Getting Data In

Discussions

Thread Info

Ignoring any data record that begins with a "#" character

I've got data being imported from a CSV file into a custom data type, but it's reading the first line (which begins w...

by Path Finder in

Log directly to Splunk with log4j

Hi, I'm doing some testing on how to use Splunk the best possible way. I have fallen in love with the method of using...

by Explorer in

How to reindex the file when file added new lines in the tail?

I use moniter the directory /etc to see the file content, and edit the file inputs.conf as follows: [monitor:///et...

by New Member in

licensing issues with splunk

Local server information Indexer name xxxxxx.com License expiration Apr 26, 2013 6:28:39 PM Licensed daily volume 500...

by New Member in

Setup forwarder on CentOS DHCP server to a Splunk Server

How do I setup a Universal Forwarder on a CentOS DHCP server to forward all DHCP messages written to the /var/log/mes...

by Engager in

split syslog data from multiple ip addresses into separate indexes

I have multiple linux hosts sending syslog data (port 514) and want to split the data into different indexes based on...

by New Member in

Reporting on Duplicates

Hello, So every 24 hours we run daily evaluations on computers that create numerical ratings. Our daily reports di...

by Engager in

alert_actions.conf for Exchange, no encrypted authentication

Hello, I have been provided an Exchange account, which I configured in alert_actions.conf (via web console). No ss...

by Explorer in

hex encoded unix timestamp?

Can Splunk be configured to index my events (below) that have a hex encoded unix timestamp? 4c36117c maverick aaaa...

by Splunk Employee in

Filter data out from Data Input

Hi, I have spent last 2 hours searching for this simple scenario on Splunk Answers, without any luck. Here is the...

by New Member in

Adding new fields in an auto-extracted CSV.

I have had a sourcetype working fine for months which used a | as a field delimiter in a CSV file with a header. Y...

by Contributor in

Error 'Could not find all of the specified destination fields in the lookup table.'

Please save my forehead from slamming into my keyboard over this one because it's eluding me and following the docs a...

by Path Finder in

Install problem with Splunk Universal Forwarder 5.0.2 for Windows x64

I'm having a strange problem where I can't get the universal forwarder to install on a Windows 2k8R2 box. Even instal...

by Motivator in

Linux Syslog and Timezone Offset

Hello, We have varying application servers that have different time zones set based on the customer's timezone locati...

by Builder in

Automatic removal of duplicate log entries

Hi, I currently have the following configuration: --> rsyslog server (with splunk forwa...

by Engager in

Cisco ESA Deprecated?

I saw that http://apps.splunk.com/app/533/ Cisco ESA is deprecated, however, what add-on replaces it in the Cisco Ent...

by Motivator in

Looking for suggestions on implementing a complicated access control setup: Need to give some users access to only a subset of data from an index, and all data from other indexes.

Gonna paint out a scenario to help explain what I'm looking for. I have a user, he's a developer for a specific a...

by Communicator in

Getting Data In

Discussions

Ignoring any data record that begins with a "#" character

Log directly to Splunk with log4j

How to reindex the file when file added new lines in the tail?

licensing issues with splunk

Setup forwarder on CentOS DHCP server to a Splunk Server

split syslog data from multiple ip addresses into separate indexes

Reporting on Duplicates

alert_actions.conf for Exchange, no encrypted authentication

hex encoded unix timestamp?

Filter data out from Data Input

Adding new fields in an auto-extracted CSV.

Error 'Could not find all of the specified destination fields in the lookup table.'

Install problem with Splunk Universal Forwarder 5.0.2 for Windows x64

Linux Syslog and Timezone Offset

Automatic removal of duplicate log entries

Cisco ESA Deprecated?

Looking for suggestions on implementing a complicated access control setup: Need to give some users access to only a subset of data from an index, and all data from other indexes.

Average Daily Unique IPs by Weekday in Web Log Files

Filter events on indexer from multiple universal forwarders

Splunk Query not generating proper output

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >

Splunk python API returning limited data

Windows perfmon stats

Accessing Splunk reports in PDF via REST API or HE...

How to prevent data duplication on a csv file ?

Onboarding local MS Exchange Server with audit and...

Getting Data In

Discussions

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20. Learn More or Register Now >

How will you .conf21? You decide! Go in-person in Las Vegas, 10/18-10/21, or go online with .conf21 Virtual, 10/19-10/20.

Learn More or Register Now >