Getting Data In

Community Activity

What Windows Event Codes are generally acceptable to filter out? Is there a good reference list or someone that can post what ways Windows Event Logs are being filtered? I'm particu... by jones4bob Explorer in Getting Data In 05-19-2014 3 3	3	3
ERROR ExecProcessor - message from ""c:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe"" splunk-winevtlog - WinEventMon::processLogChannel: Failed to checkpoint for channel='security' On some of the instance of splunk after following error message after upgrading to 6.0.3 from 6.0.1 04-16-2014 00:02... by rbal_splunk Splunk Employee in Getting Data In 05-19-2014 1 3	1	3
TZ Issues When Searching Hello, We're currently doing a pilot of Splunk. We have two servers - one is an indexer and the other a search head.... by wbkendall Explorer in Getting Data In 05-19-2014 0 3	0	3
Not able to login splunk 6.1 first time I have installed the splunk 6.1 after that for the first time not able to login i tried with username : admin & Pas... by kandaraja New Member in Getting Data In 05-19-2014 0 1	0	1
SSL connection between Indexer and Forwarder- validation Hi, I am not able to configure the ssl connections between the forwarder and indexer. The splunkd logs on both the i... by garima_chauhan Path Finder in Getting Data In 05-18-2014 1 4	1	4
Assistance with extracting timestamp from log file I have some log files that have a diffrent time format than I have ran into before. The log files timestamps look lik... by matt4321 Explorer in Getting Data In 05-16-2014 0 2	0	2
Changing IP Address Splunk App for VMWare 3.1 I need to change the IP address and passwords for the splunk app for vmware 3.1. The documentation does not describe ... by jpsquires New Member in Getting Data In 05-16-2014 0 2	0	2
wrong host Hello, please help me. I through splunkforwarder try to load a look log: May 16 03:36:57 corosync [CMAN ] daemon: s... by vinchakov_a Path Finder in Getting Data In 05-16-2014 0 7	0	7
How to confirm logs are forwarded from Universal forwarder ? Temporarily I dont have access to search head. I had set the inputs.conf to forward windows eventlogs to Splunk index... by splunker12er Motivator in Getting Data In 05-15-2014 0 3	0	3
Create scripted input for Splunk to pull list of installed Firefox Add-Ons from user profiles Hi Guys, I want to be able to create a powershell scripted input that would list all the Firefox Add-Ons installed i... by tbalouch Path Finder in Getting Data In 05-15-2014 2 8	2	8
How does splunk eat newly copied edition of a file I mean e.g. if i manually copy and overwrite a "message.log" to splunk monitoring path, the new one contains some gro... by crazyeva Contributor in Getting Data In 05-15-2014 0 4	0	4
Use one forwarder to act as deployment manager to other forwarders Hi, I have a couple of heavy forwarders to monitor a particular platform, each one for a specific context (dev / tes... by anz_leycurav Explorer in Getting Data In 05-15-2014 0 1	0	1
multiline event not working I am trying to split the following log into two events based on the line feed in between the events: 15-May-2014 11:4... by mfscully Explorer in Getting Data In 05-15-2014 0 2	0	2
epoch time stamps not being indexed Im having trouble ingesting these logs with the following format: {"order":{"custom..........ntType":1,"timestamp":1... by smudge797 Path Finder in Getting Data In 05-15-2014 0 4	0	4
Free Limitation ? I was wondering what were the free license limitation ? Is there a limitation for the configuration for the free edit... by ndesjardins New Member in Getting Data In 05-15-2014 0 4	0	4
splunk db connect_informix table content messy code hi guys, we use db connect to test informix database.but all the query result is messy code. i guess maybe is the cha... by jamesoptima Engager in Getting Data In 05-15-2014 1 1	1	1
Client/server command line :windows Hello, How i can add a client to splunk server with command line Windows? thanks by hyahmadi Explorer in Getting Data In 05-15-2014 0 1	0	1
get timestamp from filename hello, I am trying to retreive timestamp from filename. I have files named like "disco_20120531.txt" with content... by olivier_romain Engager in Getting Data In 05-15-2014 2 3	2	3
Questions on a Splunk Forwarder Good day Splunkers, Would like to ask some questions on the universal forwarder. What is the minimum CPU usage? Giv... by crt89 Communicator in Getting Data In 05-14-2014 0 1	0	1
How to handle fieldname=name, fieldvalue=value I currently have data that I want to extract fields from that looks like this fieldname1=name1, fieldvalue1=value1, ... by mikedgibson New Member in Getting Data In 05-14-2014 0 3	0	3
Splunk 6 auto key value extraction not working? I have recently installed splunk 6, almost certain this worked fine in splunk 5... I have extracted a number of fiel... by mmmmssss Engager in Getting Data In 05-14-2014 1 1	1	1
Adding perf counters for processes that are not currently running I'm setting up my splunk forwarder on a generalized image that will be sysprep'd. I want to include perf counters, s... by matthewmalecki New Member in Getting Data In 05-14-2014 0 1	0	1
Errors on installing universal forwarder via apt package on ubuntu 12.04 When installing the universal forwarder apt package on an ubuntu 12.04 64bit server following error messages occur: ... by mprilop Explorer in Getting Data In 05-14-2014 1 2	1	2
error code 1073741795 Hello I'm trying to install Splunk Forwarder on an WinXP Machine 32-Bit. On 2 of 50 Computes i got error code 107374... by PPape Contributor in Getting Data In 05-14-2014 0 4	0	4
Updating Universal Forwarders I wanted to find out how other organizations are handling UF updates. Do you have any formal process in place? Tools ... by louieb3 Path Finder in Getting Data In 05-13-2014 0 1	0	1

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas Cisco Live 2026 is almost here, and this ...

Data Management Digest – May 2026

Welcome to the May 2026 edition of Data Management Digest! As your trusted partner in data innovation, the ...

Getting Data In

What Windows Event Codes are generally acceptable to filter out?

ERROR ExecProcessor - message from ""c:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe"" splunk-winevtlog - WinEventMon::processLogChannel: Failed to checkpoint for channel='security'

TZ Issues When Searching

Not able to login splunk 6.1 first time

SSL connection between Indexer and Forwarder- validation

Assistance with extracting timestamp from log file

Changing IP Address Splunk App for VMWare 3.1

wrong host

How to confirm logs are forwarded from Universal forwarder ?

Create scripted input for Splunk to pull list of installed Firefox Add-Ons from user profiles

How does splunk eat newly copied edition of a file

Use one forwarder to act as deployment manager to other forwarders

multiline event not working

epoch time stamps not being indexed

Free Limitation ?

splunk db connect_informix table content messy code

Client/server command line :windows

get timestamp from filename

Questions on a Splunk Forwarder

How to handle fieldname=name, fieldvalue=value

Splunk 6 auto key value extraction not working?

Adding perf counters for processes that are not currently running

Errors on installing universal forwarder via apt package on ubuntu 12.04

error code 1073741795

Updating Universal Forwarders

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026

SC4S postfilter not dropping Fortigate east-west t...

TA_Guardium API Add-on for Splunk

Transilience AI threat intel feed integration

I have question about Metrics

How to integrate threat armor with splunk?

Getting Data In

Join the Conversation