Getting Data In

Ask a Question

Discussions

Thread Info

c# sdk not working on Windows server

Hi, I'm using the Splunk SDK (C#) to run searches against our Splunk Server. The code I have is from the exampl...

by Explorer in

Universal Forwarder Inputs Configuration

Version 5.0.5 Windows I installed the Universal Forwarder on my windows machine using the installation wizard. The...

by Explorer in

DB Connect tailing inputs fail after a Splunk restart

Indexer – 2K8R2-64, Splunk 5.0.4, DB Connect 1.0.11, Latest JDK, ojdbc6, Oracle 11 Server – 2K8R2-64 The proble...

by Super Champion in

How to extract out a field and replace it if found in key word

For example my field is file_name, which contain a string " Hi Hello Hi". My search is file_name =hello | eval keywor...

by New Member in

Indexer almost out of storage space

I'm about to run out of room on one of our indexers. We have two indexers setup and we are doing distributed indexing...

by Path Finder in

Key Value during search

How can this be split into key-value during search? ||| --> this marks seperation between key and value for ex: key i...

by Path Finder in

How does Splunk calculate daily indexing limit

Hello, We've been downloading between 200 and 250 MB of logs and adding them to Splunk every day. Yesterday we dow...

by Engager in

Anonymize data based on user role

How to mask or Anonymize data in Splunk 5.0.4 based on role, such that one role (such as Admin) can search and see th...

by Explorer in

REST Authentication with Java via certificate

Hello, Can someone point me to a doc showing how to authenticate via rest with Java with a certificate? I can't s...

by Builder in

Calling a sequence of commands

Hi, I'm taking over splunk management for a company I just joined and have found some errors in the way the data w...

by Path Finder in

Adding host field when summary indexing?

Hi, I have a heavy search on multiple sources that I want to schedule to populate a summary index. I am basically ...

by Communicator in

SPLUNK index main logs

My Splunk License Usage app is showing that my SPLUNK server is using 26% of my license(From "main"). Is there any wa...

by Explorer in

Multiline macro writing format problem

*emphasized text*i was defining a macro search writing the search each pipe in one line like: xxxx |aaa |bbb |ccc it ...

by Contributor in

TIMESTAMP QUERY

I have my log as SNM4 PGHF14LR.866F :: 04/03/13 11:46:32 :: Received file MOBIUSJ741.20130403 - 317982 bytes transfer...

by Explorer in

Need Help with Time Prefix and "|" character

I've got data that looks like this: YCTC3|YCTC3|A277537|20131013|225102|316739|E|001|TP0|THPNBAV05|10.124.130.71|...

by Communicator in

Mulitple versions of logs creating separate sourcetypes?

I have a log file that I created a transforms.conf and props.conf for specifying the log source in the props with [so...

by Explorer in

Occasional error in converting time stamps

Hi, I'm seeing a very weird behavior from splunk and wondering if anyone knows whats going on. My input is a cv...

by Path Finder in

access_combined Field Definitions

I haven't been able to find definitions of the access_combined source type fields. Does anyone know where they might ...

by Explorer in

Monitor linux host NFS I/O on local mount points

I am new to Splunk and as part of the evaluation i wanted to create a script that poled the NFS stats on one of our b...

by New Member in

Universal Forwarder and Splunk Technology Add-on for Windows questions

Does anyone know if there are any docs out there that describe the design/architecture of the Universal forwarder and...

by Explorer in

Time stamp extraction not working

I have events which start like 16OCT13 AAAB 12:59:00 JAJAS DKDJD KDD 16OCT13 AABB 13:00:00 AJAJA AKAJK AKA ...

by Contributor in

Syslog data from UDP. Maximum message size?

What's maximum message size which splunk's syslog will accept via UDP? How I can increase it?

by Engager in

Weird issue - forwarder app works on one server, but not another

Hey everyone. I have written a simple forwarding app which monitors 2 directories. I have this app deployed on 2 serv...

by Builder in

Monitor Who has made a change to a file

Hey Guys A simple one for someone out there im sure, I have a file on 3 servers that I currently monitor the chan...

by Communicator in

Events getting tagged with forwarder host name

Hi, I have several forwarders that rsyslog listens on 514 and I set it up so that certain logs go to separate file...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

c# sdk not working on Windows server

Universal Forwarder Inputs Configuration

DB Connect tailing inputs fail after a Splunk restart

How to extract out a field and replace it if found in key word

Indexer almost out of storage space

Key Value during search

How does Splunk calculate daily indexing limit

Anonymize data based on user role

REST Authentication with Java via certificate

Calling a sequence of commands

Adding host field when summary indexing?

SPLUNK index main logs

Multiline macro writing format problem

TIMESTAMP QUERY

Need Help with Time Prefix and "|" character

Mulitple versions of logs creating separate sourcetypes?

Occasional error in converting time stamps

access_combined Field Definitions

Monitor linux host NFS I/O on local mount points

Universal Forwarder and Splunk Technology Add-on for Windows questions

Time stamp extraction not working

Syslog data from UDP. Maximum message size?

Weird issue - forwarder app works on one server, but not another

Monitor Who has made a change to a file

Events getting tagged with forwarder host name

Observe and Secure All Apps with Splunk

Splunk Decoded: Business Transactions vs Business IQ

Fastest way to demo Observability

Onboard Unknown Source to SC4S

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025

Getting Data In

Are you a member of the Splunk Community?

Discussions