Getting Data In

Community Activity

Filtering/nullQueue Question I’m trying to get our AIX data into Splunk, but I’m having a filter/nullQueue issue. I was wanting to keep certain e... by kmcconnell Path Finder in Getting Data In 11-01-2013 0 4	0	4
Setting up an ultra-light front-end instance for API request Hello. In our company we already have a Splunk 5 setup with multiple search heads and indexers. What I would like t... by sgerogia New Member in Getting Data In 11-01-2013 0 3	0	3
fschange with \...\ This is my inputs.conf [fschange://C:\Users...\AppData\Local\Microsoft\Windows\Burn] index=windows recurse=true sour... by mcbradford Contributor in Getting Data In 11-01-2013 0 2	0	2
Linux Syslogd Config This is not a splunk specific question however it is very related and involves config of syslog on a linux host that ... by balcv Contributor in Getting Data In 11-01-2013 0 7	0	7
Forwarders reporting in, but no log data being sent I have two nix servers that are failing to send log data over. If I search index=_internal I can see the forwarders a... by hagjos43 Contributor in Getting Data In 11-01-2013 0 4	0	4
Keep Last Daily Activity Per User Hi, i would like to keep the last event/activity of a day for every user (so filter out all other events). I used ... by HeinzWaescher Motivator in Getting Data In 11-01-2013 0 8	0	8
Sourcetype="something" returns no results I have a very simple scripted input which calls a .cmd file and in turn calls a .ps1 file. That PS1 file does a test-... by O2Anthony New Member in Getting Data In 11-01-2013 0 3	0	3
SyntaxError: JSON.parse: unexpected character in splunk I am facing the following error when loading data to splunk. "Your entry was not saved. The following error was repo... by kavyatim Path Finder in Getting Data In 11-01-2013 1 1	1	1
Editing an existing data input creates new item When I try to edit an existing data input, it's creating a new one. Shouldn't it just update it? by adrianp Path Finder in Getting Data In 11-01-2013 1 4	1	4
DNS Resolution Revisited I previously asked for some help on setting up dns resolution when performing searches and I got some great info and ... by balcv Contributor in Getting Data In 10-31-2013 0 2	0	2
Importing a CSV and line breaking within a field Hi Ninjas- I am trying to import a csv that is in the following format, with a header that defines the fields- field... by diesel6e New Member in Getting Data In 10-31-2013 0 1	0	1
ERROR FrameworkUtils - Incorrect path to script The data is not being forwarded from the host. I see the below error entry in the internal logs for that host. 10-29... by pradeepkumarg Influencer in Getting Data In 10-31-2013 0 1	0	1
How to index less data? I would like to index less data into Splunk by modifying several XML sources so that I'm only including certain field... by sc0tt Builder in Getting Data In 10-31-2013 0 6	0	6
Splunk 6.0 removing syslog priority fields Dear sir I have read all information on the Splunk answers. but I couldnt find any solutionn for my situation. I am ... by herat420 New Member in Getting Data In 10-31-2013 0 1	0	1
How to index a binary data from UDP? I am trying to receive a binary data from UDP in splunk, I have tested many method to achieve it, but it still doesn'... by matthewgao Engager in Getting Data In 10-31-2013 0 10	0	10
How do I use inputlookup to create table of string matches from raw events? I need to match strings contained in a .csv lookup file to the raw events since there are no field extractions for th... by digital_alchemy Path Finder in Getting Data In 10-30-2013 0 2	0	2
Filter windows events on indexer from a universal forwarder I've been beating my head against a wall with this for a few hours. My setup is I have a linux indexer with a few wi... by jstockamp Communicator in Getting Data In 10-30-2013 1 7	1	7
How long does/should it take to see syslog messages? I'm testing Splunk and am trying to capture syslog messages from a Cisco ASA. I only have the Splunk Cisco Firewalls ... by adrianp Path Finder in Getting Data In 10-30-2013 0 1	0	1
ImportError: No module named splunk.entity I'm running Splunk ver 6 on my current server. There is a known bug with CiscoIPS so I was recommended I create a new... by fraijof Explorer in Getting Data In 10-30-2013 1 3	1	3
why is splunkforwarder-6.0-182611-x64-release.msi sending mostly x00 why is the data from splunk forwarder --splunk-cooked-mkode-v3-- then about 103 x00 then the computername fillowed by... by lewis15 New Member in Getting Data In 10-30-2013 0 13	0	13
Splunk not indexing data for files Hi, I have the following events in my log files. These are tab delimited fields. The files are not getting indexed ... by sourabhguha Explorer in Getting Data In 10-30-2013 0 3	0	3
About REST API Hi! If you have cluster environment, do you access to the search-head to retrieve the index-servers info? Thanks, Y... by yuwtennis Communicator in Getting Data In 10-30-2013 0 1	0	1
Monitoring Windows local administrator group Hi, I want to monitor membership of the Local Administrators group on several of my systems. When I run the WMI qu... by cyrus494 Engager in Getting Data In 10-29-2013 0 1	0	1
Exclude tar files in inputs.conf Hello, Is there a way to "blacklist" or exclude tar.gz file with in a monitored directory in the inputs.conf file.... by tevgey23 Explorer in Getting Data In 10-29-2013 0 4	0	4
Quote delimited fields containing spaces In the past our iis logs were space delimited with the user agent field using the plus sign as an internal delimiter,... by kmattern Builder in Getting Data In 10-29-2013 0 1	0	1