Getting Data In

Ask a Question

Discussions

Thread Info

Splunk Time stamp Error

Hey Gurus! I am processing F/W log such as below which I recieve through syslog server. 2010-06-29T20:48:26.742...

by Communicator in

[monitor:///opt/atlassian/.../*.log] does not pick up logs in /opt/atlassian/fisheye-data/var/log

An inputs.conf entry: [monitor:///opt/atlassian/.../*.log] sourcetype=atlassian crcSalt = SOURCE (pretend t...

by Path Finder in

Windows Universal Forwarder Duplication Events

I work with UniversalForwarders (136 servers) sending data to a Heavy Forwarder Cluster (3 servers) that forward data...

by Contributor in

How do I monitor a file containing more than 1000 lines?

Hi all, I have a log file with many rows. However, I tried to change the settings in /etc/system/local/props.conf ...

by Explorer in

WinEventLog:Security HeavyForwarder (filter and send to indexer)

Hello, I trying to retrieve all login/off/fail on my inderxer from UniversalForwarder filtered by Heavy forwarder ...

by Path Finder in

TailingProcessor - Could not send data to output queue (parsingQueue), retrying...

I have not been able to find a solution although there are questions with the same/similar symptom. My log files are ...

by Engager in

props.conf date and time formatting

I have log files that I would like to get into Splunk but I'm having trouble due to the way the date and time are for...

by Path Finder in

does universalforwarder support SEDCMD?

timeformat is not desired, I tried SEDCMD to correct it(12-hour format with 'am','pm') props.conf of INDEXER: SEDC...

by Contributor in

how to recognize timestamp with Chinese character

Hi,I met some log and it's date written by Chinese, like '1 五月 2013,11：10' means '1 May 2013，11：10'. Is it possible t...

by Explorer in

Eating Nagios event logs without installing Splunk for Nagios app

I have hunted high and low for documentation of appropriate sourcetypes.conf and props.conf stanzas for the Nagios ev...

by Motivator in

Parsing timestamp that is relative from zero from an embedded device

Hi I'm new to Splunk and have what I think is a strange use case (maybe not!). We are capturing logs from an embed...

by Engager in

Log not index entirely

Howdy! I have been wracking my head around this for the past few days and cannot seem to figure it out. For testin...

by Explorer in

When forwarder's queue is maxed out, data [ monitor files or directories ] will get backed up. What is "backed up" ?

Hi Guys ... I get a question about input queue on forwarder ? I found a document "Use persistent queues to he...

by Path Finder in

timestamp conversion

Hi , I want to convert the Input :2013-12-09 18:11:34 Input :13-12-09 18:11:34 I want a common regex to convert the ...

by Path Finder in

Formatting line breaks and timestamps with props.conf

Hi guys, I'm trying to deal with a specific requirement and I've tried modifying the props.conf to my liking, but ...

by Communicator in

UniversalForwarder does not filter data

Hello. I would like sort the data from Windows Security log, but some reason still passed to all the data in Splu...

by Communicator in

SplunkLightForwarder has been deprecated in Splunk 6?

initially I had thought that the SplunkLightForwarder had less impact on performance when installed on a platform, ho...

by Builder in

use an input csv file to pick up the values within while searching on splunk

Hello All, This is what i want to achieve. I have dhcp logs getting indexed to splunk. Our virus scanners periodic...

by Path Finder in

Perl script output instead of shell

Hello There, I wanted to use Perl script instead of shell script for the scripted output. I put my shell perl s...

by New Member in

AD Field Dates Converting and Searching

Hello All New to splunk and would like a bit of guidance on dealing with Active Directory attributes that ave date...

by New Member in

uneven distribution of forwarder-connections to indexers

Hi, my setup consists of a dozen indexers and a few hundred forwarders. If I look at the distributions of inde...

by Explorer in

Calling rest API from C# SDK

Hi all, Please help in letting me know on how can i call a SPLUNK REST API from C#. My requirement is i need to...

by New Member in

adjusting date_hour in report to reflect local timezone

I log all my devices using GMT. When I run a report where I do a count by date_hour I would like to subtract 6 from t...

by Explorer in

Deployment server test app download failed

I just created a test app for my environment to be pushed to a single workstation. It does not successfully deploy fr...

by Communicator in

Trying to integrate perf4j with our project and aggregate the results in Splunk

I'm trying to figure out how to integrate perf4j into our project in such a way that I can easily read the statistics...

by Engager in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Splunk Time stamp Error

[monitor:///opt/atlassian/.../*.log] does not pick up logs in /opt/atlassian/fisheye-data/var/log

Windows Universal Forwarder Duplication Events

How do I monitor a file containing more than 1000 lines?

WinEventLog:Security HeavyForwarder (filter and send to indexer)

TailingProcessor - Could not send data to output queue (parsingQueue), retrying...

props.conf date and time formatting

does universalforwarder support SEDCMD?

how to recognize timestamp with Chinese character

Eating Nagios event logs without installing Splunk for Nagios app

Parsing timestamp that is relative from zero from an embedded device

Log not index entirely

When forwarder's queue is maxed out, data [ monitor files or directories ] will get backed up. What is "backed up" ?

timestamp conversion

Formatting line breaks and timestamps with props.conf

UniversalForwarder does not filter data

SplunkLightForwarder has been deprecated in Splunk 6?

use an input csv file to pick up the values within while searching on splunk

Perl script output instead of shell

AD Field Dates Converting and Searching

uneven distribution of forwarder-connections to indexers

Calling rest API from C# SDK

adjusting date_hour in report to reflect local timezone

Deployment server test app download failed

Trying to integrate perf4j with our project and aggregate the results in Splunk

Splunk App for Anomaly Detection End of Life Announcment

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions