Getting Data In

Discussions

Thread Info

Search reads first event instead of desired event

I am using the Google Analytics Data Export API to pull some data down into a log file so it can be indexed by splunk...

by Explorer in

Problem to discard some WMI events in FileServer with heavyfwd

I installed a Splunk (Heavy Forwarder) in my Windows 2007 Std SP1 FILE SERVER. Installed, too, Windows APPs. I con...

by New Member in

getting typos message on universal forwarder

Possible typo in stanza [tcpout] in /usr/local/splunkforwarder/etc/apps/SplunkUniversalForwarder/local/outputs.conf, ...

by Path Finder in

How do I collect data from Windows?

I have splunk deployed on a debian VM and it seems to be running fine (collects syslog data etc). No problems there. ...

by New Member in

Can I Index Data Not Previously Indexed

I have a user who has collected data from his servers that was indexed by Splunk using the "main" index. Now he wants...

by Contributor in

ESX Syslog - vmkwarning

I've set up Splunk Free to receive syslogs from my ESX hosts. This is all working perfectly. But is there some way to...

by Explorer in

bacula events again

Hi, i've read and tried this but somehow it does not work for me. i've put the recommended settings into: $SPLU...

by Explorer in

Can't get Universal Forwarder to work.

I have successfully installed the receiving server, setup the receiver, opened firewall ports. In setting up the forw...

by New Member in

SPLUNK forwarder

I am wondering how the splunk forwarder agent handles the following scenario. Let’s say the agent is installed on...

by New Member in

How could config Windows Performance Management?

I'd install Universal Forwarder on windows and froward wmi events to index server (Linux server). But I see "No resul...

by Explorer in

Differentiating between Sourcetypes

Greetings Splunkers! I am currently collecting logs centrally for a content delivery platform for indexing into Sp...

by Builder in

Part-time on-demand Indexing

Currently, I have a forwarder monitoring a directory of files that are being logged in real time. My indexer is recei...

by Splunk Employee in

Incorrect Time Parsing

Greetings Splunkers & Splunkettes! I have the following log entry: 124.180.34.147 2011-10-23 00:09:55 - /xxx_hr...

by Builder in

Timestamp not Reflecting Timezone Configuration

Hi Splunkers & Splunkettes! So I have a series of devices that logs in UTC as follows: 2011-10-30 23:24:13 0 2 ...

by Builder in

Event logs getting duplicated every collection

I have a duplication problem w/ splunk- I know why but not how to fix it. I have an event log that I have to extr...

by Communicator in

host name has '.' appended to it

We've started noticing that some of the data from our Linux universal forwarders are being sent with a '.' appended t...

by Builder in

SSO with Apache - Splunk detecting browser IP instead of Apache IP

I'm trying to configure SSO for Splunk with Apache/2.2.14 as a reverse-proxy - both applications running on the same ...

by Path Finder in

Invalid XML returned from REST API

When I insert an event and call the "services/search/jobs/export" REST endpoint, the XML that comes back is malformed...

by Explorer in

Problem blacklisting single subdirectory

I have universal forwarder 4.2.4 installed on a Windows 2008 server. I have it monitoring several directories, but I ...

by Engager in

inputs.conf behaviour doesn't corespond with documentation

Hello all, my direcotry structur : /data/A/logs/aaaaaaa.log /data/A/logs/aaaaaaa1.log /data/B/logs/aaaaaaa.log...

by Path Finder in

Getting Data In

Discussions

Search reads first event instead of desired event

Problem to discard some WMI events in FileServer with heavyfwd

getting typos message on universal forwarder

How do I collect data from Windows?

Can I Index Data Not Previously Indexed

ESX Syslog - vmkwarning

bacula events again

Can't get Universal Forwarder to work.

SPLUNK forwarder

How could config Windows Performance Management?

Differentiating between Sourcetypes

Part-time on-demand Indexing

Incorrect Time Parsing

Timestamp not Reflecting Timezone Configuration

Event logs getting duplicated every collection

host name has '.' appended to it

SSO with Apache - Splunk detecting browser IP instead of Apache IP

Invalid XML returned from REST API

Problem blacklisting single subdirectory

inputs.conf behaviour doesn't corespond with documentation

Windows Registry monitoring works for local host n...

Get data from WMI to splunk forwarder

Sourcefile name changes at index time - intermitte...

Troubleshoot the Splunk Add-on for Microsoft Cloud...

Salesforce Add-on - Lost my server and trying to r...