Getting Data In

Community Activity

Setting Timezone based on hostname extracted with regex I have to upload data from different sources (collected manually) and upload to a splunk indexer. The files are copie... by Krishna_R Path Finder in Getting Data In 05-30-2014 1 6	1	6
Restriking indexed items I have a question on how to restrict what goes into an index. I have read a number of posts and documentation on how ... by david_fresne New Member in Getting Data In 05-30-2014 0 5	0	5
Find events from two source, when ip1=ip2 Hello! I have two source. First is IPS, second is ASA. I want to find unique IP address ("dest_ip") with signature 2... by dbabanov Path Finder in Getting Data In 05-30-2014 0 4	0	4
2 Indexer and Summary Hi, I have 2 Indexer and 1 SearchHead. Where should the data from my summary of the SH or the Indexer? ... by erick_costa Path Finder in Getting Data In 05-29-2014 0 2	0	2
UF 6.0.2 on Windows 2008 R2: could not get description for this event I see this was a known issue with older versions of the Universal Forwarder but I keep getting these error messages o... by FloydATC Explorer in Getting Data In 05-29-2014 0 5	0	5
SA-ModularInput-PowerShell problem. hi, Im trying to use this app (as per tutorial from http://blogs.splunk.com/2013/06/24/monitoring-processes-on-window... by mic1024 Path Finder in Getting Data In 05-29-2014 0 1	0	1
How to specify the numbers of indexers in an Environment Setup ? Hi I am creating a new environment including around 300 Linux machines and around 50 Windows servers.I will be instal... by nrjsh1988 New Member in Getting Data In 05-29-2014 0 10	0	10
Exchange Add-On Duplicated Logs Hello, I installed splunk universal forwarder and the Exchange2010-Mailbox app to collect Exchange Auditing data. I ... by caroline_fortun Explorer in Getting Data In 05-28-2014 0 5	0	5
switch forwarders to new indexer Hi, I have existing indexer with 6.0 version and same version for all forwarders. Now we got new splunk physical s... by rameshlpatel Communicator in Getting Data In 05-28-2014 0 7	0	7
Splunk using PAT Is it possible to hide multiple forwarders (on separate machines) behind one single PAT address without confusing the... by rdownie Communicator in Getting Data In 05-28-2014 1 1	1	1
CSV Timestamp Problem Hi, I have a problem with extracting the timestamp from an csv file. Somehow Splunk recognizes the DATE as Date and... by harald_leitl Path Finder in Getting Data In 05-28-2014 0 3	0	3
How do i Apply Timestamp, Timechart, Date time picker to multiple dateTime fields I am doing a search of a series of CSV files in a single folder. The layout of these files is identical This File has... by ncorby New Member in Getting Data In 05-28-2014 0 1	0	1
Open TCP Connections from forwarders to indexer When watching the network traffic from a Splunk Universal Forwarder to a Indexer there appears to be two connections.... by dshakespeare_sp Splunk Employee in Getting Data In 05-28-2014 0 2	0	2
Korean character is broken when I export the query results in .csv file When I export the query results in .csv file using export function, the Korean character is broken. I found out the ... by yschoi Engager in Getting Data In 05-27-2014 0 2	0	2
Does an increase in the number of Indexers require more storage? Hello, I'm talking about the DB locations that are remote. The amount of incoming data is not changing and we are on... by glancaster Path Finder in Getting Data In 05-27-2014 0 2	0	2
How do I define a stanza that applies to all stanzas in the same inputs.conf file? I could have sworn it was [] but that did not seem to work, nor did [*] I do not want to use [default] because I don... by neiljpeterson Communicator in Getting Data In 05-27-2014 0 2	0	2
Phantom sourcetypes being reported against license volume In my license usage reports its showing a couple sourcetypes that are taking a lot of indexing volume, however they a... by Cuyose Builder in Getting Data In 05-27-2014 0 4	0	4
Is there any meta data that identifies when a splunk agent was first installed? I am going through an audit, and I will need to identify when a splunk agent was installed on a system. The systems c... by lisaac Path Finder in Getting Data In 05-27-2014 0 2	0	2
Error 1073741795 installing Universal Forwarder Hello all, I am trying to install a splunk forwarder on a server 2003 x86 domain controller. I am installing with a ... by rush2112 New Member in Getting Data In 05-27-2014 0 3	0	3
Splunk_CiscoIPS app does not work (or partial working) Hi splunkers, i have a problem with CiscoIPS application. i cant collect logs. the connection is but the logs not. S... by blebit Path Finder in Getting Data In 05-27-2014 0 2	0	2
BSM Scripted input help I downloaded an app that does exactly what I need to collect BSM audit logs, however it is for version 3.x. I thought... by FrozenGrapes New Member in Getting Data In 05-27-2014 0 3	0	3
Easy way to adjust the check in interval for various real time inputs like perfmon? Is there an accepted way to adjust the interval of certain stanzas remotely and on the fly? Say, I want to casually ... by neiljpeterson Communicator in Getting Data In 05-27-2014 0 1	0	1
Trying to pull data from IPS using SDEE How to pull data from Cisco IPS into Splunk. I tried using SDEE pool query but it did not work. Any help on this wo... by vhallan_splunk Splunk Employee in Getting Data In 05-27-2014 0 3	0	3
route data to different index based on two fields For the below data, I want to route indexes based on two fields : EventType and Department. All departments have sepa... by kittu26 New Member in Getting Data In 05-26-2014 0 1	0	1
Issue filtering events from windows secutiry log going into indexer I am having difficulty filtering the Windows security logs. I have attempted to restrict the event IDs being sent but... by briandickinson New Member in Getting Data In 05-25-2014 0 1	0	1