Getting Data In

Thread Info

Checkpoint with Splunk on Windows

Does the Checkpoint LEA app work on windows? or has anyone tweaked it to work?

by Splunk Employee in

Limit REST concurrent searches for a user/role?

I have a user that wants REST access. Can I limit the number of concurrent searches for a user so I can be confident ...

by Path Finder in

Accessing Splunk Resources for a remote splunk server. REST

I want to access a Splunk remote server that has the same subnet mask, but of a different network from the client com...

by Communicator in

Universal Forwarder failing to keep up

I have a RH EL6 system receiving udp 514 traffic from network equipment and writing to a file /data/log/messages. The...

by Explorer in

Universal Forwarder and folder monitoring

I installed a universal forwarder on my workstation to test monitoring some server directories for changes. during t...

by Path Finder in

How to remove the inputs that are given at time of universal forwarder installation

Hi I've installed the splunk indexer on linux machine and universal forwader on a windows machine.While installing...

by Path Finder in

WinEventLog - ignoreOlderThan = 2d

We are updating the inputs.conf, with config so we can monitor the event logs as well as IIS logs. With the IIS lo...

by Engager in

JobSpinner module replacement

Can the JobProgressIndicator module be directly replaced with the JobSpinner module? I only get a green loading box i...

by New Member in

Logging windows application usage

Is there a way I can use Splunk to log Windows application usage? I need to be able to see what applications were ...

by Explorer in

How can I force correct separation of events?

Apologies if this is a silly question, but I'm new to splunk. I'm attempting to set up a sourcetype that will corr...

by Explorer in

What configuration settings are used by universal forwarders?

Does anyone have a specific listing of what configuration options are honored by the universal forwarder and which on...

by Super Champion in

Reading log4j from syslog files

Hi all, testing out Splunk, and wondering is there some kind of out-of-the-box solution to correctly process syslo...

by New Member in

Capturing logs using regex

Hi,I've below log lines in below format: 1) D:\SystemX\XManager\TEST1_XM_5_1_0_361\Director\GenericService.log ...

by Path Finder in

input type="time"

I'm using <input type="time"> in my form, but I can't figure out how to make the subsequent tables actually "...

by Path Finder in

howto? selfmade script output on windows send to linux indexer

Dear Splunkers, I'm running my indexer on a redhat machine. On a Windows machine in our environment I'm going to r...

by Path Finder in

Parsing SIP multiline, multiformat events

Hi, I'm trying to parse some logs generated by Broadsoft SIP servers. The log formats follow a general pattern but th...

by Path Finder in

Is it possible to log the local time on the incoming logs ?

Is it possible to log the local time on the incoming logs ? If the log's time is different those logs are missed ...

by Communicator in

log4j showing Hexadecimal in Preview

Hello I have a log file made through a log4j on a windows box. I open it through Kate 06-12-12 20:20:32 THD=330...

by New Member in

Is there a way to maintain the source IP of the UDP syslog packet when forwarding to a 3rd party syslog listener?

If a 3rd party system looks at the UDP packet to determine the source "Host", is there a way for Splunk to spoof that...

by Splunk Employee in

Forwarder-side filter not working

Hello, we've set up a transforms.conf filter in one of our forwarders (to lower indexed volume per day), but the conf...

by Explorer in

Remove data when it ages

Hi, I saw the doc on how to remove data when it ages. Most of my log data goes to the default index db which is "main...

by Builder in

Can the logging location of a 'NIX Universal Forwarder be changed?

I want the UF's logging to be in /var/log/splunk not subordinate to $SPLUNK_HOME is there a Splunk UF parameter that ...

by Engager in

How do we disable dupliacte events to display in the search results

Hi For Every Search Query i excute . I could see the list of the dupliate events associated with each search quer...

by Motivator in

Splunk App for Exchange: DNSLB shows as N/A

Hi I have the app working great. I'm a bit confused on what DNSLB needs to get out. We're using a proxy to access ...

by Path Finder in

splunk unable to run exe file when execute batch

Hi, I tried to run a batch file which can execute my exe file whenever splunk. But it seems that my exe file wi...

by New Member in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Checkpoint with Splunk on Windows

Limit REST concurrent searches for a user/role?

Accessing Splunk Resources for a remote splunk server. REST

Universal Forwarder failing to keep up

Universal Forwarder and folder monitoring

How to remove the inputs that are given at time of universal forwarder installation

WinEventLog - ignoreOlderThan = 2d

JobSpinner module replacement

Logging windows application usage

How can I force correct separation of events?

What configuration settings are used by universal forwarders?

Reading log4j from syslog files

Capturing logs using regex

input type="time"

howto? selfmade script output on windows send to linux indexer

Parsing SIP multiline, multiformat events

Is it possible to log the local time on the incoming logs ?

log4j showing Hexadecimal in Preview

Is there a way to maintain the source IP of the UDP syslog packet when forwarding to a 3rd party syslog listener?

Forwarder-side filter not working

Remove data when it ages

Can the logging location of a 'NIX Universal Forwarder be changed?

How do we disable dupliacte events to display in the search results

Splunk App for Exchange: DNSLB shows as N/A

splunk unable to run exe file when execute batch

Detecting Brute Force Account Takeover Fraud with Splunk

Buttercup Games: Further Dashboarding Techniques (Part 9)

Buttercup Games: Further Dashboarding Techniques (Part 8)

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

splunkd.log errors and broken fishbucket on splunk...

Getting Data In

Are you a member of the Splunk Community?

Discussions