Getting Data In 07-18-2014 1 1	1	1
App to gather information from checkpoint firewall logs via Splunk for Windows 8.1? Hi I’m currently evaluating the Splunk Enterprise windows installation. I’m looking at how and what logs I’m able... by alanswan Engager in Getting Data In 07-18-2014 1 1	1	1
Do you have to upgrade universal forwarders when upgrading Splunk Enterprise? When upgrading splunk enterprise do you have to upgrade the universal forwarders also. Running 5.0.2 enterprise and 5... by psgorniak Engager in Getting Data In 07-18-2014 1 1	1	1
Routing Data to specific index based on filename We need to route data to specific indexes based on the file names being monitored. We are trying to get the data fro... by mookiie2005 Communicator in Getting Data In 07-18-2014 0 5	0	5
Altering sourcetype based on source in props.conf Hi, I'm trying to figure out where I'm going wrong with this. My setup consists of an indexer and several universal ... by mmcoltman Explorer in Getting Data In 07-18-2014 1 9	1	9
Retention doesn't work - what's wrong ? Hi, we configured retention policy based on the below parameters. However it doesn't work. There is no clue in the l... by mikesr Explorer in Getting Data In 07-17-2014 0 4	0	4
How to rename sourcetype in props.conf? Hi, After setting up a listen on UDP port (514) for syslog using inputs.conf, I tried to change the sourcetype from... by SalimRahmani Explorer in Getting Data In 07-17-2014 0 2	0	2
How to configure Splunk to index only security events from Windows machines? Can Splunk be configured to index only security events (failed logins, authorization changes, etc) from Windows machi... by pbrown1117 New Member in Getting Data In 07-17-2014 0 2	0	2
Configuration to forward log files to separate indexes Hello! I have an application that sends two different .log files to the C:\\Program Files (x86)\\Application\_Data d... by nissanse98 Explorer in Getting Data In 07-17-2014 0 5	0	5
Why is Splunk Truncating Multi-line Events? I'm indexing some Java application log files that use the log4j framework to output log messages. The log files are i... by sjnorman Explorer in Getting Data In 07-17-2014 0 9	0	9
Add field to all events from host Hi There, I am working on an enterprise installation. At the moment we have 1500+ hosts sending data. I'd like each ... by renems Communicator in Getting Data In 07-17-2014 1 1	1	1
Remove events to avoid delayed logging? Our generated logs need to be verified for correctness. After verification, they are sent to splunk. Problem is the... by wickman Engager in Getting Data In 07-17-2014 0 3	0	3
Splunk not applying time zone properly in clustered environment Hi, As per Splunk documentation, Splunk applies time zone in the following order Splunk Enterprise uses any time zo... by strive Influencer in Getting Data In 07-16-2014 2 5	2	5
filter indexing with transform Hi, I want to only index result of this before the log flow enter the index. I want it to calculate this and then ent... by levent_kurt Explorer in Getting Data In 07-16-2014 0 1	0	1
Master clustering dashboard - how to get status? On a master node, the clustering dashboard has a column called 'status' for indexers and search heads. They're either... by johntobin Explorer in Getting Data In 07-16-2014 0 3	0	3
Splunk web app not receiving message from client Hi All, I am new to this splunk community and as such usage of splunk in general. I have a unit which is configured ... by fortinet1 Explorer in Getting Data In 07-16-2014 1 5	1	5
Prevent escaping of special characters Hi there, I'm reading files with fixed width fields into splunk. For extraction and masking of dedicated fields I ne... by bleinfelder Path Finder in Getting Data In 07-16-2014 0 3	0	3