Getting Data In

Discussions

Thread Info

Forwarder Load Balancer duplicating data problem.

I am trying to have LB setup to send large volume of data into 4 different INDEXES in round robin structure. But w...

by Communicator in

Forwarder Win7 install package damaged?

When I try to install the v4.3.3 x86 Splunk Universal Forwarder it throws an error. A Windows Installer reports the e...

by New Member in

WMI Remote Error

Hi, I am getting teh following error "Failed to fetch data: In handler 'win-wmi-find-collection': Unable to get wm...

by Explorer in

Splunk on OS's other than English

Hello, I installed Splunk (full instance and/or universal forwarder) on OS's in French. Some stuff will obviously ...

by Explorer in

Cisco ASA 5510 - cannot get data

Hi, I´ve installed Splunk App for Cisco ASA version 0.9.6 downloaded today, and cannot see any data. Cisco is generat...

by New Member in

Problem with REST API

We have restricted access to Splunk via the REST API. We have created a user where we think we have allowed this capa...

by Splunk Employee in

Dump files and filtering and sending to indexer

I have a .out DUMP file generated by Bamboo Logs -- that I want to monitor in Splunk. I need to filter out certain...

by Builder in

Find files that are not being accessed

The scenario: I have a scripted input that gives me a list of files in a directory. On a regular basis I want to run ...

by Path Finder in

Can I use a volume definition with a thawed path?

by Splunk Employee in

Windows Universal Forwarder ERROR 1309??

My installation won't complete. Gives me an error 1309 "Error reading file .....aler_actions.conf,audit.conf.example,...

by New Member in

fetching all fields into a CSV

When I use "export" from within the Splunk interface, the CSV contains all fields that exist in at least one row (and...

by Explorer in

How to tell if a log is originating from a school computer?

I want to figure out how many schools in my state are hitting my website. I was wondering if there is some way to be ...

by New Member in

pushing data to Universal forwarder from .Net

Hello, I want to push the data to Universal forwarder, so that forwarder can forward the data to the Indexer. I have ...

by Explorer in

Updating to splunk 4.3 with existing 4.2 universal forwarders

Hi all We have an existing splunk install (2 x indexers, 1 x search head - all linux) on v 4.2 and quite a number ...

by New Member in

File timestamp - switch off normalization

Hi, I set up in Splunk 4.3 a file directory data input to index our log files which are generated in multiple time...

by New Member in

Log files on Remote Windows Workstation

I have been racking my brains and have searched the internet over multiple time and can't find a resolution to this i...

by Explorer in

can I use a prefilter to collect the syslog which I really need before put them in the database

I want to collect the syslog which I really need before put them in the database ,can I set a prefilter ? thank yo...

by Communicator in

Active Directory

Can´t find the event when I delete a user in AD. Is there any special config to get this info? Using Splunk 4.3 on wi...

by New Member in

unable to delete indexes

Hi, I am following the below steps from splunk documentation to delete indexes: Look through all inputs.conf files...

by Path Finder in

Splunk Heavy Forwarder Filtering and Windows Universal Forwarders

Hi so the set up we have is universal forwarders -> heavy forwarder -> Indexer.. Where the heavy forwarder acts a...

by Path Finder in

problem about Monitor Files

I choose "Continuously index data from a file or directory this Splunk instance can access" to input a file. Give a ...

by Explorer in

Setting Hostname with TCP input

Hi, Everyone, I'm working with one of our developers who wants to send logs into splunk via a TCP input. I cooked ...

by Engager in

How to generate a list of just the IPs?

I have uploaded a single collection of logs for one time use in Splunk. I was wondering if there is a way to generate...

by New Member in

props.conf extractions

I have a quick question here. I have a distributed environment with about 5 indexers and then a main search head. ...

by Builder in

NullQueue and Re-indexing Logs

I want to limit the data from one of my universal forwarders from being indexed temporarily (until we get a new Splun...

by Builder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Forwarder Load Balancer duplicating data problem.

Forwarder Win7 install package damaged?

WMI Remote Error

Splunk on OS's other than English

Cisco ASA 5510 - cannot get data

Problem with REST API

Dump files and filtering and sending to indexer

Find files that are not being accessed

Can I use a volume definition with a thawed path?

Windows Universal Forwarder ERROR 1309??

fetching all fields into a CSV

How to tell if a log is originating from a school computer?

pushing data to Universal forwarder from .Net

Updating to splunk 4.3 with existing 4.2 universal forwarders

File timestamp - switch off normalization

Log files on Remote Windows Workstation

can I use a prefilter to collect the syslog which I really need before put them in the database

Active Directory

unable to delete indexes

Splunk Heavy Forwarder Filtering and Windows Universal Forwarders

problem about Monitor Files

Setting Hostname with TCP input

How to generate a list of just the IPs?

props.conf extractions

NullQueue and Re-indexing Logs

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Update Your SOAR Apps for Python 3.13: What Community Developers Need to Know

October Community Champions: A Shoutout to Our Contributors!

uberAgent

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025

Getting Data In

Are you a member of the Splunk Community?

Discussions