Getting Data In

Discussions

Thread Info

Installing rpm as different user and not creating splunk user

Is it possible to install the universal forwarder rpm as a different user and not have the rpm create the "splunk" us...

by Splunk Employee in

fschange deprecated; what options are available

The 5.0 release documentation states that fschange is deprecated. We use this extensively for configuration change...

by Path Finder in

Identifying Windows hosts

I am trying to identify "windows hosts" that are logging to my Splunk indexer. Unfortunately, neither the hosts/serve...

by Communicator in

Configure NET-SNMP (Windows) for Splunk to send traps to NMS

I am having a heck of a time understanding NET-SNMP configuration and am hoping that has successful done this for win...

by Path Finder in

source:: rule in props.conf ignored?

I have an inputs.conf that looks like this: [monitor:///syslog/.../*.log] host_segment = 4 sourcetype = syslog ign...

by Splunk Employee in

MVExpand help

I asked a question earlier regarding the preformatting of a csv report which several multivalue fields (Preformat Aut...

by Path Finder in

Can't get filter to work on windows

Hello, I have a test script that writes out hello_d01 to hello_d10 every 5 seconds... for instance: 16:04:14.36 hel...

by New Member in

Checkpoint LEA and SSL authentication

Hi all, Does anyone try to use FWN1 auth method successfully instead of SSL one? I'm asking because it could be...

by Explorer in

OPSEC LEA - opsec_putkey fail

Hi, I'm trying to configure Splunk with Checkpoint. I have an error during the opsec_putkey on the splunk server :...

by Explorer in

OPSEC LEA log collection

Hi, Query over the OPSEC LEA log collection. Does the OPSEC add-on leave a copy of the logs on the CheckPoint prov...

by Engager in

Does Check Point OPSEC LEA support checkpoint version R71?

It's not listed as being supported, but I wondered whether anyone has tried it with this version..

by Contributor in

Multiple index locations for forwarder

Is there a way on the universal forwarder to send different data types to different indexers? For example, we want to...

by Splunk Employee in

PERFMON.CONF not forwarding any data to indexer -

I have installed Splunk forwarder on a Windows 2003 Server S2- 64-bit I have set the INPUTS.CONF,WMI.CONF to capture...

by Contributor in

Forwarded UDP - Check which forwarder

Hi there, I'm hoping this is a simple question... We have 50+ forwarders, and I'm trying to locate the forwarde...

by Path Finder in

no forwarder in splunk

I have installed splunk on machine 1 and universal forwarder on machine 2. I can see on forwarder: C:\Program File...

by Explorer in

Using Splunk Forwarder on syslog server to forward to splunk server

Syslogs already has all the logs from other server using snare udp 514 Do I need to configure anything on the splu...

by Explorer in

How to set data retention in indexes.conf

Hello, I have been trying to set an index retention policy on my indexer but it does not seem to be removing any o...

by Splunk Employee in

Streaming realtime results via the REST API?

How do you stream real-time results via the rest api? I've tried using the typical search submit method, which always...

by Engager in

Ubuntu 12.04 , rsyslog and splunk storm

Hi. I just setup a free account in splunkstorm and try to set up rsyslog base on the documentation and I didn't se...

by New Member in

csv with headers

Hi, I have a csv file with headers that needs processing. I want to 1) filter out the header and 2) have the field...

by Champion in

Getting Data In

Discussions

Installing rpm as different user and not creating splunk user

fschange deprecated; what options are available

Identifying Windows hosts

Configure NET-SNMP (Windows) for Splunk to send traps to NMS

source:: rule in props.conf ignored?

MVExpand help

Can't get filter to work on windows

Checkpoint LEA and SSL authentication

OPSEC LEA - opsec_putkey fail

OPSEC LEA log collection

Does Check Point OPSEC LEA support checkpoint version R71?

Multiple index locations for forwarder

PERFMON.CONF not forwarding any data to indexer -

Forwarded UDP - Check which forwarder

no forwarder in splunk

Using Splunk Forwarder on syslog server to forward to splunk server

How to set data retention in indexes.conf

Streaming realtime results via the REST API?

Ubuntu 12.04 , rsyslog and splunk storm

csv with headers

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Learn More or Register Now >

Unable to initialize modular input "checkpoint_ops...

PhantomRemoteSearch/Connecttosinglesplunk

AWS cloudwatch logs invalid key issue

Mitre Dashboard

Netwrix TA

Getting Data In

Discussions

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too! Learn More or Register Now >

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Learn More or Register Now >