Getting Data In

Community Activity

Universal Forwarder license requirements Folks, I was wondering if "Universal Forwarder" requires license to be installed on a Solaris syslog server? Thanks! by ashafiee Explorer in Getting Data In 05-31-2012 0 1	0	1
Question about blacklist entry I want to exclude all files that contain some keyword from splunk forwarder, I have added an entry in prop.conf. [mo... by jangid Builder in Getting Data In 05-31-2012 0 2	0	2
How to quick and simple remove the host and all his logs from SPLUNK ? Hi, I've got a problem. There is no way to remove the host from splunk? No DELETE button and confirmation, NOTHING... by twieczorkowski Explorer in Getting Data In 05-30-2012 0 1	0	1
TIME_PREFIX I have an autosys log with 4 columns (JobName\|Start\|End\|Status) and would like to add them in splunk. Check_Job\|05/2... by shangshin Builder in Getting Data In 05-30-2012 0 7	0	7
Windows Eventlog Not being forwarded We use UF to forward events from a group of servers to our indexers. We also use deployment server to ensure consist... by richnavis Contributor in Getting Data In 05-29-2012 0 1	0	1
multiple syslog servers question Hi everyone, I have a question about setting up Splunk to record syslog messages from 2 different syslog servers. ... by boeckelr New Member in Getting Data In 05-29-2012 0 1	0	1
Why Splunk installation fails with Exitcode='4' " wrong privileges" ? My Splunk Installation failed with the error << Splunk Installer was unable to start Splunk Services. Please make ... by mzorzi Splunk Employee in Getting Data In 05-29-2012 1 1	1	1
_time not being set properly during indexing I'm trying to index the output of the Nessus vulnerability scanner in NBE format. There are two types of events in n... by responsys_cm Builder in Getting Data In 05-26-2012 0 3	0	3
csv advise Hi, Hoping someone can help me with some csv input questions. I have some csv files that are created by users, and w... by a212830 Champion in Getting Data In 05-25-2012 1 4	1	4
TLS/SSL Syslog Splunk Support I'm always nervous about sending plain text syslogs around the place, and rsyslog has some fantastic options (SSL and... by pacepace Engager in Getting Data In 05-25-2012 1 1	1	1
Change home path location? I've installed Splunk on my C drive. I want the data to be store on a different drive, where I have more room. How do... by SLowry New Member in Getting Data In 05-25-2012 0 2	0	2
filtering on yesterdays date? Hi, I have a csv file, in a nice format (see below). The data is for rolling 7/10/21 day reports, that customers con... by a212830 Champion in Getting Data In 05-25-2012 1 4	1	4
Forwarder and More I am new to splunk and I an trying to get the solution right for my company that being said . My delima is that the U... by paul_1994 Path Finder in Getting Data In 05-25-2012 0 3	0	3
Splunk Universal/Heavy Forwarder with compression has low CPU utilisation I'm planning a Splunk deployment that will involve 2 indexers, 1 search head and 4 forwarders spread across various n... by ztom Explorer in Getting Data In 05-25-2012 0 3	0	3
Deletion of indexed logs if i use "\| delete" the data are still stored in the indexers. is there anyway to physically remove them? by attgjh1 Communicator in Getting Data In 05-24-2012 0 4	0	4
Can you set a maximum hot index size globally? We would like to use a combination of solid state drives for the hot index and slower, cheaper disk for the warm/cold... by responsys_cm Builder in Getting Data In 05-24-2012 0 1	0	1
Universal Forwarders and indexing From a Windows box where the Universal Forwarder is installed, we're picking up a CSV extract (table.csv) every 24 ho... by asarolkar Builder in Getting Data In 05-24-2012 0 4	0	4
Another "Linebreak not working" question My developers have an unorthodox format for their logs. The only timestamp on a multi-line log entry is at the very ... by ppacheco Explorer in Getting Data In 05-24-2012 0 2	0	2
multiple monitor for same directory I am attempting to read different types of log into various sources. But all the logs belong in the same directory an... by attgjh1 Communicator in Getting Data In 05-24-2012 0 1	0	1
Whitelist/blacklist multiple files in same directory ive been reading the documentation and am stumped at this part: If you create a blacklist line for each file you ... by attgjh1 Communicator in Getting Data In 05-24-2012 0 13	0	13
SplunkForwarder inputs.conf - pick one log file if exists, else pick another Is there a way to configure SplunkForwarder inputs.conf to do the following? The goal is to monitor a few directorie... by Ovi Path Finder in Getting Data In 05-23-2012 0 4	0	4
Limit/Filter data indexed based on sourcetype volume Is there a way to limit the number of events indexed for a given sourcetype within a given amount of time? For examp... by kbrady Explorer in Getting Data In 05-23-2012 1 2	1	2
Log4j Splunk Hello, I work with Eclipse. I want to send my log on the port listened by Splunk. So I add this code in log4j.proper... by LauraBre Communicator in Getting Data In 05-23-2012 0 12	0	12
Received unrecognized signature --splunk-cooked-mode-v3-- Hi, I just upgraded two Splunk LWF 4.1.4 to Splunk UF 4.2.1 , other Splunk instances ( middle forwarders and indexer... by dmlee Communicator in Getting Data In 05-23-2012 1 3	1	3
Splunk server Vs Windows agent Hello, Splunk server in linux and agent in windows. 1)How to check from client or server cofig files ? 2)I created... by kpsnathan_splun New Member in Getting Data In 05-23-2012 0 1	0	1

Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide Staying ahead in the fast-paced ...

Getting Data In

Universal Forwarder license requirements

Question about blacklist entry

How to quick and simple remove the host and all his logs from SPLUNK ?

TIME_PREFIX

Windows Eventlog Not being forwarded

multiple syslog servers question

Why Splunk installation fails with Exitcode='4' " wrong privileges" ?

_time not being set properly during indexing

csv advise

TLS/SSL Syslog Splunk Support

Change home path location?

filtering on yesterdays date?

Forwarder and More

Splunk Universal/Heavy Forwarder with compression has low CPU utilisation

Deletion of indexed logs

Can you set a maximum hot index size globally?

Universal Forwarders and indexing

Another "Linebreak not working" question

multiple monitor for same directory

Whitelist/blacklist multiple files in same directory

SplunkForwarder inputs.conf - pick one log file if exists, else pick another

Limit/Filter data indexed based on sourcetype volume

Log4j Splunk

Received unrecognized signature --splunk-cooked-mode-v3--

Splunk server Vs Windows agent

Observability Simplified: Combining User Experience, Application Performance & ...

Event Series May & June: From Network Visibility to Service Intelligence

Global Splunk User Group Events: May + June 2026

PCAP Data contains media and audio file, Is it pos...

TA_Guardium API Add-on for Splunk

Transilience AI threat intel feed integration

I have question about Metrics

How to integrate threat armor with splunk?

Getting Data In

Join the Conversation