Getting Data In

Community Activity

Do not see syslog data in Splunk I am trying to send syslog data and logs from an ftp server using ports: 514,5151, and 2001. I made sure that the se... by Kvista48 New Member in Getting Data In 10-15-2012 0 3	0	3
How to execute perl script in splunk Hi, Please help me to execute my perl script through splunk. I dont know where to keep that script and how to execut... by abhayneilam Contributor in Getting Data In 10-15-2012 0 4	0	4
1 Splunk server that indexes, but also duplicates raw data to 3rd party syslog We currently run 1 Splunk server that indexes all our data and whatnot, however there are requirements now that a 3rd... by hortonew Builder in Getting Data In 10-15-2012 0 2	0	2
Why does the REST endpoints only show data from the Search app? I have created a new app with many saved searches. And I have created a new view in this app. In this view I have cre... by andyk Path Finder in Getting Data In 10-15-2012 0 2	0	2
indexThreads: 24 cores , indexthread auto set to 8? Can we increaes it I have a system with 12 cores, (24 with hyperthreading). Splunk is setting the indexThread value to 8: index="_inter... by mkelderm Path Finder in Getting Data In 10-15-2012 0 1	0	1
indexThreads is set to auto how many threads does that mean? How can I tell how many threads have been allocated using the auto tune setting of indexThreads? --snip from indexs.... by DrewO Splunk Employee in Getting Data In 10-14-2012 0 5	0	5
difference between per_index_thruput and per_host_thruput? Volume when calculating per_index_thruput and per_host_thruput. However, when calculated as per_index_thruput and per... by khyoung7410 Communicator in Getting Data In 10-14-2012 0 2	0	2
Long running summary search and info_max_time vs info_min_time I'm running a summary search to calculate stats over 7 days. The summary is setting the timestamp as info_min_time. ... by the_wolverine Champion in Getting Data In 10-13-2012 0 1	0	1
how can I force splunk read file line by line I have a big file about 17G,when I input it as a file,splunk treat some record as multi-line. The file is UTF-8 Unico... by perlish Communicator in Getting Data In 10-13-2012 0 2	0	2
Question on Indexed data getting deleted Hello Guys, I have these very huge problem of indexed data getting deleted. Basically i am doing following steps. I... by mehal New Member in Getting Data In 10-12-2012 0 5	0	5
Segregate data from syslog Hi, We would like to know how to segregate the content of a syslog in different sources or source types. For exampl... by francois_pigeon New Member in Getting Data In 10-12-2012 0 1	0	1
Forward data into 3rd party systems using index instead of host? Good day i Read this document regarding to the forward data to third-party systems http://docs.splunk.com/Documenta... by christantoy Path Finder in Getting Data In 10-12-2012 0 5	0	5
Hardware load balancer between indexer and forwarder instead of auto-lb config? Hello. I'm working to create some forwarders in our DMZ to relay data from the DMZ to our internal indexers (current... by mfrost8 Builder in Getting Data In 10-11-2012 0 4	0	4
splunk behind a revproxy Hello, My setup: remote server: -I have a universal forwarder setup on a GlassFish server. splunk server (Splunk 4... by RobertFidler New Member in Getting Data In 10-11-2012 0 1	0	1
Universal forwarder monitor clean files In monitoring a file, it can get very large as the application creating the syslogs adds to it. The there any facilit... by JohnTelus New Member in Getting Data In 10-11-2012 0 1	0	1
Mystery Universal Forwarder This may sound silly, but we don't have the ability to see how some of our Universal Forwarders (UFs) are configured.... by reed_kelly Contributor in Getting Data In 10-11-2012 0 3	0	3
create index that keeps data by date, not size? I have many indexes in my environment, which all have a maximum size set. However, we would like to instead keep dat... by seanlon11 Path Finder in Getting Data In 10-11-2012 2 1	2	1
forwarding syslog data via UDP to 3rd party server. splunk docs instructions not working I tried the following and it did not work - http://docs.splunk.com/Documentation/Splunk/latest/Deploy/Forwarddatato... by jfraiberg Communicator in Getting Data In 10-11-2012 0 5	0	5
how to search host volume in index Hi I want to search several host include in indexes. last 24hour index name is a_1, a_2, a_3.... how to search? thank... by khyoung7410 Communicator in Getting Data In 10-11-2012 0 3	0	3
Adding ESX hosts to an existing Splunk server Hi, I've inherited a splunk server that was setup to receive to vmkwarning files from around 20 ESX hosts. Recently... by mikeyw New Member in Getting Data In 10-11-2012 0 3	0	3
nullqueue or nullQueue ? I saw this in transforms.conf : should if be nullQueue or nullqueue ? [send_to_nullqueue] DEST_KEY = queue REGEX ... by yannK Splunk Employee in Getting Data In 10-10-2012 2 2	2	2
ArchiveProcessor - Bypassing normal system/local/props.conf processing for .dat files inside archives? (4.3.4) I have a situation in which it would seem that for .dat files inside an archive I can not make it honor the settings ... by Lucas_K Motivator in Getting Data In 10-09-2012 0 1	0	1
Correct TIME_FORMAT for the following timestamp? Hello, I'm having trouble extracting the following timestamp for one source, is there someone here that can recommend... by infomedix New Member in Getting Data In 10-09-2012 0 5	0	5
Best way to change the inputs.conf file of a universal forwarder from deployment server. Can any one please let me know the best way to update the opt/splunkforwarder/etc/system/local/inputs.conf of univers... by ssankeneni Communicator in Getting Data In 10-09-2012 0 5	0	5
importing all the files available in a directory Hi, Can any body tell me how to import all the files of a particular directory in splunk at one go ? next time if I ... by abhayneilam Contributor in Getting Data In 10-09-2012 0 16	0	16