Getting Data In

Community Activity

Data not getting retrieved after indexing Hi, I am importing the data through the inputs.conf file : [default] host = XXXXXXXXXX [monitor://C:\Users\lg133108... by abhayneilam Contributor in Getting Data In 10-17-2012 0 4	0	4
how to forward data from file For example, i have two hosts. The data is in host1. Now the host2 need recived data, wheather i can send the data to... by perlish Communicator in Getting Data In 10-17-2012 0 1	0	1
Q: Sourcetype renaming I want to rename an 'old' sourcetype (access:mwp) into a new one (access:web:mwp). Does this work in my props.conf: ... by mkelderm Path Finder in Getting Data In 10-17-2012 0 1	0	1
Date Parsing Hello all, We have just encountered a problem with date parsing as we have progressed into the new month. Our log fi... by nickhills Ultra Champion in Getting Data In 10-16-2012 0 3	0	3
Unable to get universal forwarder to become active - Linux Hi, I have configured a basic splunk instance and it is indexing locally. I wanted to add a universal forwarder from ... by jplangan New Member in Getting Data In 10-16-2012 0 2	0	2
Indexer missing events from forwarder Scenario: 1x load balancer, 2x light forwarders, 1x indexer. The goal is to make it possible to reboot a single ... by crob6281 Explorer in Getting Data In 10-16-2012 2 7	2	7
Printer logs Hello, Is there any manual, where i can see how to collect print logs from remote machine? The printer from which i h... by aleksandarrrc Explorer in Getting Data In 10-16-2012 0 5	0	5
Changed Index Databse path - manager still shows old paths? I changed the path the index database should be store at with with the Manager>System settings>general Settings > ind... by johns3 Path Finder in Getting Data In 10-15-2012 1 1	1	1
File based statistics collection which have events covering large windows of time. I have a scheduled search that create statistics based on individual files. These searches run once per hour. ie. a ... by Lucas_K Motivator in Getting Data In 10-15-2012 0 1	0	1
Do not see syslog data in Splunk I am trying to send syslog data and logs from an ftp server using ports: 514,5151, and 2001. I made sure that the se... by Kvista48 New Member in Getting Data In 10-15-2012 0 3	0	3
How to execute perl script in splunk Hi, Please help me to execute my perl script through splunk. I dont know where to keep that script and how to execut... by abhayneilam Contributor in Getting Data In 10-15-2012 0 4	0	4
1 Splunk server that indexes, but also duplicates raw data to 3rd party syslog We currently run 1 Splunk server that indexes all our data and whatnot, however there are requirements now that a 3rd... by hortonew Builder in Getting Data In 10-15-2012 0 2	0	2
Why does the REST endpoints only show data from the Search app? I have created a new app with many saved searches. And I have created a new view in this app. In this view I have cre... by andyk Path Finder in Getting Data In 10-15-2012 0 2	0	2
indexThreads: 24 cores , indexthread auto set to 8? Can we increaes it I have a system with 12 cores, (24 with hyperthreading). Splunk is setting the indexThread value to 8: index="_inter... by mkelderm Path Finder in Getting Data In 10-15-2012 0 1	0	1
indexThreads is set to auto how many threads does that mean? How can I tell how many threads have been allocated using the auto tune setting of indexThreads? --snip from indexs.... by DrewO Splunk Employee in Getting Data In 10-14-2012 0 5	0	5
difference between per_index_thruput and per_host_thruput? Volume when calculating per_index_thruput and per_host_thruput. However, when calculated as per_index_thruput and per... by khyoung7410 Communicator in Getting Data In 10-14-2012 0 2	0	2
Long running summary search and info_max_time vs info_min_time I'm running a summary search to calculate stats over 7 days. The summary is setting the timestamp as info_min_time. ... by the_wolverine Champion in Getting Data In 10-13-2012 0 1	0	1
how can I force splunk read file line by line I have a big file about 17G,when I input it as a file,splunk treat some record as multi-line. The file is UTF-8 Unico... by perlish Communicator in Getting Data In 10-13-2012 0 2	0	2
Question on Indexed data getting deleted Hello Guys, I have these very huge problem of indexed data getting deleted. Basically i am doing following steps. I... by mehal New Member in Getting Data In 10-12-2012 0 5	0	5
Segregate data from syslog Hi, We would like to know how to segregate the content of a syslog in different sources or source types. For exampl... by francois_pigeon New Member in Getting Data In 10-12-2012 0 1	0	1
Forward data into 3rd party systems using index instead of host? Good day i Read this document regarding to the forward data to third-party systems http://docs.splunk.com/Documenta... by christantoy Path Finder in Getting Data In 10-12-2012 0 5	0	5
Hardware load balancer between indexer and forwarder instead of auto-lb config? Hello. I'm working to create some forwarders in our DMZ to relay data from the DMZ to our internal indexers (current... by mfrost8 Builder in Getting Data In 10-11-2012 0 4	0	4
splunk behind a revproxy Hello, My setup: remote server: -I have a universal forwarder setup on a GlassFish server. splunk server (Splunk 4... by RobertFidler New Member in Getting Data In 10-11-2012 0 1	0	1
Universal forwarder monitor clean files In monitoring a file, it can get very large as the application creating the syslogs adds to it. The there any facilit... by JohnTelus New Member in Getting Data In 10-11-2012 0 1	0	1
Mystery Universal Forwarder This may sound silly, but we don't have the ability to see how some of our Universal Forwarders (UFs) are configured.... by reed_kelly Contributor in Getting Data In 10-11-2012 0 3	0	3