Getting Data In

Thread Info

Is patch for DBX-269 (No handlers could be found for logger spp.java) available?

It appears that this issue still persists in DB Connect 1.1.2: http://docs.splunk.com/Documentation/DBX/1.1.2/Depl...

by Path Finder in

Finding and removing all but one duplicate doc

All, I'm curious, is there an easy way to find all duplicate logs and delete all but one of them? Thanks!

by Contributor in

Taking CSV files automatically from folder

I have added a folder to read CSV files through data input >files and directory option. It seems that when I add a ne...

by Path Finder in

Current date time in whiile reading from CSV

Hi How can i add current time to _time filed while reading data from CSV file. I have added below in Splunk\etc\sy...

by Path Finder in

Prop Config Issue

Hi, I currently writing prop configure to validate my event Events Feb 03 13:22:23 Jessica-Ubuntu kernel:...

by New Member in

multi-timestamps/multi-line help

Hi, I have a multi-line feed with two diffferent timestamp formats? How would I handle that? The formats are very ...

by Champion in

Universal Forwarder forwarding to Universal Forwarder

Is it possible to configure multiple Universal Forwarders to forward their data to another Universal Forwarder that w...

by Communicator in

Specifying timezone by host and sourcetype

We have a sourcetype for /var/log/messages that is logged in the local server time on almost every host. We have ...

by Engager in

Heavy Forwarder as Deployment Server

Hello, Is it possible to use a heavy forwarder as deployment server, too? I try to install 2 servers like this: ht...

by New Member in

DB Connect Not fetching the schema of mssql server

Hello I am trying to connect DB Connect to a MS SQL server and facing few issues with it. 2014-02-06 11:03:20....

by Motivator in

rebalance_primaries fails with a 404 returncode

We're new to clusters, so probably we made a stupid mistake or did not yet read an important chapter in the manual. ...

by Engager in

Reading CSV files from folder

Hi I want to add multiple CSV files to a folder and want spunk to read all the CSV files in that folder. Ie if i put ...

by Explorer in

S3 App is not able to fetch logs

Hi , While integrating Splunk (via S3 app) with AWS S3 ,we are finding the below error . A connection attempt f...

by Path Finder in

Splunk Rest API call

We need to have a rest service to our saved searches, where we can pass the start time and end time and the name of t...

by New Member in

EventLog by Powershell

How can I get event log from CIFS EMC with use powershell? When I use something like below, always Splunk indexes onl...

by New Member in

how to get list of search peers via rest api

I can't seem to find the list of indexer nodes (search peers) through the rest api on the search head. any ideas? ...

by Contributor in

| rest /services/search/jobs Source?

Is there a way to find the source of a job that ran? For instance is it on a dashboard or is it a preconfigured repor...

by Communicator in

Exchange App and BES

I was hoping somebody could clarify something for me. With the "Splunk for Exchange" app, is Blackberry Enterprise Se...

by Champion in

differences between forwarders?

Hi, Can someone explain to me the difference between the light/universal/heavy forwarders? Where can I download th...

by Champion in

Splunk not treating each line as event after forwarding

Hello, I have a log where I need to treat each line as an event. I set up the sourcetype in props.conf for this to...

by Communicator in

Searching indexes with your timezone set differently to the data's timezone

Our data's date field uses UTC for all data across the globe for this one set of data. This is fine. When a user r...

by Explorer in

Forwarding data

I have a splunk instance and I use splunk DB connect to read data from database. Is it possible to forward this data ...

by Explorer in

Retention policy for index not working as intended

Hi, I have a index which should only have data for the past 3 hours. I've set the frozenTimePeriodInSecs to 10800....

by Path Finder in

Number of scheduled searches and ad-hoc searches per day

I would like to get a total count of the number of scheduled searches and ad-hoc (UI based) searches that are run per...

by Splunk Employee in

How much are we indexing per index

How can I query how much data are we indexing per index for last 7 days. We are on Splunk 6.0.1

by Communicator in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Is patch for DBX-269 (No handlers could be found for logger spp.java) available?

Finding and removing all but one duplicate doc

Taking CSV files automatically from folder

Current date time in whiile reading from CSV

Prop Config Issue

multi-timestamps/multi-line help

Universal Forwarder forwarding to Universal Forwarder

Specifying timezone by host and sourcetype

Heavy Forwarder as Deployment Server

DB Connect Not fetching the schema of mssql server

rebalance_primaries fails with a 404 returncode

Reading CSV files from folder

S3 App is not able to fetch logs

Splunk Rest API call

EventLog by Powershell

how to get list of search peers via rest api

| rest /services/search/jobs Source?

Exchange App and BES

differences between forwarders?

Splunk not treating each line as event after forwarding

Searching indexes with your timezone set differently to the data's timezone

Forwarding data

Retention policy for index not working as intended

Number of scheduled searches and ad-hoc searches per day

How much are we indexing per index

Unleash Unified Security and Observability with Splunk Cloud Platform

Splunk AppDynamics with Cisco Secure Application

New Splunk Innovations Enhance Performance and Accelerate Troubleshooting

How to integrate SentinelOne Singularity Enterpris...

splunkd.log errors and broken fishbucket on splunk...

update to Splunk Add-on for Infoblox?

CSAM Reports - 500 ERROR

Help Needed: HTTP Event Collector Bearer Token not...