Getting Data In

Community Activity

Does Splunk support Global File System(GFS) in a Linux cluster environment? Hello: Does Splunk support Global File System(GFS) in a Linux cluster environment? I set up Splunk in its production ... by Genti Splunk Employee in Getting Data In 01-13-2014 0 2	0	2
writing a rex for transforms Hello All, I would appreciate some assistance in writing a transforms stanza. I am ingesting logs in which both the... by gurinderbhatti Path Finder in Getting Data In 01-13-2014 0 1	0	1
Transaction using timestamp I have the following query. index="someindex" \| sort +evnt_ts \| transaction dcn,evnt_ts keepevicted="t"\| table dcn,_... by Sriram Communicator in Getting Data In 01-13-2014 0 2	0	2
Debugging filter strings used with role-based access I'd like to restrict a certain group of users to only see a specific set of hosts within an index. I can set up the f... by sowings Splunk Employee in Getting Data In 01-13-2014 3 5	3	5
Windows event log collection randomly stops I am collecting WinEventLog (not using WMI) data using a Universal Forwarder, Heavy Forwarder or full Splunk Instance... by abonuccelli_spl Splunk Employee in Getting Data In 01-13-2014 0 1	0	1
monitor blacklist Question Hi, I have log file with name of erlDirService_log.log and erlDirService_error.log. I want to put this in blacklist... by rameshlpatel Communicator in Getting Data In 01-13-2014 0 5	0	5
Splunk multiple monitering stanza issue Hi , I am adding here multiple monitoring stanza to filter out different log files and give them source type. But I... by rameshlpatel Communicator in Getting Data In 01-12-2014 0 7	0	7
Configure heavy forwarder to send data periodically Hi Guys, I set-up Heavy forwarder at Machine-1 and wants to send data on Machine-2, since network in involve in betw... by moohkhol New Member in Getting Data In 01-10-2014 0 6	0	6
Install Unable to launch Splunk's Pre Flight Checks I'm trying to install splunk 64bit on Windows 7. Everything seems to work up until the Pre Flight Check. I recieve ... by szoock Explorer in Getting Data In 01-10-2014 0 6	0	6
Filter account domain I, i need to make a dashboard for accounts locked and i would like to had a filter by account domain. Is this possibl... by borgeshe New Member in Getting Data In 01-10-2014 0 3	0	3
LINE_BREAKER for input on an universal forwarder? I have a few universal forwarders which tail a folder structure. They send the data to a indexer where also a searchh... by dominiquevocat SplunkTrust in Getting Data In 01-10-2014 0 4	0	4
splitting data and saving the each result i have raw data like cat \| dog \| elecat \| dog dog \| ele this field name is catego result should be counting like t... by changwoo Communicator in Getting Data In 01-10-2014 1 2	1	2
Splunk adds .filepart to file name Hello, I put about 500 files on a server (between 2 directories) and was looking through the data. It seemed that m... by AlexMcDuffMille Communicator in Getting Data In 01-09-2014 0 3	0	3
Filtering events from Hadoop unstructured data I am trying to read log files from Hadoop cluster. These are unstructured files which otherwise can be filtered after... by sansri7680 Path Finder in Getting Data In 01-09-2014 0 1	0	1
Observing consistent uneven load balancing from universal forwarders to indexers I've come up with a query to see which indexers our forwarders are sending data to and the results are somewhat eye o... by Runals Motivator in Getting Data In 01-09-2014 0 1	0	1
Move indexed file! How to do to move files indexed by splunk? [monitor:///var/log/teste/teste.log] by erick_costa Path Finder in Getting Data In 01-09-2014 0 3	0	3
Trouble with DB2 timestamp. Ive added a new database connection to DB connect. My first actually. the dbx.log has the following message associa... by keithkelley1 Engager in Getting Data In 01-08-2014 1 4	1	4
Splunk 5.0.5, Does Splunk logs object deletion activity from Splunk Web ? Hi, We have a shared development environment for Splunk (version 5.0.5) where many users do create/updated/delete Sp... by somesoni2 Revered Legend in Getting Data In 01-08-2014 1 1	1	1
RT Searches and the Dispatch Directory Hello everyone, I'm having issues keeping my dispatch directory down to a manageable level. What I mean by that is f... by tnconners Explorer in Getting Data In 01-08-2014 0 2	0	2
How to filter event logs before indexing Hello everyone. I am very new to Splunk and I am trying to filter logs before they reach the indexer. I literally hit... by Szethius Explorer in Getting Data In 01-08-2014 0 5	0	5
Splunk monitor mode query i have indexed data from a directory in monitor mode ,and while checking the status of files being indexed i found an... by Mansi24 Path Finder in Getting Data In 01-08-2014 0 3	0	3
i want to convert my sample data to time stamp. i have a raw data like 123::1312:3232::429384 and trying to included to my splunk ( to add data ) the last data 4293... by changwoo Communicator in Getting Data In 01-08-2014 0 7	0	7
Forward specific index to a specific receiver Hello, i have three index : A, B, C on my heavy forwarder and i want to forward to different receiver, example : A ... by ddarmand Communicator in Getting Data In 01-07-2014 0 2	0	2
Determining which all files are already indexed in a directory which is being monitored by a monitor mode Assuming we are indexing files in a directory which is in a monitor mode, then how to determine how many files are be... by dishasaxena Path Finder in Getting Data In 01-07-2014 1 4	1	4
location of configuration for inputs set up with installer windows based forwarder We have set up universal forwarders on Windows. During the setup one can specify to monitor a specific folder and not... by dominiquevocat SplunkTrust in Getting Data In 01-07-2014 0 5	0	5