Getting Data In

Community Activity

Question about time searches Hello splunk community, I'm brand new at using the software and I seem to run into a point that I cant find any docum... by Antioch Path Finder in Getting Data In 06-20-2013 0 2	0	2
Integration of Imperva Database Activity Monitor (DAM)? Dear experts, would it make sense to integrate Splunk and Imperva DAM? Has anybody done it, who is willing to share h... by Paolo_Prigione Builder in Getting Data In 06-19-2013 2 1	2	1
Summary Index or not? All, We have Windows and Linux BIND DNS servers logging into one index in Splunk. Because of the way Windows logs do... by tradecraft1914 Explorer in Getting Data In 06-19-2013 0 3	0	3
Can you override host for an input? I have an input like the below. When I search for events from that input they have host=127.0.0.1. The app sending ... by juniormint Communicator in Getting Data In 06-19-2013 0 1	0	1
Event detection within a standard window? I need to perform a search that spans a days worth of logs looking for 5 identical events in a one hour window. Break... by jtyrrell New Member in Getting Data In 06-19-2013 0 2	0	2
combine search results with external data Hello, I have csv file with geo coordinates of my internal ip's. I dont know how to combine it with google maps. cou... by janfabo Explorer in Getting Data In 06-18-2013 1 4	1	4
Proper syntax for urls.conf with multiple URLs Can someone clarify the syntax for multiple urls in the urls.conf file please for the WebMon? The app is only picking... by sliderCO Explorer in Getting Data In 06-18-2013 0 5	0	5
Univeral forwarder not forwarding I have a problem with a universal forwarder as i configured on a domain controller to use with splunk app for active ... by systemsatpayzon Path Finder in Getting Data In 06-17-2013 0 6	0	6
Handle log rolling and index today's log file and yesterday's log file we have a scenario where we roll logs everyday. we want splunk to index log file for today and log file for yesterday... by samitroy New Member in Getting Data In 06-17-2013 0 1	0	1
Using Splunk as a log forwarder itself? I'm looking at Splunk to possibly replace a Kiwi Syslog server, however I don't see one of the features that Kiwi pro... by gjones4 New Member in Getting Data In 06-17-2013 0 2	0	2
Getting Data into iseries app I have multiple feeds coming into UDP:514, from this input I have ASA, ESA, and as400 data coming in. I have recentl... by jarjoh42 Path Finder in Getting Data In 06-17-2013 0 3	0	3
Splunk JMS Modular Input v1.2.2 I believe I have the JMS Modular Input app installed and running. How do I configure this to monitor a JMS queue on a... by braunra New Member in Getting Data In 06-17-2013 0 3	0	3
Windows Event logs in syslog format All our windows servers are sending security event logs to a central syslog server - they are not in Windows event lo... by wcgrech New Member in Getting Data In 06-14-2013 0 1	0	1
Do I need to restart a license slave if I change license master? If I need to move to another license master, do I have to restart my indexer? by dart Splunk Employee in Getting Data In 06-14-2013 0 1	0	1
Is Splunk the right tool for ESXTOP? Hello All, I'm outputting VMware esxtop data to a csv and was wondering if splunk was the right tool to index and us... by dbeez New Member in Getting Data In 06-13-2013 0 3	0	3
Index time not same as log message time I just setup another splunk server. Foolishly I forgot to turn on NTP and the system clock was way off. The first chu... by jalfrey Communicator in Getting Data In 06-13-2013 0 3	0	3
spliting multiple feed that use udp:514 I have multiple systems reporting over UDP:514. I want to separate the iron port email, Cisco ASA's, iseries as400, ... by jarjoh42 Path Finder in Getting Data In 06-13-2013 0 4	0	4
UF tries to open two connections at the same time on the same outbound port On several servers, the universal forwarder tries to open up two connections at the same time on the same outbound po... by sgarvin55 Splunk Employee in Getting Data In 06-13-2013 1 1	1	1
Monitor different sourcetype in sub-directories I have to monitor two source types in this following directory structure \\Server\Path\{can be any name}.log == > so... by lain179 Communicator in Getting Data In 06-13-2013 0 5	0	5
scripted input to run at top of minute Is it possible to tell Splunk to run a scripted input every 5 min at the top of the minute. Ie Script run at 11:05:00... by aaronkorn Splunk Employee in Getting Data In 06-13-2013 0 2	0	2
indexing, segmenting segments, pre-search I am a splunk newbie, so some obvious explanations might need further clarification. What I have: Advanced medical ... by fullofentropy New Member in Getting Data In 06-12-2013 0 2	0	2
How To Seperate WinEventLog events from two different domains Hey Everyone, I currently have events coming in from two different domains. I'm doing various transforms on the inde... by barne_dn Explorer in Getting Data In 06-12-2013 1 1	1	1
Find events occurring only between 08:00 and 17:00 M-F for the Month Hi, for an up time report - currently stumped. A CSV log that contains a Time column - values formatted as: 1/01/201... by edenzler Path Finder in Getting Data In 06-12-2013 1 4	1	4
Deployment Problems with SCCM I am currently testing deployment of the universal forwarder. The end goal is to have it on all windows computers so... by LiquidTension Path Finder in Getting Data In 06-12-2013 0 1	0	1
Multiple WMI sources in PROPS.conf Complete newb here, any help appreciated! props.conf [WMI:WinEventLog:Security] TRANSFORMS-set= setnulla,parse2003se... by philliphyatt New Member in Getting Data In 06-12-2013 0 2	0	2