Getting Data In

Discussions

Thread Info

Is it possible to tell LINE_BREAKER to stop eating my angle bracket?

The use of LINE_BREAKER is a bit cryptic to me... ok, a lot. But I think I've managed to figure out how to break my X...

by Splunk Employee in

How do I group lines into a single event at index-time?

What I'm trying to do: at index time, create a multiline event based on a unique ID. In the data sample below, I need...

by Splunk Employee in

What are the default sourcetypes and how are they determined?

Sometimes Splunk sets the sourcetype on an incoming file as breakable_text or too_small. What determines these source...

by Path Finder in

monitoring hundreds of metrics and/or configuration items: how to do efficiently?

I'm trying to use Splunk to monitor both runtime metrics and configuration state of a server application like JBoss o...

by Contributor in

Can I monitor Windows Registry with Splunk?

Are there ways in Splunk to monitor and index any activity on Windows Registry?

by Splunk Employee in

How can I monitor a directory full of mixed types of logfiles while explicitly applying sourcetypes?

I have a directory /logdir and it contains various types of files, such as apache logs, syslog files, local applicati...

by Splunk Employee in

How do I set a hostname?

What do I need to do to set the correct hostname for an event?

by Splunk Employee in

My coldtofrozen script seems to hang splunk, what can I do?

When my selected coldToFrozenScript runs, which can take 10 minutes, the splunk search interface stops working until ...

by Splunk Employee in

I can't see data I know is indexed

I have data indexed but the "all indexed data" dashboard module is empty. Searching for * over all time produces no r...

by Explorer in

Getting Data In

Discussions

Is it possible to tell LINE_BREAKER to stop eating my angle bracket?

How do I group lines into a single event at index-time?

What are the default sourcetypes and how are they determined?

monitoring hundreds of metrics and/or configuration items: how to do efficiently?

Can I monitor Windows Registry with Splunk?

How can I monitor a directory full of mixed types of logfiles while explicitly applying sourcetypes?

How do I set a hostname?

My coldtofrozen script seems to hang splunk, what can I do?

I can't see data I know is indexed

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >

Onboard unknown source SC4S

CLONE_SOURCETYPE not honoring REGEX?

Query to list data inputs remote monitor from depl...

Ingesting data from blackbox

WinNetMon Blacklist RemoteHostName

Getting Data In

Discussions

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.Find out what your skills are worth! Read the report >

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >