Getting Data In

Discussions

Thread Info

sed combined help

I am using the following to clean up output: rex mode=sed field=search_google2 "s/\%20/ /g";"s/\%5B/[/g" | rex mod...

by Contributor in

CSV 101 rows only

Everytime a email alert is sent, it contains a CSV file (as attachment) that only contains 101 rows even though the a...

by Path Finder in

Order of fields in json java

For java sdk, output mode as json, I am getting fields sent from splunk and their values as json. But how ever is the...

by Path Finder in

日本語を含むタイムスタンプの設定方法

以下のような日本語を含むタイムスタンプをSplunkに認識させるにはどのような設定が必要ですか？ 金 3月 22 11:24:40 2013: Total time in the report period (60.00...

by Path Finder in

splunk list monitor directories or files

Hi, When I execute command splunk list monitor: I see that there are two different types of monitoring: Monitored ...

by Explorer in

Deployment client as Universal Forwarder

I have made the UF as the deployment client. In the deployment server I have created an app that have the inputs.conf...

by Path Finder in

importing IP List

Sorry in advance to the newbie question but, is there a way to import a list of IP addresses into splunk search query...

by Explorer in

whitelist and blacklist input

Hi, I am trying to construct an input.conf stanza + whitelist/blacklist rule to look for the following: accept all...

by Path Finder in

Limit on number of open files when reading syslog-ng logfiles

Hi, I like the method of indexing files as they appear in the syslog-ng log directory where each host goes to a diffe...

by Explorer in

Will Splunk re-index if inputs.conf changes and a file is rotated?

I have a large number of Universal Forwarders that forward Apache access logs. On my systems, the apache access logs ...

by Builder in

xml file : grouping in a column

Hello, I want to put several single in a same column so I add the attribut grouping in my xml file but I have a pr...

by Communicator in

How to verify if Splunk Forwarder is receiving the data on a UDP port

How can I verify if my universal forwarder is receiving the data on the UDP port ? I don't see any thing in my splunk...

by Communicator in

Folder Monitoring

I would like create a monitor/alert that looks for a *.msg file in a particular folder on the quarter hour. Any advic...

by Path Finder in

source/sourcetype defined by folder names

is it possible to define the source and sourcetype fields to match a folder name? On each server our log structure fo...

by New Member in

Heavy Forwarder and Loadbalancing

Hello, Here at my company we have one search head and three indexers.... We have a standalone server that has an H...

by Explorer in

How to filter out any directory starts out with "."

I am monitoring a series of directories. I want to blacklist any (sub)directories that is starting with a ".". i....

by Explorer in

Monitoring intranet

Hello, I'm new to Splunk. On my server (Linux) I have splunk and a internal web site. Now I need to monitor the Wordp...

by Engager in

Sending syslog from MachineA to ServerB..Thru port 514. Not successful.

Can anyone give me any hint about this? I have splunk installed in ServerB, Windows server 2008 and i have MachineA, ...

by Engager in

Anonymize data by editing your own custom script

May I know if there is any way to anonymise/mask the data in our search results by using our own custom commands, by ...

by Engager in

How can I re-index all the data in my environment?

I have a datacenter with a single Splunk server indexing data from all the local servers. I just updated all the sour...

by Explorer in

Extract a Value from a Field

Terminology might be off, but I'll give the exact example: "The session setup from computer 'NOCSERVER_A123' failed ...

by New Member in

Log file is not getting indexed

We have a custom application log file which looks something like below, this file is not getting indexed with the 1s...

by Engager in

incorrect host names

I extracted the host names wrong, and now I have extra names in my Splunk. Example: Server01 vs. Server1 and Server02...

by Communicator in

Does anyone know why TZ change would cause a re-index?

I'm taking iis logs from an Exchange server via a forwarder on that system. Originally I had TZ = GMT on the etc/syst...

by Motivator in

script to run for the scheduled report

Can the script take parameters? e.g. foo.sh arg_1 arg_2 arg_3 Splunk runs the script from $SPLUNK_HOME/bin/script...

by Builder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

sed combined help

CSV 101 rows only

Order of fields in json java

日本語を含むタイムスタンプの設定方法

splunk list monitor directories or files

Deployment client as Universal Forwarder

importing IP List

whitelist and blacklist input

Limit on number of open files when reading syslog-ng logfiles

Will Splunk re-index if inputs.conf changes and a file is rotated?

xml file : grouping in a column

How to verify if Splunk Forwarder is receiving the data on a UDP port

Folder Monitoring

source/sourcetype defined by folder names

Heavy Forwarder and Loadbalancing

How to filter out any directory starts out with "."

Monitoring intranet

Sending syslog from MachineA to ServerB..Thru port 514. Not successful.

Anonymize data by editing your own custom script

How can I re-index all the data in my environment?

Extract a Value from a Field

Log file is not getting indexed

incorrect host names

Does anyone know why TZ change would cause a re-index?

script to run for the scheduled report

Fall Into Learning with New Splunk Education Courses

Super Optimize your Splunk Stats Searches: Unlocking the Power of tstats, TERM, and ...

How Splunk Observability Cloud Prevented a Major Payment Crisis in Minutes

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025

Edge Processor Destination not showing up in Pipel...

Getting Data In

Are you a member of the Splunk Community?

Discussions