Getting Data In

Thread Info

Problem with csv file import: how to prevent event doubling?

Hello, I am importing a csv file (database dump) with the following format: Header: FirstName; LastName; Ent...

by New Member in

I modified my wmi.conf and broke splunk

I now get "Failed to fetch data: In handler 'win-wmi-enum-eventlogs': Unable to get wmi classes from host '**'. This ...

by New Member in

Web Analytics - Debug a source

I have the Web Analytics running and I am going through and fixing the problems (since first of all it couldn't see a...

by Engager in

IIS Logs & WebIntelligence

Hi, I have problem on getting webintelligence app work. I am running splunk-5.0 on CentOS and installed webint...

by Engager in

Multiple server logs indexing

Hello, We have our application in multiple servers, we need to index the log files. two options to do that. ...

by New Member in

Memory and cpu usage does'nt update via WMI but Application and security logs are coming

I tried to get the logs from the remote computer by using the universal forwarder. While installing the universal ...

by Explorer in

Syslogging via tailing a logfile

Ideally, we'd like to modify the application to syslog directly for indexing by Splunk. In the meantime, is there any...

by Path Finder in

No results found. Inspect ...

Is there any option to display empty chart when no results found ?

by Builder in

handling unstructure data

Hi, As we all know SPLUNK can handle un-structure data. Could any one please let me know how SPLUNK can handle ...

by Contributor in

A splunktcp forwarder port is not configured in inputs.conf

Hi, I installed a heavy-forwarder, and will be monitoring some logfiles. I configured the inputs/outputs/props con...

by Champion in

Scripting user deletes - will the clean userdata -f command delete admin account?

Per documention, I can delete all userdata using ./splunk clean userdata -f http://docs.splunk.com/Documentation/S...

by Champion in

CSV and InputLookup

Ok, I am sure there is something here about this already, but I have looked for it and just can not seem to find i...

by Engager in

WMI on Windows 2012

My needs is monitor remote event logs over WMI where the WMI commands are sent from a Windows 2008 indexer and the ta...

by Explorer in

Removing data from splunk by Host

I put the universal forwarder on my computer to test splunk. Now that we have it up and running, I want to remove all...

by Path Finder in

Splunk Documents 404 & CSV Issues

Hi- For some reason every time I try to go to the documentation from within Splunk or from other links, I get a 40...

by New Member in

UF to HF ratio

From the field...... customers with large deployments, what is your ratio of UFs to HFs. We had about 2500 UFs report...

by Contributor in

Transform for sourcetype not working

I have setup a transform to ideally set the hostname and sourcetype for syslog traffic, however I'm encountering prob...

by Explorer in

how do I untar the app for Windows... why wouldn't it be zipped?

I have the Windows app downloaded, but it is in a tar.gz format.

by New Member in

Sourcetype -too_small

Just wanted to know how I can stop this from appearing. I've seen other answers saying that its due to the number of ...

by Communicator in

rsyslog question

Hi, This isn't a splunk question, but I figure this community probably has a lot of people who use rsyslog... I...

by Champion in

Splunk v5 Forwarder

Does anybody know, or could advise whether v5 can be used as a heavy forwarder to a 4.3 back end please? I did read t...

by Builder in

Can I monitor Active Directory with Splunk?

I have an Active Directory with several domain controllers. How can I monitor all activity in the Active Directory wi...

by Splunk Employee in

forwarder not compressing despite being told to do so

Hi There. I have 2 matching forwarders pointed to an indexer. One compresses, one doesn't. Any ideas why? Machine ...

by New Member in

dispatch logs incoming from one source to multiple indexes

Dear all, I have syslogs of several firewalls incoming from a TCP port. I would like to dispath the logs of eac...

by Explorer in

Tracing Response time of apache using splunk

I am tracking the response time(in seconds) of the pages served by apache using "%T" and i would like to track all th...

by Engager in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Problem with csv file import: how to prevent event doubling?

I modified my wmi.conf and broke splunk

Web Analytics - Debug a source

IIS Logs & WebIntelligence

Multiple server logs indexing

Memory and cpu usage does'nt update via WMI but Application and security logs are coming

Syslogging via tailing a logfile

No results found. Inspect ...

handling unstructure data

A splunktcp forwarder port is not configured in inputs.conf

Scripting user deletes - will the clean userdata -f command delete admin account?

CSV and InputLookup

WMI on Windows 2012

Removing data from splunk by Host

Splunk Documents 404 & CSV Issues

UF to HF ratio

Transform for sourcetype not working

how do I untar the app for Windows... why wouldn't it be zipped?

Sourcetype -too_small

rsyslog question

Splunk v5 Forwarder

Can I monitor Active Directory with Splunk?

forwarder not compressing despite being told to do so

dispatch logs incoming from one source to multiple indexes

Tracing Response time of apache using splunk

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...

AppDynamics is now part of Splunk Ideas

Advanced Splunk Data Management Strategies

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

splunkd.log errors and broken fishbucket on splunk...