Getting Data In

Discussions

Thread Info

not all sourcetypes showing on the web drop down menu for sourcetype

Hi, When I add new data to Splunk I dont see all the SourceTypes being displayed on the drop down. If I select 'cr...

by Explorer in

How to list hosts with no events

Hi! I'm trying to find out hosts that are not sending any data to Splunk at certain time frame. Using command "host=*...

by Explorer in

How to exclude files and folders from monitoring

This is with respect to my earlier post /root monitoring. Now I am able to captured activities done under /root, But...

by Explorer in

Can Universal forwarder forward the delta changes from a file to splunk instance?

I need to know if a universal forwarder could send only the delta changes in a log or need to forward the hole log to...

by Builder in

How do I ensure the security of Splunk itself ? Tampering with Splunks's indexes, events, eventtypes, etc. ?

As a for instance, I logged in as an "admin" and clicked on "Disable" on an event type. I searched using index = _aud...

by Explorer in

REST API Python - Issue with pulling results before search job is done.

I wrote a script in Python to run a search query and return the results. The code to send the search query is: sid...

by New Member in

Search a particular source based on earlier search

Hi , I have user logs which are thousands in number per day. Iam trying to isolate users who had issues and then ...

by New Member in

props.conf

Does props.conf go on a forwarder or on the main splunk server?

by Communicator in

Extracting hostname from filename - inputs.conf on UF - host_regex issue

Having an issue with bluecoat logs that are dropped on a server with a UF. Attempting to extract the hostname with th...

by Path Finder in

too_Small Sourcetype

What would cause a file being indexed to have a sourcetype of SOAMetrics-too_small ? I am not assigning that sour...

by Communicator in

Preformat Automatic Report - CSV

I have written a report that I wish to have delivered automatically by Splunk in a csv file so I can open it in excel...

by Path Finder in

Index past logs under one source

I was wondering: Is there a way to index past logs and still have them show up as just one source? Example: I h...

by Builder in

Monitoring the delta changes ( new changes ) in an error logs

Hello Splunk Expert, The situation: I have a logs file around 10 MB generated from web application errors. this lo...

by Builder in

Splunk search of indexed CSV file does not pull out all the fields

Hi, Splunk newbie here... I am trying to get a csv file of performance metrics into Splunk. Briefly, there are about...

by Explorer in

using access-combined I am not able to get the correct date

I am having problems getting splunk to read my log file correctly. as you can see from the below example, the reporte...

by New Member in

splunk add forward-server IP:PORT -auth user:pass - For UDP ???

Hi, Please i need to use de UDP protocol to add Forwarders (Universal in my case) buy supoust its de same command ...

by New Member in

overwite of logging data

Hi all How/where do I set inside splunk so that the logging data(ie syslog data) can be overwrite in X number of m...

by New Member in

How to configure Universal and Heavy forwarders to filter syslog data for VMware and Cisco traffic then route to their respective index?

I have the following config: 1 Splunk Indexer1 Universal Forwarder1 Heavy Forwarder Here is what is working......

by Explorer in

Splunk 4.2 Universal Forwarder *nix app install via CLI

I am running a Linux box as an indexer and have multiple servers feeding data back to the index. The issue I am havin...

by Engager in

How do I get Splunk to log Cisco ASA Bad Password Attempts?

I am trying to log "Bad Passwords" or "Access Denied" attempts on the ASA and alert on them with Splunk: I have th...

by New Member in

What is the security measures that i should take when introducing universal forwarder on a production environment?

Hello Splunkies, I need to know what are the security measures that is should take if i want to introduce universa...

by Builder in

Cisco ASA Logging of Bad Password Attempts

I am trying to log "Bad Passwords" or "Access Denied" attempts on the ASA and alert on them with Splunk: I have th...

by New Member in

Need to parse the data

Data: [2013-03-17 23:48:23,472] [[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] I...

by Path Finder in

Splunk free license, maximum sizes per day of data

i need to know is if i'm sending 10 MB file to splunk instance free license from a universal forwarder and splunk onl...

by Builder in

Using field values in a bash script

Hello, I'm trying to write a shell script in response to attempted ssh logins from multiple IP addresses. I have u...

by New Member in

Get Updates on the Splunk Community!

Getting Data In

Discussions

not all sourcetypes showing on the web drop down menu for sourcetype

How to list hosts with no events

How to exclude files and folders from monitoring

Can Universal forwarder forward the delta changes from a file to splunk instance?

How do I ensure the security of Splunk itself ? Tampering with Splunks's indexes, events, eventtypes, etc. ?

REST API Python - Issue with pulling results before search job is done.

Search a particular source based on earlier search

props.conf

Extracting hostname from filename - inputs.conf on UF - host_regex issue

too_Small Sourcetype

Preformat Automatic Report - CSV

Index past logs under one source

Monitoring the delta changes ( new changes ) in an error logs

Splunk search of indexed CSV file does not pull out all the fields

using access-combined I am not able to get the correct date

splunk add forward-server IP:PORT -auth user:pass - For UDP ???

overwite of logging data

How to configure Universal and Heavy forwarders to filter syslog data for VMware and Cisco traffic then route to their respective index?

Splunk 4.2 Universal Forwarder *nix app install via CLI

How do I get Splunk to log Cisco ASA Bad Password Attempts?

What is the security measures that i should take when introducing universal forwarder on a production environment?

Cisco ASA Logging of Bad Password Attempts

Need to parse the data

Splunk free license, maximum sizes per day of data

Using field values in a bash script

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Re-ingest Windows logs across enterprise

SC4S Syslog server update fails during download wi...

Event break multiline PowerShell Transcript Log

uberAgent

.NET Application Runtime Metrics Not Showing in Sp...

Getting Data In

Are you a member of the Splunk Community?

Discussions