Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Discussions
| Thread Info | |||||
|---|---|---|---|---|---|
|
Hi, my setup is two nodes, each has a Splunk Universal Forwarder which reads a logs directory and sends those logs to...
by
ilanz
New Member
in
Getting Data In
03-26-2012
|
0
|
2
| ||
|
I have XML in the following format that just refuses to break where I want it to --
<Object Type="Microsoft.Excha...
by
the_wolverine
Champion
in
Getting Data In
03-13-2012
|
1
|
4
| ||
|
|
I need a syntax example for host_regex to pull the hostname out of a share like the following:
[monitor://\\norcal...
by
the_wolverine
Champion
in
Getting Data In
03-26-2012
|
0
|
1
| ||
|
|
I am using splunk as our syslog server. I am new to splunk and everything about it. Currently the data coming in is f...
by
awilkoski
Engager
in
Getting Data In
03-26-2012
|
1
|
2
| ||
|
|
I was wondering if someone could validate an answer for me. I have installed the Universal Forwarder on a domain cont...
by
seanp
Path Finder
in
Getting Data In
03-26-2012
|
0
|
1
| ||
|
|
I want to install splunkforwarder_packagename.deb.
What is the packagename I should use (or where can I see a list...
by
boris
Path Finder
in
Getting Data In
03-23-2012
|
0
|
1
| ||
|
|
How can I get my Splunk events to use Star Trek "Stardate" time?
A stardate is a date in the fictional system ...
by
carasso
Splunk Employee
in
Getting Data In
03-23-2012
|
10
|
1
| ||
|
|
Has anyone figured out how to monitor /dev/console?
by
JasonCzerak
Explorer
in
Getting Data In
03-23-2012
|
1
|
1
| ||
|
|
Whenever i want to create new events via REST receivers endpoint, can i create new fields and set their values for th...
by
misteryuku
Communicator
in
Getting Data In
03-19-2012
|
0
|
16
| ||
|
|
I go to "Manager » Data inputs » WMI data collections » Add New" and enter the host name under "Select target host". ...
by
elusive
Splunk Employee
in
Getting Data In
09-02-2010
|
1
|
2
| ||
|
|
I am new to Splunk.
What do the indexed fields timeendpos and timestartpos represent?
Since one report the comp...
by
boris
Path Finder
in
Getting Data In
03-22-2012
|
0
|
1
| ||
|
|
I have a FTP data collector which pulls in files from an FTP server and dumps them into a directory monitored by Splu...
by
phoenixdigital
Builder
in
Getting Data In
09-28-2011
|
0
|
7
| ||
|
|
I am just starting to dabble with the splunk API. I am following the examples shown in the splunk documentation. The ...
by
msarro
Builder
in
Getting Data In
03-11-2011
|
1
|
5
| ||
|
|
I thought this would be easy to do, but I didn't see any way to to this in inputs.conf.spec
I have a cluster of ma...
by
mslvrstn
Communicator
in
Getting Data In
02-15-2012
|
0
|
11
| ||
|
|
Hi all - I'm looking for some advice on managing different combinations of inputs based on server type. For example, ...
by
briguy
Engager
in
Getting Data In
08-19-2011
|
1
|
2
| ||
|
|
I want to assign ALL sources the sourcetype my_logs_555, and then use the Priority parameter in props.conf to apply a...
by
sgarvin55
Splunk Employee
in
Getting Data In
03-20-2012
|
1
|
1
| ||
|
|
As I've been building out our Splunk installation I've been treating the indexers as appliances. By that I mean all o...
by
colinj
Path Finder
in
Getting Data In
03-21-2012
|
1
|
1
| ||
|
|
I have a task: investigate possibility not to install universal forwarder and use only java instead. Can REST API (ja...
by
cgladky
Engager
in
Getting Data In
03-19-2012
|
0
|
6
| ||
|
|
Hi,
I install Splunk Universal Forwarder on a Windows server 2008. The Splunk-Server IP is known only after startu...
by
dadi
Path Finder
in
Getting Data In
03-21-2012
|
0
|
6
| ||
|
|
I have a 4.3 indexer and a 4.3 forwarder. The forwarder is reading the contents of a file and sending the messages ov...
by
mloven
Path Finder
in
Getting Data In
03-08-2012
|
0
|
3
| ||
|
|
Hi, I have written a script whose output is: It is well formatted (arranged in columns although the formatting is not...
by
mridus
New Member
in
Getting Data In
03-20-2012
|
0
|
3
| ||
|
|
What is the most suggested way to pull data from Active Diretory?
We need to input Active Directory's user informa...
by
clyde772
Communicator
in
Getting Data In
01-25-2011
|
0
|
2
| ||
|
|
Our Splunk server receives data through syslog, and all data is tagged with 'sourcetype=syslog'.
I am interested i...
by
stefanlasiewski
Contributor
in
Getting Data In
03-19-2012
|
0
|
2
| ||
|
|
Is there a way to access SplunkWeb without turning on indexing? My license just got crushed by a security audit team,...
by
jam678
Explorer
in
Getting Data In
03-16-2012
|
1
|
3
| ||
|
|
My new forwarder appears not to be talking to the configured indexer(s)
[tcpout]
defaultGroup = splunk1_9997_splun...
by
willthames2
Path Finder
in
Getting Data In
03-15-2012
|
0
|
3
|
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Top Labels
-
add-on
2 -
administration
11 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
31 -
CSV
206 -
data
461 -
development
5 -
encryption
1 -
eval
2 -
field extraction
548 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
925 -
host
154 -
HTTP Event Collector
431 -
index
536 -
indexer
699 -
indexing performance
1 -
inputs.conf
824 -
installation
5 -
intermediate forwarder
140 -
introduction
3 -
JSON
387 -
kvstore
1 -
Linux
447 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
186 -
monitor
308 -
monitoring console
1 -
other
44 -
proactive Splunk component monitoring
2 -
props.conf
965 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
488 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
311 -
time
204 -
transforms.conf
571 -
troubleshooting
15 -
universal forwarder
1,534 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
15 -
whitelist
60 -
Windows
579 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!
The Big One: Splunk 10 is Here!
The moment many of you have been waiting for has arrived! We are thrilled to ...
Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console
Today, we’re excited to announce the release of a brand new AI assistant usage dashboard in Cloud Monitoring ...
Stay Connected: Your Guide to October Tech Talks, Office Hours, and Webinars!
What are Community Office Hours?
Community Office Hours is an interactive 60-minute Zoom series where ...
