Getting Data In

Community Activity

Skipped indexing error I have two indexers and both are forwarding their data to the other. Today I saw an error stating Splunk skipping ind... by mznikkip Engager in Getting Data In 07-31-2012 0 2	0	2
Checkpoint LEA pointer is reset, events are re-indexed I've recently set up LEA-LogGrabber, which is working fine from a communication point of view - the logs are being su... by pajohnston Explorer in Getting Data In 07-31-2012 2 5	2	5
How does splunk indexing works when two or more windows based collector sending same Event logs? Hi We have two collector server collecting events from all windows based servers(400 of them). Windows servers are c... by AKG Path Finder in Getting Data In 07-30-2012 0 2	0	2
Inputs.conf _SYSLOG_ROUTING only For my windows servers I have set them up to send via syslog to Loglogic and also send to the Splunk indexer. Current... by ng1p Path Finder in Getting Data In 07-30-2012 1 1	1	1
Latest time as a field value Hi guys, I have a question for You, if anyone has had a similar requirement... I need to use the "latest" time of a... by kenchisho Path Finder in Getting Data In 07-30-2012 0 6	0	6
perfmon is not working hi, I want to know how perfmon.cof is working.Since i want to use that for monitoring CPU utilization.I want to know... by john Communicator in Getting Data In 07-30-2012 0 3	0	3
If Universal Forwarder crashes, can we throttle the rate at which it sends data to indexer? Hello, Assuming that I have a universal forwarder configured to monitor a directory of flat files, e.g. /var/log/, w... by roychen Path Finder in Getting Data In 07-30-2012 0 1	0	1
detecting when an indexer is down How can I detect when an indexer is down? Is there an api call to poll for the status of the indexer? Or will a faili... by rubenstoll Engager in Getting Data In 07-27-2012 1 1	1	1
Operating System Hi My company just bought a splunk server from Cisco, we got the hardware but no the software. Is it right ?? What s... by asolorzano New Member in Getting Data In 07-27-2012 0 2	0	2
Exchange Server App - IOPS charting I'm currently running version 1.1 of the Exchange app. I'd like to add the four IOPS counters to the list of perfmon ... by stonecutter908 New Member in Getting Data In 07-27-2012 0 1	0	1
Connect to my server Hi All I'm trying Splunk for the first time - I'm sifting through the documentation and finding it difficult to asc... by rgill90 New Member in Getting Data In 07-27-2012 0 4	0	4
Not able to see my windows client logs on Splunk Server Hello, I have splunk installed on CentOS and i want to monitor a log file which is located on a windows host D drive... by royalchandu New Member in Getting Data In 07-27-2012 0 3	0	3
setting up daily formatted report Hi, I have a saved search to find out the occurrence of a keyword "Response" in a log. I am able to create a formatt... by aniketb Path Finder in Getting Data In 07-26-2012 0 4	0	4
filesystem change monitor on windows LightWeight Forwarder Installation: Universal Forwarder 4.3.2 I am trying to use the FileSystem monitor to monitor the files in inputs.conf... by steveirogers Communicator in Getting Data In 07-26-2012 0 3	0	3
line breaking help 957978 11:23:33 (INTEL) IN: "IFBFE4F44" user@hostlx8.domain $ 957979 11:24:07 (MLM) IN: "MATLAB" user@hostlx1.doma... by zachvida Path Finder in Getting Data In 07-26-2012 0 4	0	4
While setting up a Windows Eventlog collection input, why do I get an HTTP 500 - Access is denied error? I want to gather and index the security eventtlogs on a remote Windows server. While trying to add a new Windows Eve... by maverick Splunk Employee in Getting Data In 07-26-2012 2 2	2	2
Index the timestamp present in log file hello, I got a question regarding the field indexed by splunk when an event is received on splunk server. I would li... by rbw78 Communicator in Getting Data In 07-26-2012 0 1	0	1
Alert for syslog I am trying to set an alert that notifies the admin of a situation when we dont get any data from syslog (no messages... by asarolkar Builder in Getting Data In 07-25-2012 0 1	0	1
How do I set the SSL cert for the management port (8089)? Like the question says, I'd like to build some REST clients using Splunk (4.3.2, 4.3.3) that will not be running on t... by wohali Engager in Getting Data In 07-25-2012 5 3	5	3
How can I trigger the re-indexing of a single file? I would like to have Splunk re-index a specific file /logs/pubic_folder/noodles/log that it has already indexed on th... by hexx Splunk Employee in Getting Data In 07-25-2012 5 1	5	1
Need help joining 2 sets of data where the timestamp is off by a few seconds Hi, I am trying to correlate 2 sets of data together via join search statement, however I need to do a join based o... by balbano Contributor in Getting Data In 07-25-2012 1 2	1	2
logfile folder Hi, I am having a logfile folder in which every day log file got created with the date name i want to index only lat... by vaibhavbeohar Path Finder in Getting Data In 07-25-2012 0 2	0	2
change the indexer location Hi I have installed splunk indexer on a linux machine under installation directory /opt and there are quite a few fo... by splunker_123 Path Finder in Getting Data In 07-25-2012 0 9	0	9
Windows SID Resolving in Splunk As i understand it, Splunk is able to resolve SIDs in Windows Security Events. The documentation around this is not v... by pj Contributor in Getting Data In 07-24-2012 3 5	3	5
remove space and tab char between from ">" "<\" I want to remove all the spaces in between ">" "<\" and want to use this in SEDCMD Here is my regex but this is ... by jangid Builder in Getting Data In 07-24-2012 0 2	0	2