Getting Data In

Community Activity

Confused about universal forwarding file monitoring I have setup a monitor for '/opt/vimana/tenant/*/log/vimana.log'. When I do 'splunk list monitor' I get this: Monito... by systeminsights New Member in Getting Data In 11-21-2012 0 2	0	2
Scripted input with cURL I would like to have splunk index the output of cURL but instead of seeing the entire html I'd like to be able to hav... by jedatt01 Builder in Getting Data In 11-21-2012 0 3	0	3
Is windows admin access required to run locally installed instance of splunk This question deals with making a locally installed instance of Splunk available to end users who do not have admin p... by mikefoti Communicator in Getting Data In 11-21-2012 0 4	0	4
How to save the table Hi all , i created the table using below query ..i want to save this table kindly help me.. source="C:\Users\20875\... by splunkpoornima Communicator in Getting Data In 11-20-2012 0 1	0	1
Blacklisting clarification I am attempting to blacklist all files that end with these extensions in my inputs.conf file. The blacklist is not wo... by Voltaire Communicator in Getting Data In 11-20-2012 0 8	0	8
Is there a config file checker? If there isn't, how do I find the errors in my configuration files? What index & search string should I use to find ... by lguinn2 Legend in Getting Data In 11-20-2012 6 5	6	5
Splunk timeouts Hi guys, We would like to assign role-based timeouts for users for Splunk. There are a few admin AND non-admin user... by asarolkar Builder in Getting Data In 11-20-2012 1 1	1	1
"Splunk could not get the description for this event", 4.3.2 Universal Forwarder, Server 2008 R2 I recently deployed 4.3.2 Universal Forwarders to Windows Server 2008 R2 DCs. Since then, Splunk has been picking up ... by groundLoop New Member in Getting Data In 11-20-2012 0 2	0	2
ERROR TcpInputProc - Received unrecognized signature POST / HTTP/1.1 Hi, I configured Splunk to receive tcp request on port 9000. I configured as well props.conf to parse xml file: [wsd... by natalija New Member in Getting Data In 11-19-2012 0 3	0	3
Splunk stops recording events on hosts Greetings, Ever since upgrading to Splunk5 I've had an issue where after a random amount of time Splunk will quit log... by gmachacek Engager in Getting Data In 11-19-2012 0 4	0	4
WMI route to nullQueue based on host. Is it possible? When retrieving EventLogs through WMI, the host value is assigned by a system/detault/props.conf config: [wmi] TRANS... by Paolo_Prigione Builder in Getting Data In 11-19-2012 0 1	0	1
Monitor Whitelist File extensions Hey guys, I guess this is a simple question but all the answers I look at seem very complicated for what I want. I wa... by SplunkUser5888 Path Finder in Getting Data In 11-19-2012 0 2	0	2
can't recieve isDeleted=True when delete user account in AD. There are no any events with admonEventType=Update and isDeleted=TRUE when i delete user account, or OU from Active d... by sundukevi4 Engager in Getting Data In 11-19-2012 1 1	1	1
delete command Hi all, while i am using delete command to remove my data inputs, i am not able to do that. an error called client do... by sruthy Explorer in Getting Data In 11-18-2012 0 1	0	1
VMware ESX/ESXi Log Files I was wondering how everyone is collecting there VMware ESX/ESXi log files? How are you getting them from the server ... by Michael_Schyma1 Contributor in Getting Data In 11-18-2012 0 3	0	3
Apply line breaking and route fschange fullEvent to a different index When the fschange input indexes the full event, I would like to change the sourcetype, apply line breaking rules, and... by responsys_cm Builder in Getting Data In 11-16-2012 1 2	1	2
fschange tracking $SPLUNK_HOME/var/lib/splunk/persistantstorage contains a file fschangemanager_state. This seems to be s SQLite 3.x da... by rroberts Splunk Employee in Getting Data In 11-16-2012 0 1	0	1
Looking for a way to show real time what splunk is indexing/ingesting regardless of log timestamp (feature request?) When you perform a realtime search (ex 5 minute window) it is using the log's timestamp. As I'm trying to troubleshoo... by Runals Motivator in Getting Data In 11-16-2012 0 2	0	2
Splunk don't show Option in Windows Event Log Hi, When i click on 'Windows Event Logs' in Add data to Splunk ( please see the below Print-screen ) I am getting o... by parmatma Engager in Getting Data In 11-16-2012 1 1	1	1
Splunk indexer tiers - Can we have a second tier for "cold" data only? We have 10+ splunk indexer cluster. However, the disk capacity on these machines is not large enough to hold all our... by nicholasgrabows Path Finder in Getting Data In 11-15-2012 0 11	0	11
Change host name at search time I have a search like this sourcetype=foo \| stats count by host I have 8 hosts that report to this search and all of... by hartfoml Motivator in Getting Data In 11-15-2012 0 2	0	2
Radware 4408 and Splunk Is there a Splunk for Radware app? I work with a company that is deploying Radware 4408's. A google indicates Radwa... by davidanso Explorer in Getting Data In 11-15-2012 2 1	2	1
fschange not indicate a folder for the local machine fschange not indicate a folder for the local machine (windows) inputs.conf [fschange://C:\testing] index = test poll... by klychnikov Explorer in Getting Data In 11-15-2012 0 1	0	1
drop down menu with source Is it not possible to create a Drop Down menu populating source files as the input? I have tried using both simple xm... by smolcj Builder in Getting Data In 11-15-2012 0 16	0	16
Clearing input and index data How can I delete input data and index date to start from scratch ? Thank you Markus by huaraz Explorer in Getting Data In 11-15-2012 0 4	0	4