Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Discussions
| Thread Info | |||||
|---|---|---|---|---|---|
|
hi,
I have this source showing in the splunk source=/opt/splunk/var/spool/splunk/singlehost.sample.sav
But when...
by
dhs_harry08
Path Finder
in
Getting Data In
05-13-2013
|
0
|
5
| ||
|
|
Hi. With some network devices to the server Splunk receives syslog-events. Time on these devices is set to GMT. Event...
by
imoskal
Engager
in
Getting Data In
06-07-2013
|
0
|
2
| ||
|
|
Hi,
I seem to be incapable of figuring out what regex to provide in the TIME_PREFIX for my source type in order to...
by
wouterr
Explorer
in
Getting Data In
06-06-2013
|
0
|
2
| ||
|
|
Have created a custom Perl script, added it to commands.conf - it finds the script just fine. The script outputs the ...
by
Greg_LeBlanc
Path Finder
in
Getting Data In
03-16-2011
|
0
|
5
| ||
|
|
I have configured Splunk to capture syslog data on UDP:514 of my router but do not see any log data being captured, n...
by
John_neville
New Member
in
Getting Data In
11-17-2010
|
0
|
2
| ||
|
|
i have a huge log file with events, i need to keep around 20-30 events and discard the rest. I have used a stanza in ...
by
trkalva
Engager
in
Getting Data In
06-05-2013
|
0
|
1
| ||
|
|
I'm indexing a bunch of CSV files provided by an external vendor over ftp ( mapped or synched to my local drive ) the...
by
leecaf
Explorer
in
Getting Data In
04-26-2013
|
0
|
1
| ||
|
|
I've installed the universal forwarder on a windows client to forward the data to my central log collecter which is a...
by
mathdewulf
New Member
in
Getting Data In
06-02-2013
|
0
|
6
| ||
|
|
A file I am monitoring looks something like the following
[timestamp] index=layer1 message="123456" [timestamp] in...
by
juniormint
Communicator
in
Getting Data In
06-05-2013
|
0
|
1
| ||
|
|
I'm considering a Splunk cluster setup, where the Search Heads and Indexers (Peers) will be managed using mounted kno...
by
Gutenburg
New Member
in
Getting Data In
06-04-2013
|
0
|
1
| ||
|
|
since are trying to separate out splunk forwarder config ("inputs.conf") according to indexer. we defined forwarder c...
by
amitj
New Member
in
Getting Data In
06-04-2013
|
0
|
6
| ||
|
|
I using the following command to retrieve a particular macro search result.
curl -k -u admin:admin https://
...
by
testingteam
Engager
in
Getting Data In
06-03-2013
|
0
|
2
| ||
|
|
How can I set my monitor in inputs.conf so that both of these directories are monitored- 1./var/lib/usr 2. /var/lib/n...
by
anna_kendrik
Engager
in
Getting Data In
06-04-2013
|
0
|
1
| ||
|
|
I'm setting up the Exchange App, data is received in the correct indexes however I'm not seeing data in all the dashb...
by
andykiely
Path Finder
in
Getting Data In
05-29-2013
|
0
|
1
| ||
|
|
I've realised that there is no default Date format, so every date is in timestamp format, and so not readable for the...
by
sbsbb
Builder
in
Getting Data In
05-30-2013
|
0
|
2
| ||
|
|
We have three (Windows 2008 R2) domain controllers sending events to a single Splunk collector. We need to reduce ou...
by
rmavery
Explorer
in
Getting Data In
06-03-2013
|
2
|
3
| ||
|
I try to parse out the timestamp of this line:
Jun 3 17:39:09 svlog.myserver.net svdcdev 04/29/2013 09:14:37 AM ...
by
FRoth
Contributor
in
Getting Data In
06-03-2013
|
0
|
1
| ||
|
|
I am looking for some assistance to be able to script this lookup for windows systems
tasklist /fo csv /v
any i...
by
diegosainz
Path Finder
in
Getting Data In
05-31-2013
|
0
|
1
| ||
|
|
I am thinking to use data duplication function in clustering environment. As I do not need to duplicate summary index...
by
Takajian
Builder
in
Getting Data In
03-04-2013
|
0
|
1
| ||
|
|
I have set up DB Connect on my Splunk 4.3 installation to provide an input that tails log data from a table. I didn't...
by
markmcd
Path Finder
in
Getting Data In
04-15-2013
|
0
|
2
| ||
|
|
Working on extracting some Key/Value pairs out of DB2's log files. I have a file like this:
[...snip...]
Buffe...
by
Ricapar
Communicator
in
Getting Data In
05-31-2013
|
1
|
2
| ||
|
|
My app is sending events to a TCP port that Splunk is monitoring. Rather than make the port number part of the config...
by
juniormint
Communicator
in
Getting Data In
05-31-2013
|
0
|
1
| ||
|
|
Good Afternoon! Does anyone have perl script or other method for converting a Huawei 450 byte CDR into text for use i...
by
bcarlson
New Member
in
Getting Data In
05-30-2013
|
0
|
2
| ||
|
|
Best recomended practices - Data Input config for Windows servers with the following roles IIS - SQL - Domain Control...
by
oneashraf
New Member
in
Getting Data In
12-07-2010
|
0
|
3
| ||
|
|
We have a rolling log for everyday and can tell which log belongs to which date based on the name. The events in the ...
by
aaronkorn
Splunk Employee
in
Getting Data In
05-30-2013
|
0
|
1
|
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
206 -
data
470 -
development
5 -
encryption
1 -
eval
2 -
field extraction
549 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
930 -
host
154 -
HTTP Event Collector
432 -
index
538 -
indexer
702 -
indexing performance
1 -
inputs.conf
826 -
installation
5 -
intermediate forwarder
140 -
introduction
3 -
JSON
388 -
kvstore
1 -
Linux
450 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
187 -
monitor
308 -
monitoring console
1 -
other
47 -
proactive Splunk component monitoring
2 -
props.conf
967 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
489 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
312 -
time
204 -
transforms.conf
572 -
troubleshooting
15 -
universal forwarder
1,539 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
582 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud
Ready to master Kubernetes and cloud monitoring like the pros?
Join Splunk’s Growth Engineering team for an ...
Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know
To Community SOAR App Developers - we're reaching out with an important update regarding Python 3.9's ...
October Community Champions: A Shoutout to Our Contributors!
As October comes to a close, we want to take a moment to celebrate the people who make the Splunk Community ...
Unanswered Topics
