Getting Data In

Community Activity

Forwarding logs with a long header and variable number of columns. Greetings, I am attempting to forward some collectl system usage logs from a cluster to Splunk. Ideally I would lik... by dgustaf New Member in Getting Data In 02-13-2014 0 1	0	1
Why is Splunk not indexing all files in all folders on Amazon S3? I have set up an S3 bucket and added it as a data input source. I started with one folder in the bucket and it indexe... by BrandSentiment Explorer in Getting Data In 02-13-2014 0 1	0	1
How indexing periodically the same already indexed logfiles with the same content again? How can i indexing every day the same already indexed logfiles with the same content again? Only the timestamp for th... by hadjaliy New Member in Getting Data In 02-13-2014 0 2	0	2
Is there a "Data inputs" screen for the forwarders? My goal is to pull in some info from perfmon, specifically from the APP_POOL_WAS object. I read this page here: http... by neiljpeterson Communicator in Getting Data In 02-12-2014 0 4	0	4
How to allow powershell scripts on windows server I have several apps using powershell inputs and scripts. By default in Windows, they are not authorized to run. How t... by yannK Splunk Employee in Getting Data In 02-12-2014 5 2	5	2
How do I use the REST API? I've been trying to follow the instructions on the following site: http://dev.splunk.com/view/SP-CAAADQT However,... by sdorich Communicator in Getting Data In 02-12-2014 2 5	2	5
How to index a conf file like below Can you help me write a regex to index a configuraton file like below. There are no time stamps in it. Anything in < ... by ballu611 New Member in Getting Data In 02-12-2014 0 3	0	3
how to add data using forwarder in linux I have read this Q&A http://answers.splunk.com/answers/50082/how-do-i-configure-a-splunk-forwarder-on-linux however ... by windyita New Member in Getting Data In 02-12-2014 0 3	0	3
what is the difference in configuration between forwarders for receiving and sending I have read another Q&A http://answers.splunk.com/answers/50082/how-do-i-configure-a-splunk-forwarder-on-linux but I'... by windyita New Member in Getting Data In 02-12-2014 0 2	0	2
csv file integration Hi All, I am trying to integrate a csv file in Splunk. I have created a cluter with one Search head, two indexers. ... by sourabh_v Explorer in Getting Data In 02-11-2014 0 3	0	3
Issue with a log JSON Hi guys, I'm having a issues with a log data file in the following format (JSON): {"widget": {<!-- --> "debug": "on", ... by rafamss Contributor in Getting Data In 02-11-2014 0 7	0	7
Splunk forwarder 6.0.1 installation on Win 2008 32 bit + R2 64 Bit hangs Hi, I'm trying to install the Splunk forwarder 6.0.1 on Windows 2008 servers, and I get the following error in the s... by wolf_nir Explorer in Getting Data In 02-11-2014 0 3	0	3
Disable forwarding of Windows Event Logs I am using a Universal Forwarder to collect events from a Windows server. In /etc/system/local I have created custom ... by chrissale Explorer in Getting Data In 02-11-2014 2 3	2	3
Splunk stop to process syslog messages every 7 days Hi i noticed that every seven days at 4:03 ( of the local time )splunk stop to process Syslog messages. then i need ... by petpet New Member in Getting Data In 02-10-2014 0 5	0	5
Data Retention Policy Hi All, I am trying to setup the data retention policy in a way that my data in hot db stays for 1 day, 10 GB of dat... by sourabh_v Explorer in Getting Data In 02-09-2014 1 3	1	3
Universal Forwarder question Hopefully, a easy question here. Just setup a universal forwarder on My linux machine. I installed it just fine and d... by jasonwilliams14 New Member in Getting Data In 02-09-2014 0 1	0	1
forward Splunk logs to syslog server I have an unusual requirement from my client. To satisfy log retention policies (among other things) I need to send S... by pil321 Communicator in Getting Data In 02-08-2014 0 4	0	4
Log messages about undiscovered character set and UTF-8 in metrics.log and splunkd.log Hi, While conducting an analysis of bandwidth usage by Splunk 6 agents on two separate desktops, I noticed a discrep... by absreim Explorer in Getting Data In 02-07-2014 0 3	0	3
Do I need to escape a pipe character for TIME_FORMAT in props.conf? Do I need to escape the \| (pipe character) for a TIME_FORMAT in props.conf? Example Timestamp: 2014-02-07 \|\| 5:3... by bwooden Splunk Employee in Getting Data In 02-07-2014 0 1	0	1
Is patch for DBX-269 (No handlers could be found for logger spp.java) available? It appears that this issue still persists in DB Connect 1.1.2: http://docs.splunk.com/Documentation/DBX/1.1.2/Deploy... by tsunamii Path Finder in Getting Data In 02-07-2014 0 3	0	3
Finding and removing all but one duplicate doc All, I'm curious, is there an easy way to find all duplicate logs and delete all but one of them? Thanks! by bruceclarke Contributor in Getting Data In 02-07-2014 0 1	0	1
Taking CSV files automatically from folder I have added a folder to read CSV files through data input >files and directory option. It seems that when I add a ne... by jimjohn Path Finder in Getting Data In 02-07-2014 0 3	0	3
Current date time in whiile reading from CSV Hi How can i add current time to _time filed while reading data from CSV file. I have added below in Splunk\etc\syst... by jimjohn Path Finder in Getting Data In 02-07-2014 1 2	1	2
Prop Config Issue Hi, I currently writing prop configure to validate my event Events Feb 03 13:22:23 Jessica-Ubuntu kernel: [ 7098.... by Jiamin New Member in Getting Data In 02-06-2014 0 2	0	2
multi-timestamps/multi-line help Hi, I have a multi-line feed with two diffferent timestamp formats? How would I handle that? The formats are very ... by a212830 Champion in Getting Data In 02-06-2014 0 5	0	5