Getting Data In

Community Activity

Parse date without having a time Hi all, I'm trying to index some csv files which contains data without a timestamp. I only have the date which is pa... by OL Communicator in Getting Data In 10-09-2013 2 3	2	3
Timestamps not recognised correctly I am quite new to Splunk. I'd be really grateful if you could point me towards the fix of the problem. Environment :... by SRIVATSAN_IYER Explorer in Getting Data In 10-09-2013 2 8	2	8
inputs.conf not being processed- Windows I would like to have all Windows servers send all their event logs to my "windows" index, except for the domain contr... by peterfilardo Explorer in Getting Data In 10-08-2013 0 6	0	6
Filtering Events, Creating Custom Fields and Discarding Raw Data at index time I'm attempting to minimize the amount of data Splunk indexes, but i'm dealing with very large log files. At the momen... by tradevine Engager in Getting Data In 10-08-2013 0 4	0	4
VCS Cluster and Splunk Hi Splunk, I have a series of hosts that have been built on (VCS) HA clusters, and I'd like to get them forwarded in... by _gkollias Builder in Getting Data In 10-08-2013 1 2	1	2
Average over time I apologize if this has already been posted, but I think I am not really sure how to word the question. I am ingestin... by bcross64 Explorer in Getting Data In 10-08-2013 1 2	1	2
DB Connect with SHP - multiple Java bridge processes? If I'm attempting to provide a bit of redundancy / high availability for my database inputs by installing DB connect ... by sowings Splunk Employee in Getting Data In 10-08-2013 0 3	0	3
HTTPS authenticated input source I have some data that I can access from Web Browser (via authenticated HTTPS). The data is plain text. I would like... by vijayansundarar New Member in Getting Data In 10-08-2013 0 10	0	10
Timestamp not added to CSV correctly I've set up a DBConnect database input with output.format=csvh and output.timestamp=1. When rows are read, the times... by richgalloway SplunkTrust in Getting Data In 10-08-2013 0 1	0	1
log with key value pair or transforms.conf performance diffrence? Hi, to gain index size I made the log format as below. I didn't use key value pair. 20121101095842\|192.168.1.2\|KRQQ... by jazzythemartian New Member in Getting Data In 10-08-2013 0 4	0	4
help with event filtering - excluding events before indexing I have an overload of events no one wants and are eating up our license so I did the following and it is not working... by ebailey Communicator in Getting Data In 10-08-2013 0 6	0	6
Question on monitoring file Hi i am trying to monitor some file in var/log on ubuntu. There is 4 file (auth.log,auth.log.1,auth.log.2.gz,auth.log... by darksky21 Path Finder in Getting Data In 10-08-2013 0 10	0	10
Splunk not receiving syslog messages Hi All, I've installed Splunk on a Windows 2008R2 server and am trying to get it to receive syslog messages on the d... by jslater Engager in Getting Data In 10-07-2013 1 3	1	3
Persistent Queues and index clustering I've recently increased queue sizes on our indexers in our index cluster manually (editing the inputs.conf on the ind... by ckurtz Path Finder in Getting Data In 10-07-2013 0 3	0	3
Extraneous Space in Timestamp I read in syslog data from a network appliance that uses space delimited fields and have been experiencing an issue i... by wbordeau Explorer in Getting Data In 10-07-2013 0 2	0	2
Bad request error from C# API I am attempting to connect to our Splunk API instance via the C# API to do a search and I am receiving a 400 Bad Requ... by wdthem Explorer in Getting Data In 10-07-2013 0 2	0	2
json in splunk is ignoring the timestamp Hi I currently have the following json in splunk: {"first_name": "john", "last_name": "black", "timestamp": "2013-09... by anthonycopus Path Finder in Getting Data In 10-06-2013 1 1	1	1
Whitelist not matching I have a whitelist to limit how far back splunk looks to import our syslogs from our ASA. The regex that I am using i... by ejbrownie New Member in Getting Data In 10-05-2013 0 2	0	2
How to seperate different index and sourcetype? HI, I have one Splunk server. I would like to receive data from some servers and network devices. 1 I would send F5... by johnwyane New Member in Getting Data In 10-05-2013 0 3	0	3
Getting interesting field's data for Custom Command's Calculation Hi everyone, I am doing a custom command for some calculation, and i needed one of the fields which I have loaded in ... by bloodstrife Engager in Getting Data In 10-04-2013 0 3	0	3
How would i calucate the no of days that the data is present in my indexes ?? Hi.. I have certain indexes say "myperf" and "myapp" of 60 GB Size . Now in these indexes i need to calucalte how ma... by rakesh_498115 Motivator in Getting Data In 10-04-2013 0 1	0	1
Field Extraction I am trying to extract a field from the following lines but the field extraction does not result in a Field. The samp... by gjohnson New Member in Getting Data In 10-04-2013 0 4	0	4
Using Splunk Uni Fwd 6.0, on Splunk 5.0.2 Backend Can I start deploying 6.0 Splunk Forwarders, while I plan my migration from 5.0.2 Backend ? I have some realife case... by Ulfb Explorer in Getting Data In 10-04-2013 0 1	0	1
Input First Line of File I have the requirement of inputing only the first line of a file. The first line is of interest then the rest of the... by cdobie New Member in Getting Data In 10-03-2013 0 1	0	1
transforming timestamps We have JSON data coming into Splunk. When it appears in Splunk the events shows a timestamp like 10/2/13 7:07:26.00... by amanteja Path Finder in Getting Data In 10-03-2013 0 4	0	4