Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Discussions
| Thread Info | |||||
|---|---|---|---|---|---|
|
Can you help me write a regex to index a configuraton file like below. There are no time stamps in it. Anything in < ...
by
ballu611
New Member
in
Getting Data In
02-11-2014
|
0
|
3
| ||
|
|
I have read this Q&A http://answers.splunk.com/answers/50082/how-do-i-configure-a-splunk-forwarder-on-linux
howeve...
by
windyita
New Member
in
Getting Data In
02-12-2014
|
0
|
3
| ||
|
|
I have read another Q&A http://answers.splunk.com/answers/50082/how-do-i-configure-a-splunk-forwarder-on-linux but I'...
by
windyita
New Member
in
Getting Data In
02-12-2014
|
0
|
2
| ||
|
|
Hi All,
I am trying to integrate a csv file in Splunk. I have created a cluter with one Search head, two indexers....
by
sourabh_v
Explorer
in
Getting Data In
02-10-2014
|
0
|
3
| ||
|
Hi guys,
I'm having a issues with a log data file in the following format (JSON):
{"widget": {<!-- --> "debug": "on", "...
by
rafamss
Contributor
in
Getting Data In
02-11-2014
|
0
|
7
| ||
|
|
Hi,
I'm trying to install the Splunk forwarder 6.0.1 on Windows 2008 servers, and I get the following error in the...
by
wolf_nir
Explorer
in
Getting Data In
02-11-2014
|
0
|
3
| ||
|
|
I am using a Universal Forwarder to collect events from a Windows server. In
/etc/system/local I have create...
by
chrissale
Explorer
in
Getting Data In
02-11-2014
|
2
|
3
| ||
|
|
Hi i noticed that every seven days at 4:03 ( of the local time )splunk stop to process Syslog messages. then i need ...
by
petpet
New Member
in
Getting Data In
01-13-2014
|
0
|
5
| ||
|
|
Hi All,
I am trying to setup the data retention policy in a way that my data in hot db stays for 1 day, 10 GB of d...
by
sourabh_v
Explorer
in
Getting Data In
02-07-2014
|
1
|
3
| ||
|
|
Hopefully, a easy question here. Just setup a universal forwarder on My linux machine. I installed it just fine and d...
by
jasonwilliams14
New Member
in
Getting Data In
02-09-2014
|
0
|
1
| ||
|
|
I have an unusual requirement from my client. To satisfy log retention policies (among other things) I need to send S...
by
pil321
Communicator
in
Getting Data In
02-08-2014
|
0
|
4
| ||
|
|
Hi,
While conducting an analysis of bandwidth usage by Splunk 6 agents on two separate desktops, I noticed a discr...
by
absreim
Explorer
in
Getting Data In
02-04-2014
|
0
|
3
| ||
|
|
Do I need to escape the | (pipe character) for a TIME_FORMAT in props.conf?
Example Timestamp:
2014-02-07 || 5...
by
bwooden
Splunk Employee
in
Getting Data In
02-07-2014
|
0
|
1
| ||
|
|
It appears that this issue still persists in DB Connect 1.1.2:
http://docs.splunk.com/Documentation/DBX/1.1.2/Depl...
by
tsunamii
Path Finder
in
Getting Data In
02-03-2014
|
0
|
3
| ||
|
All,
I'm curious, is there an easy way to find all duplicate logs and delete all but one of them?
Thanks!
by
bruceclarke
Contributor
in
Getting Data In
02-07-2014
|
0
|
1
| ||
|
|
I have added a folder to read CSV files through data input >files and directory option. It seems that when I add a ne...
by
jimjohn
Path Finder
in
Getting Data In
02-07-2014
|
0
|
3
| ||
|
|
Hi
How can i add current time to _time filed while reading data from CSV file. I have added below in Splunk\etc\sy...
by
jimjohn
Path Finder
in
Getting Data In
02-07-2014
|
1
|
2
| ||
|
|
Hi, I currently writing prop configure to validate my event
Events
Feb 03 13:22:23 Jessica-Ubuntu kernel:...
by
Jiamin
New Member
in
Getting Data In
02-06-2014
|
0
|
2
| ||
|
|
Hi,
I have a multi-line feed with two diffferent timestamp formats? How would I handle that? The formats are very ...
by
a212830
Champion
in
Getting Data In
01-31-2014
|
0
|
5
| ||
|
|
Is it possible to configure multiple Universal Forwarders to forward their data to another Universal Forwarder that w...
by
rdownie
Communicator
in
Getting Data In
02-06-2014
|
0
|
1
| ||
|
|
We have a sourcetype for /var/log/messages that is logged in the local server time on almost every host.
We have ...
by
grahamkenville
Engager
in
Getting Data In
07-31-2012
|
0
|
2
| ||
|
|
Hello,
Is it possible to use a heavy forwarder as deployment server, too? I try to install 2 servers like this: ht...
by
Torben_Volkmann
New Member
in
Getting Data In
02-05-2014
|
0
|
2
| ||
|
Hello
I am trying to connect DB Connect to a MS SQL server and facing few issues with it.
2014-02-06 11:03:20....
by
theouhuios
Motivator
in
Getting Data In
02-06-2014
|
1
|
2
| ||
|
|
We're new to clusters, so probably we made a stupid mistake or did not yet read an important chapter in the manual. ...
by
mbstein
Engager
in
Getting Data In
02-06-2014
|
0
|
1
| ||
|
|
Hi I want to add multiple CSV files to a folder and want spunk to read all the CSV files in that folder. Ie if i put ...
by
SplunkBaby
Explorer
in
Getting Data In
02-06-2014
|
0
|
1
|
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
206 -
data
467 -
development
5 -
encryption
1 -
eval
2 -
field extraction
548 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
929 -
host
154 -
HTTP Event Collector
432 -
index
538 -
indexer
702 -
indexing performance
1 -
inputs.conf
826 -
installation
5 -
intermediate forwarder
140 -
introduction
3 -
JSON
387 -
kvstore
1 -
Linux
450 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
187 -
monitor
308 -
monitoring console
1 -
other
46 -
proactive Splunk component monitoring
2 -
props.conf
965 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
489 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
312 -
time
204 -
transforms.conf
571 -
troubleshooting
15 -
universal forwarder
1,539 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
582 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...
If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...
Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions
Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...
Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...
Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...
Unanswered Topics
