Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
C_Sparn

Problem with deleting event data on specific time

Hello, I'm looking for a possibility to delete all eventdata of one index at a specific time on every day! It is not...
by C_Sparn Communicator in Getting Data In 06-12-2014
0 2
0
2
bbramlett

Does the Splunk license (GB / day) cover all environments, or do we size with seperate per environment?

Need to purchase licenses before our trial expires. Left VM's and email and previous calls about licensing with no re...
by bbramlett New Member in Getting Data In 06-11-2014
0 2
0
2
jeffflynn

Creating multiple events from single XML file

I am trying to create an event based on the xml data below. It repeats in the xml file multiple times. The Event sta...
by jeffflynn Explorer in Getting Data In 06-11-2014
0 2
0
2
iavidov

Running bash scripts in splunk server

I am trying to get statistics about my s3 account spluked. I can get the info using a curl command, and I can put the...
by iavidov Engager in Getting Data In 06-11-2014
0 2
0
2
OldManEd

Deployment Monitor Throwing Errors

Just loaded the Deployment Monitor, v5.0.3, and it's throwing errors; ERROR SearchOperator:kv - Cannot compile RE \"...
by OldManEd Builder in Getting Data In 06-11-2014
0 1
0
1
rush2112

Filtering security log at the universal forwarder.

Hello, I am trying to nail exactly what I need for this. There is so many different explanations, that I find I am m...
by rush2112 New Member in Getting Data In 06-11-2014
0 7
0
7
Jboyle2

Sourcetype based on file name

I already have sourcetypes defined for my data I am just confused as to set the source type based on the file name. S...
by Jboyle2 Engager in Getting Data In 06-11-2014
1 1
1
1
alekksi

Python scripts invoked by the Splunk Forwarder never exit

Hi guys, I'm using the Splunk Universal Forwarder (v5.0.3 - same as our Splunk enterprise; hopefully we are updating...
by alekksi Communicator in Getting Data In 06-11-2014
0 4
0
4
evictoria

How much cores cpu i need for 10 seach in SO Linux?

Hi, I wonder if they know: the way in which I calculate the number that I require CPU cores with respect to searc...
by evictoria New Member in Getting Data In 06-10-2014
0 1
0
1
charltones

Index time fields ignored in cluster

I have a cluster setup with search head, master, 3 indexers and a forwarder. The index config is pushed from the mast...
by charltones Explorer in Getting Data In 06-10-2014
0 1
0
1
lpolo

Role of the following Queues

I have not been able to find any document about the role of the queues listed below just partial information. Is ther...
by lpolo Motivator in Getting Data In 06-10-2014
1 4
1
4
crt89

Having a problem with timestamps

Good day Splunkers, I have a csv file exported from a system that I want to feed to Splunk. The timestamp of these e...
by crt89 Communicator in Getting Data In 06-09-2014
0 3
0
3
thomashigginson

Monitoring Computers connect to a network

How can I add a data input(s) for remote computers connected to a Network using Splunk? Splunk has access to the netw...
by thomashigginson Path Finder in Getting Data In 06-09-2014
0 9
0
9
maverick

Windows Server 2012 vs Windows 7?

What are the advantages of running splunk on Server 2012 versus Windows 7?
by maverick Splunk Employee Splunk Employee in Getting Data In 06-09-2014
0 2
0
2
obrienk

Display only rows that contain the max value

I am attempting to use a pivot grid to display items in a grid that contain the max value of a column Example: Us...
by obrienk Explorer in Getting Data In 06-09-2014
1 2
1
2
wwillemsen1

dns resolving in search failed

Hi Splunkers Using syslog output from Netfilter/Iptables. Reading it into Splunk, but cant get IP resolved to DNS. ...
by wwillemsen1 Engager in Getting Data In 06-08-2014
0 4
0
4
jonathanfalconi

automate archive data deletion

Hi - I am archiving data to the frozen dir using the frozentimeperiodinseconds which works well. I now want to automa...
by jonathanfalconi Explorer in Getting Data In 06-08-2014
0 1
0
1
anaser9129

How to get top x-forwarded-for ip addess in apache access log ?

Hello, My data same : 10.54.3.81 188.54.195.26, 10.5.81.2 - - [08/Jun/2014:13:16:08 +0000] "POST /index.php HTTP/1...
by anaser9129 New Member in Getting Data In 06-08-2014
0 1
0
1
tvaniderstine

with inputs.conf:connection_host=dns, events are being logged where host=[ip address]. Why

I'm running version 6.0.2 on CentOS 6. My DNS servers are a pair of Windows Server 2008 domain controllers. Every...
by tvaniderstine Explorer in Getting Data In 06-08-2014
0 1
0
1
mlindsey

How to drop all entries to a specific index?

We've reached our license limit. So, at the indexer, I want to drop all log entries destined to a specific index. Doc...
by mlindsey Explorer in Getting Data In 06-07-2014
0 5
0
5
jayannah

JSON field extraction when portion of the log is JSON format and some values are type array with comma delimeter

Hi All I have 2 questions. Question-1: I wanted to write auto extract KVs from JSON portion of the events. Here is ...
by jayannah Builder in Getting Data In 06-07-2014
1 5
1
5
aattinello

Sanitize Incoming Data (remove Passwords)

Hello, I am looking for a sanitize my incoming data. My customers sometimes pass GET parameters instead of POST pa...
by aattinello Engager in Getting Data In 06-06-2014
0 2
0
2
rupesh_kumar

Script Input - Timestamp field extraction from multi key value pair data-set (props.conf, inputs.conf)

Hello Team, I am using a python script input method to extract data (meta-data and some raw data) from binary and tx...
by rupesh_kumar Engager in Getting Data In 06-06-2014
0 4
0
4
lmacneil76

Can you rename strings within mv-fields

Id like to rename every instance of "dragDrop" to "stackDragDrop" from a multi-value field. The search below just r...
by lmacneil76 Explorer in Getting Data In 06-05-2014
0 2
0
2
edschembor

What are some cool, useful but less known features/apps in Splunk?

Title is pretty self explanatory. I'm new to Splunk and trying to learn as much as possible. EDIT: Just found the Yo...
by edschembor Path Finder in Getting Data In 06-05-2014
0 1
0
1
Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide    Staying ahead in the fast-paced ...
Top Solution Authors
View All