Getting Data In

Community Activity

Can i remove blank lines in my event ?? Hi I have an so many blanklines , and whitespaces in a single event , Now i want to strip of these blank lines , and... by rakesh_498115 Motivator in Getting Data In 11-20-2013 0 5	0	5
Implications of a SUF losing connectivity to the Splunk Indexer Hey all, I've got a setup that looks something like the following: SUF (Remote Server) -> SUF (Intermediate Forward... by bowen_denning Engager in Getting Data In 11-19-2013 0 6	0	6
Does CVE-2013-6771 require upgrading to minimum 5.0.5? The following vuln, CVE-2013-6771, appears to only be fixed in 5.0.5 and newer: http://www.splunk.com/view/SP-CAAAH7... by the_wolverine Champion in Getting Data In 11-19-2013 2 12	2	12
apache virtual hosts - custom field? I have several virtual hosts per Apache server, and I want to be able to report on them individually. I envision that... by jgauthier Contributor in Getting Data In 11-19-2013 0 4	0	4
Unable to use Whitelist and Blacklist in splunk Hi For whitelist:- I have following logs under my  directory D:/logs/abcUSEFUL.log D:/logs/xyzUSEFUL.log D:/logs/abc... by luv Explorer in Getting Data In 11-19-2013 0 3	0	3
Apache Dashboards? This might seem like a dorky question, but after searching answers and apps... I came up mostly empty. Are there any... by jgauthier Contributor in Getting Data In 11-19-2013 0 1	0	1
Failing to break multiline events I'm trying to index JVM garbage collection logs. I'm having trouble getting the event delimiting to work, however. Be... by nl_cape Explorer in Getting Data In 11-19-2013 0 2	0	2
Getting data into splunk How to change the format of the input data to our need before indexing in splunk. My original lof is in the format. S... by srajanbabu Explorer in Getting Data In 11-19-2013 1 5	1	5
Information on .conf files Hi All, I have a very basic doubt with respect to all the .conf files. I have transforms.conf , props.conf and al... by ppurokit Path Finder in Getting Data In 11-19-2013 0 2	0	2
post data to splunk, REST API Hi, I am new to Splunk and just trying to add data to it. I have a Raspberry Pi connected with temperature sensors a... by shankarbandaru Engager in Getting Data In 11-18-2013 1 1	1	1
Splunk forwarding, need information about a stanza in inputs.conf Hi, I am trying to setup forwarding on my Splunk instance and need information about the following stanza in etc/sys... by somesoni2 Revered Legend in Getting Data In 11-18-2013 0 1	0	1
ignoring the first row (column headers) in a CSV data source Hi, When i input data from files & directories in splunk, is there a way to ignore the first row (column headers) in ... by jgautreau Explorer in Getting Data In 11-18-2013 1 4	1	4
Indexing the same file twice Hi, I have an index called "XYZ" and in it i have a file called "abc.txt" and I am taking the help of a configuratio... by abhayneilam Contributor in Getting Data In 11-18-2013 0 4	0	4
ip address and hostname from fowarder I am using a host segment to set a 'hostname' (we have multiple hosts on one box) as set out below: [monitor://c:\lo... by andykiely Path Finder in Getting Data In 11-18-2013 0 6	0	6
Time Format being ignored, why? Sample log line date part: Nov 16 22:48:36 props.conf on indexer TIME_PREFIX = ^ TIME_FORMAT = %b %e %H:%M:%S MA... by tyronetv Communicator in Getting Data In 11-18-2013 0 1	0	1
Filtering of events using nullQueue I am having issues filtering data into nullQueue. I have a log where the only lines I want indexed have the string "... by flucman Explorer in Getting Data In 11-18-2013 0 3	0	3
Cisco IPS app not working Hello I have issue to make work the Cisco IPS app under splunk. I made it works the first time indexing correctly t... by rbw78 Communicator in Getting Data In 11-18-2013 2 6	2	6
日本語文字列に対するSEDCMDについて WMIポーリングで取得したWindowsイベントログをSEDCMD属性で置換したいのですが、下記のprops.confを設定してもうまく置換されません。何か対応方法ございますでしょうか。＜props.conf＞ [WMI:W... by sunrise Contributor in Getting Data In 11-18-2013 0 3	0	3
regex question in inputs.conf Hi, How would I setup a monitor in inputs.conf that looks for files that begin with "system-" and will process every... by a212830 Champion in Getting Data In 11-16-2013 0 2	0	2
Inputs.conf and special characters I have an inputs.conf file that had a monitor statement like: [monitor:///*_ECM/A/doc/abc.log] Files are NOT being ... by rmorlen Splunk Employee in Getting Data In 11-15-2013 0 5	0	5
feeding fields to an external script I've written a little python one-liner that basically calls showmount -a with an argv array at the end and my goal is... by mjones414 Contributor in Getting Data In 11-15-2013 0 1	0	1
Can I specify a name server for DNS Hi, We are having some DNS issues in our infrastructure. Apparently the name servers our splunk hosts are using are ... by echalex Builder in Getting Data In 11-15-2013 0 4	0	4
BucketMover moving to cold on UNC I get the following error: ERROR BucketMover - aborting move because recursive copy from src='C:\Program Files\Splun... by jrich523 Path Finder in Getting Data In 11-15-2013 0 1	0	1
unable to break multi line events in splunk 10:32:21,453 INFO [2212] abcdxyz <-\| 10:32:21,112 INFO [2212] abcdxyz \| 10:32:22,409 INFO [1121] abcdxyz \| 10:32:... by luv Explorer in Getting Data In 11-15-2013 0 12	0	12
Getting full mail transaction with Exim I want to display all mail to and from a client, with the subject, relayed host and status in one dashboard. The das... by leonrtx Explorer in Getting Data In 11-15-2013 0 8	0	8