Getting Data In

Community Activity

syslog priority/level not logged? Is there any way to distinguish the various priorities/levels of syslogged messages when viewed from Splunk? I don't ... by NK_1 Path Finder in Getting Data In 02-19-2013 0 3	0	3
Adavanced searches are too slow since they don't seem to make use of indexes Hey folks, Long time Splunk fan here. Initially when we started using Splunk, our queries were simple, and so search... by KA_splunk Explorer in Getting Data In 02-19-2013 2 11	2	11
Splitting sourcetype from a monitor input stanza I am using a Universal Forwarder to monitor the following directories and files, but somehow it is not routing it to ... by tsunamii Path Finder in Getting Data In 02-19-2013 0 2	0	2
Cisco IPS app not working - Error connecting to sensor I've "configured" the Splunk for Cisco IPS application, but I'm getting the following back from the scripted input: ... by aart_bos Loves-to-Learn in Getting Data In 02-18-2013 0 1	0	1
Have Alert on indexer send SNMP Traps to CA Spectrum network management server I have an alert on my windows 2008R2 indexer that calls sendsnmptrap.cmd (see link to script below). My question is i... by mship Path Finder in Getting Data In 02-18-2013 0 1	0	1
TIme Zone in Splunk Why time zone in Splunk 5.0.2 for Moscow (Russia) is +3? Must be +4! by PaVedme Engager in Getting Data In 02-18-2013 1 1	1	1
$decideOnStartup Remote Perfmon Hi Everyone. Perfmon logging used to work for me by placing what should have been in perfmon.conf into inputs.conf. ... by matthewcanty Communicator in Getting Data In 02-18-2013 0 6	0	6
DBX: when is the line "dbx-end-of-event" printed? I have a database input configured: [dbmon-tail://spa/dwf_rdfdirector_r] host = spa index = emc interval = auto ou... by micm Explorer in Getting Data In 02-18-2013 0 2	0	2
splunk netflow problem the nfdump log timestamp is way off. The date is off by more than a month. Every entry is Nov 13 at 3 AM. I have conf... by akertis New Member in Getting Data In 02-18-2013 0 2	0	2
TCP listener answered not all connections I have the problem, that the TCP listener on indexer xxpu031 answered not all connections. In the TCP dump below, the... by azanoli Explorer in Getting Data In 02-18-2013 1 7	1	7
How can I use Netflow in Splunk when it's on a Windows Box without buying more software? I'm in the middle of a POC of Splunk and would like to start putting my netflow data into it and be able to graphical... by Shane Explorer in Getting Data In 02-17-2013 0 2	0	2
Explain param name="search" can you pls explain tag,in all the examples they used index=_internal source=*metrics.log if i want to use .csv file... by mgraju New Member in Getting Data In 02-17-2013 0 1	0	1
Where does splunk store the logs? we are in the process of investigating splunk for our IT datacenter. Does splunk store the old events that occured ... by mihika Engager in Getting Data In 02-16-2013 2 4	2	4
mapping headers to data in csv I want to map headers to the data in the csv to search the fields as key=value pair, the sample log is shared below. ... by thirumalreddyb Communicator in Getting Data In 02-15-2013 0 1	0	1
IPS stops polling Hi, First off I want to say great app. Second I want to let you know that I'm new to Splunk and would real like som... by andy66 New Member in Getting Data In 02-15-2013 0 2	0	2
Processing Windows Event Logs Per the documentation available at the following URL... http://docs.splunk.com/Documentation/Splunk/latest/Data/Abou... by vragosta Path Finder in Getting Data In 02-15-2013 0 1	0	1
Splunk stopped collectiing Windows Event logs of Remote Hi, We have Windows 2008 R2 SP1 with splunk 5 installed in Domain network. We have configured to collect windows "S... by quipment New Member in Getting Data In 02-14-2013 0 3	0	3
Can universal forwarder export data from SQL Server to a Splunk instance? I have a MS SQL Server that manages some applications' log. I want to transport the log to a Splunk instance. Does th... by lzhang_soliton Path Finder in Getting Data In 02-14-2013 0 2	0	2
how to blacklist a log file what command should i use to blacklist a log file named(trc_*.txt)? Please help. by armaanxman Engager in Getting Data In 02-14-2013 0 1	0	1
Inconsistent fschange behaviour ? Actually I am either doing something wrong or this is somehow inconsistent. The following configuration for a textfil... by flo_cognosec Communicator in Getting Data In 02-14-2013 0 1	0	1
How to avoid duplicated event We have csv type of data file which is overwritten and with new data appended to the end every night. I found Splunk ... by hochit Path Finder in Getting Data In 02-14-2013 0 2	0	2
Indexing output of a live script correctly I posted something about this here: http://splunk-base.splunk.com/answers/75118/line-break-involving-line-of My las... by gnovak Builder in Getting Data In 02-14-2013 0 6	0	6
filtering on host I've setup a heavy forwarder so that some feeds are going to one set of indexers, and another feed is going to a diff... by a212830 Champion in Getting Data In 02-14-2013 0 2	0	2
Renaming multiple sourcetype How can i rename more than one soucrtypes? I have iis-2 iis-3 ... Can this work? [iis*] rename=iis by pdash Path Finder in Getting Data In 02-13-2013 0 1	0	1
Renaming fields in transforms.conf Hello, I was wondering what would be the impact of renaming fields that have been defined in transforms.conf. More sp... by adrianathome Communicator in Getting Data In 02-13-2013 0 2	0	2

Get Updates on the Splunk Community!

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2026-2027 SplunkTrust is officially open. If ...

Getting Data In

syslog priority/level not logged?

Adavanced searches are too slow since they don't seem to make use of indexes

Splitting sourcetype from a monitor input stanza

Cisco IPS app not working - Error connecting to sensor

Have Alert on indexer send SNMP Traps to CA Spectrum network management server

TIme Zone in Splunk

$decideOnStartup Remote Perfmon

DBX: when is the line "dbx-end-of-event" printed?

splunk netflow problem

TCP listener answered not all connections

How can I use Netflow in Splunk when it's on a Windows Box without buying more software?

Explain param name="search"

Where does splunk store the logs?

mapping headers to data in csv

IPS stops polling

Processing Windows Event Logs

Splunk stopped collectiing Windows Event logs of Remote

Can universal forwarder export data from SQL Server to a Splunk instance?

how to blacklist a log file

Inconsistent fschange behaviour ?

How to avoid duplicated event

Indexing output of a live script correctly

filtering on host

Renaming multiple sourcetype

Renaming fields in transforms.conf

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

SplunkTrust Application Period is Officially OPEN!

SC4S postfilter not dropping Fortigate east-west t...

PCAP Data contains media and audio file, Is it pos...

TA_Guardium API Add-on for Splunk

Transilience AI threat intel feed integration

I have question about Metrics

Getting Data In

Join the Conversation