Getting Data In

Community Activity

Monitor File Size My IDS system uses a file called snort.u2.xxxx. this file roles over every night during a service restart and starts ... by hartfoml Motivator in Getting Data In 10-17-2012 0 1	0	1
How do I remove Security event logs as one of my data inputs When I had initiall installed my forwarder I selected "security" as one of my inputs. Now I want to remove this as an... by aywong Path Finder in Getting Data In 10-17-2012 0 1	0	1
WIndows Splunk Forwarder Currently, during the installation of splunk forwarder, at one place it takes input of the directory path or file pat... by macwin Explorer in Getting Data In 10-17-2012 0 3	0	3
Data not getting retrieved after indexing Hi, I am importing the data through the inputs.conf file : [default] host = XXXXXXXXXX [monitor://C:\Users\lg133108... by abhayneilam Contributor in Getting Data In 10-17-2012 0 4	0	4
how to forward data from file For example, i have two hosts. The data is in host1. Now the host2 need recived data, wheather i can send the data to... by perlish Communicator in Getting Data In 10-17-2012 0 1	0	1
Q: Sourcetype renaming I want to rename an 'old' sourcetype (access:mwp) into a new one (access:web:mwp). Does this work in my props.conf: ... by mkelderm Path Finder in Getting Data In 10-17-2012 0 1	0	1
Date Parsing Hello all, We have just encountered a problem with date parsing as we have progressed into the new month. Our log fi... by nickhills Ultra Champion in Getting Data In 10-16-2012 0 3	0	3
Unable to get universal forwarder to become active - Linux Hi, I have configured a basic splunk instance and it is indexing locally. I wanted to add a universal forwarder from ... by jplangan New Member in Getting Data In 10-16-2012 0 2	0	2
Indexer missing events from forwarder Scenario: 1x load balancer, 2x light forwarders, 1x indexer. The goal is to make it possible to reboot a single ... by crob6281 Explorer in Getting Data In 10-16-2012 2 7	2	7
Printer logs Hello, Is there any manual, where i can see how to collect print logs from remote machine? The printer from which i h... by aleksandarrrc Explorer in Getting Data In 10-16-2012 0 5	0	5
Changed Index Databse path - manager still shows old paths? I changed the path the index database should be store at with with the Manager>System settings>general Settings > ind... by johns3 Path Finder in Getting Data In 10-15-2012 1 1	1	1
File based statistics collection which have events covering large windows of time. I have a scheduled search that create statistics based on individual files. These searches run once per hour. ie. a ... by Lucas_K Motivator in Getting Data In 10-15-2012 0 1	0	1
Do not see syslog data in Splunk I am trying to send syslog data and logs from an ftp server using ports: 514,5151, and 2001. I made sure that the se... by Kvista48 New Member in Getting Data In 10-15-2012 0 3	0	3
How to execute perl script in splunk Hi, Please help me to execute my perl script through splunk. I dont know where to keep that script and how to execut... by abhayneilam Contributor in Getting Data In 10-15-2012 0 4	0	4
1 Splunk server that indexes, but also duplicates raw data to 3rd party syslog We currently run 1 Splunk server that indexes all our data and whatnot, however there are requirements now that a 3rd... by hortonew Builder in Getting Data In 10-15-2012 0 2	0	2
Why does the REST endpoints only show data from the Search app? I have created a new app with many saved searches. And I have created a new view in this app. In this view I have cre... by andyk Path Finder in Getting Data In 10-15-2012 0 2	0	2
indexThreads: 24 cores , indexthread auto set to 8? Can we increaes it I have a system with 12 cores, (24 with hyperthreading). Splunk is setting the indexThread value to 8: index="_inter... by mkelderm Path Finder in Getting Data In 10-15-2012 0 1	0	1
indexThreads is set to auto how many threads does that mean? How can I tell how many threads have been allocated using the auto tune setting of indexThreads? --snip from indexs.... by DrewO Splunk Employee in Getting Data In 10-14-2012 0 5	0	5
difference between per_index_thruput and per_host_thruput? Volume when calculating per_index_thruput and per_host_thruput. However, when calculated as per_index_thruput and per... by khyoung7410 Communicator in Getting Data In 10-14-2012 0 2	0	2
Long running summary search and info_max_time vs info_min_time I'm running a summary search to calculate stats over 7 days. The summary is setting the timestamp as info_min_time. ... by the_wolverine Champion in Getting Data In 10-13-2012 0 1	0	1
how can I force splunk read file line by line I have a big file about 17G,when I input it as a file,splunk treat some record as multi-line. The file is UTF-8 Unico... by perlish Communicator in Getting Data In 10-13-2012 0 2	0	2
Question on Indexed data getting deleted Hello Guys, I have these very huge problem of indexed data getting deleted. Basically i am doing following steps. I... by mehal New Member in Getting Data In 10-12-2012 0 5	0	5
Segregate data from syslog Hi, We would like to know how to segregate the content of a syslog in different sources or source types. For exampl... by francois_pigeon New Member in Getting Data In 10-12-2012 0 1	0	1
Forward data into 3rd party systems using index instead of host? Good day i Read this document regarding to the forward data to third-party systems http://docs.splunk.com/Documenta... by christantoy Path Finder in Getting Data In 10-12-2012 0 5	0	5
Hardware load balancer between indexer and forwarder instead of auto-lb config? Hello. I'm working to create some forwarders in our DMZ to relay data from the DMZ to our internal indexers (current... by mfrost8 Builder in Getting Data In 10-11-2012 0 4	0	4