Getting Data In

Discussions

Thread Info

fschange whitelist and blacklist cumbersome configuration

I want to monitor only exe and dll extension files located in: C:\Windows\System32 and C:\Windows\System So far, ...

by Splunk Employee in

UF windows upgrade does not upgrade original UF if installed in non-default directory

Last year I manually installed the Windows Universal Forwarder Version 4.2.3 on Windows servers in D:/Program Files/S...

by Splunk Employee in

inputs.conf not working

Hi This is my inputs.conf file in universal forwader on a windows box [default] host = wgbbx001 [monitor://E:\...

by Path Finder in

Universal Forwarder Setup

ive installed the Universal Forwarder on another PC (lets call it forwarder pc) and am attempting to forward some dat...

by Communicator in

Whitelist IP Ranges in serverclass.conf

I am attempting to whitelist a range of IP addresses in my serverclass.conf but it doesn't seem to be working. This i...

by Path Finder in

indexer gathering data from localhost

Hi, I would like to monitor the indexer itself. It is a radhat machine and I want the indexer to collect logfiles ...

by Path Finder in

Configure input.conf for universal forwader

Hi I've installed splunk indexer on a linux server and universal splunk forwarder on a windows machine,while insta...

by Path Finder in

WARN script - Maxinputs must be at least 50000, command name="sendemail"

Hi All, We have a sendemail problem The error messages are from splunkd.log: 05-25-2012 11:20:47.711 +0800 W...

by Path Finder in

Splunk parsing issue

Hi everyone, I'm new to the splunk technology, so there have been a few things that I'm stuck with. I have a log f...

by Path Finder in

Parsing a Log File

Hi, I have a file with the below format : CustID=129857 CusTime=2012-04-04 CusName=John, Doe CustState=NewJerse...

by New Member in

How do you add sourcetypes to the pre-defined sourcetypes

How can you add additional sourcetypes to the pre-defined sourcetypes, so that way when users add inputs through the ...

by Contributor in

default.xml customization

I would like to ask a question in relation to the Cisco Security app. I got version 1.0.1. I would like to be able to...

by Communicator in

Not all events indexed from file

I’m new to Splunk, and running with the trial licence exactly as it comes out of the box (no fancy config etc.). i.e....

by New Member in

suppressing underscore prefixed columns from report

I have a report: blah, blah, blah | stats count as NbrSaves, dc(UserId) as DistinctUserIds by datenumericyear, datenu...

by Contributor in

Source Names

Hi, We have a Splunk system set up. When we log into splunk and go to the search dashboard, all the sources appear...

by Path Finder in

Universal forwarder and Indexer and not able to handshek and are not working

Hi, I am trying to setup splunk to send my local system's data to remote indexer, however its not working, logs co...

by New Member in

snmpget with splunk

has anyone ever work with polling system information using snmpget and write it into files or using a scripted data i...

by Path Finder in

Avoid UDP Traffic Flooding in switched environments

Our Splunk Server has a dedicated subinterface for listening on udp port 514 and I belive most customers does the sam...

by Engager in

Filter all windows event logs from single server

I need to filter all windows event log records from being indexed. I am using the universal forwarder, so on my index...

by Communicator in

problem extracting timestamps

I'm unable to get correct timestamps for my snmptrap log-file. This is an example of an snmptrap : 2012-06-18 1...

by Explorer in

Getting Data In

Discussions

fschange whitelist and blacklist cumbersome configuration

UF windows upgrade does not upgrade original UF if installed in non-default directory

inputs.conf not working

Universal Forwarder Setup

Whitelist IP Ranges in serverclass.conf

indexer gathering data from localhost

Configure input.conf for universal forwader

WARN script - Maxinputs must be at least 50000, command name="sendemail"

Splunk parsing issue

Parsing a Log File

How do you add sourcetypes to the pre-defined sourcetypes

default.xml customization

Not all events indexed from file

suppressing underscore prefixed columns from report

Source Names

Universal forwarder and Indexer and not able to handshek and are not working

snmpget with splunk

Avoid UDP Traffic Flooding in switched environments

Filter all windows event logs from single server

problem extracting timestamps

Getting Data from OpenVMS into Splunk Cloud

when to use http event collector api to create ven...

Splunk cloud and Microsoft Infrastructure

How to match join on certain conditions within the...

Prevent duplicates from generic S3 input