Getting Data In

Community Activity

How to configure a 4.1.2 forwarder to auto load balance across indexers I'm trying to figure out how to configure the forwarders to auto load balance. I saw this: http://www.splunk.com/bas... by msvoboda New Member in Getting Data In 11-04-2013 0 3	0	3
At what point do very large lookup files (csv) get indexed? After creating a very large lookup csv file splunk creates *.csv.index directories under my lookup directory. What is... by rroberts Splunk Employee in Getting Data In 11-04-2013 1 2	1	2
How to filter or extract fields before indexing time I have got very large orginal data, with events strictly formatted as "f1,f2,f3,..." most of the fields are meaningle... by crazyeva Contributor in Getting Data In 11-04-2013 0 4	0	4
Asian language support Does Splunk have problem showing Language data from Windows server? It's Korean data that we are indexing, but after... by clyde772 Communicator in Getting Data In 11-03-2013 0 2	0	2
replicationBlacklist example? I'm trying to configure replicationBlacklist but see no regex examples that are beyond a basic *.filetype: [replicat... by the_wolverine Champion in Getting Data In 11-02-2013 0 1	0	1
Filtering/nullQueue Question I’m trying to get our AIX data into Splunk, but I’m having a filter/nullQueue issue. I was wanting to keep certain e... by kmcconnell Path Finder in Getting Data In 11-01-2013 0 4	0	4
Setting up an ultra-light front-end instance for API request Hello. In our company we already have a Splunk 5 setup with multiple search heads and indexers. What I would like t... by sgerogia New Member in Getting Data In 11-01-2013 0 3	0	3
fschange with \...\ This is my inputs.conf [fschange://C:\Users...\AppData\Local\Microsoft\Windows\Burn] index=windows recurse=true sour... by mcbradford Contributor in Getting Data In 11-01-2013 0 2	0	2
Linux Syslogd Config This is not a splunk specific question however it is very related and involves config of syslog on a linux host that ... by balcv Contributor in Getting Data In 11-01-2013 0 7	0	7
Forwarders reporting in, but no log data being sent I have two nix servers that are failing to send log data over. If I search index=_internal I can see the forwarders a... by hagjos43 Contributor in Getting Data In 11-01-2013 0 4	0	4
Keep Last Daily Activity Per User Hi, i would like to keep the last event/activity of a day for every user (so filter out all other events). I used ... by HeinzWaescher Motivator in Getting Data In 11-01-2013 0 8	0	8
Sourcetype="something" returns no results I have a very simple scripted input which calls a .cmd file and in turn calls a .ps1 file. That PS1 file does a test-... by O2Anthony New Member in Getting Data In 11-01-2013 0 3	0	3
SyntaxError: JSON.parse: unexpected character in splunk I am facing the following error when loading data to splunk. "Your entry was not saved. The following error was repo... by kavyatim Path Finder in Getting Data In 11-01-2013 1 1	1	1
Editing an existing data input creates new item When I try to edit an existing data input, it's creating a new one. Shouldn't it just update it? by adrianp Path Finder in Getting Data In 11-01-2013 1 4	1	4
DNS Resolution Revisited I previously asked for some help on setting up dns resolution when performing searches and I got some great info and ... by balcv Contributor in Getting Data In 10-31-2013 0 2	0	2
Importing a CSV and line breaking within a field Hi Ninjas- I am trying to import a csv that is in the following format, with a header that defines the fields- field... by diesel6e New Member in Getting Data In 10-31-2013 0 1	0	1
ERROR FrameworkUtils - Incorrect path to script The data is not being forwarded from the host. I see the below error entry in the internal logs for that host. 10-29... by pradeepkumarg Influencer in Getting Data In 10-31-2013 0 1	0	1
How to index less data? I would like to index less data into Splunk by modifying several XML sources so that I'm only including certain field... by sc0tt Builder in Getting Data In 10-31-2013 0 6	0	6
Splunk 6.0 removing syslog priority fields Dear sir I have read all information on the Splunk answers. but I couldnt find any solutionn for my situation. I am ... by herat420 New Member in Getting Data In 10-31-2013 0 1	0	1
How to index a binary data from UDP? I am trying to receive a binary data from UDP in splunk, I have tested many method to achieve it, but it still doesn'... by matthewgao Engager in Getting Data In 10-31-2013 0 10	0	10
How do I use inputlookup to create table of string matches from raw events? I need to match strings contained in a .csv lookup file to the raw events since there are no field extractions for th... by digital_alchemy Path Finder in Getting Data In 10-30-2013 0 2	0	2
Filter windows events on indexer from a universal forwarder I've been beating my head against a wall with this for a few hours. My setup is I have a linux indexer with a few wi... by jstockamp Communicator in Getting Data In 10-30-2013 1 7	1	7
How long does/should it take to see syslog messages? I'm testing Splunk and am trying to capture syslog messages from a Cisco ASA. I only have the Splunk Cisco Firewalls ... by adrianp Path Finder in Getting Data In 10-30-2013 0 1	0	1
ImportError: No module named splunk.entity I'm running Splunk ver 6 on my current server. There is a known bug with CiscoIPS so I was recommended I create a new... by fraijof Explorer in Getting Data In 10-30-2013 1 3	1	3
why is splunkforwarder-6.0-182611-x64-release.msi sending mostly x00 why is the data from splunk forwarder --splunk-cooked-mkode-v3-- then about 103 x00 then the computername fillowed by... by lewis15 New Member in Getting Data In 10-30-2013 0 13	0	13