Getting Data In

Community Activity

What is the best practice for restoring from archive? I have data that was archived that I want to access. How do I go about restoring my archived data so that it is sear... by the_wolverine Champion in Getting Data In 05-01-2012 4 4	4	4
how to install pci under windows How do you install PCI under Windows 7 64-bit? The download is a gzipped tar. I've unziped and untarred it. Now wh... by snoel_cyvision New Member in Getting Data In 04-30-2012 0 2	0	2
Chinese charset - Simplified and Traditional Will the charset for Traditional Chinese be supported in the future? I see that simplified Chinese is currently suppo... by ak Path Finder in Getting Data In 04-30-2012 0 2	0	2
Need to disable Source Type Hi I was testing splunk by adding source types. But now my splunk indexer has all kinds of stuff that I don't need.I ... by nikhilagrawal Path Finder in Getting Data In 04-30-2012 2 2	2	2
How to stop Splunk from breaking lines at Xml Fields Hi, 6 Jun 17:09:07.................. <..../> <....../> <....../> abcd hjkkk jjjjk This is the... by john Communicator in Getting Data In 04-30-2012 0 2	0	2
Friendly names for source Is it possible to give source friendly names? I collect a bunch of ESXi syslogs from a file and it shows up in splunk... by virtualpony Path Finder in Getting Data In 04-29-2012 0 3	0	3
Monitored input not showing on indexer What am I missing here? I have an indexer with the appropriate ports open and working, version 4.3.2. I install the... by kingpin867 New Member in Getting Data In 04-27-2012 0 3	0	3
Data extraction from multiple servers Is splunk capable of pulling multiple log files from different servers without installing the universal forwarder on ... by aaronkorn Splunk Employee in Getting Data In 04-27-2012 1 2	1	2
32 vs 64 bit forwarder I'm curious what the advantage to running the 64-bit forwarder is. I assume it won't ever need enough memory that it... by christopher_hod Path Finder in Getting Data In 04-27-2012 2 1	2	1
Documented recipe for replicating subsets of data to 3rd party system throws errors in 4.3.1 and 4.3.2 In 4.3.1 and 4.3.2, when using the documented procedure to replicate subsets of data to 3rd party systems found here:... by Wiggy Splunk Employee in Getting Data In 04-27-2012 7 1	7	1
Index leaving holes and trying to see why I had a crash the past day so I am setting up a watchdog, but I have splunk monitoring 2 directories. I confirmed th... by lancealotx Explorer in Getting Data In 04-27-2012 0 1	0	1
Finding where multiple events have the same time We had an issue here with one of our web fronted applications when the webserver received multiple requests to the sa... by mikelanghorst Motivator in Getting Data In 04-27-2012 1 3	1	3
Whitelist Would not work The following logs in Weblogic are being captured in inputs.conf mydomain.log1123213123 mydomain.log4353245254 myse... by asarolkar Builder in Getting Data In 04-27-2012 0 1	0	1
WMI - How many remote Windows can a Splunk WMI input support? Hi I am planning to monitor many Windows client via WMI interface. I have one Splunk installed on Windows7. How many... by melonman Motivator in Getting Data In 04-27-2012 1 1	1	1
log monitoring problem Hi, This is Jay Mehta from India. We currently have requirement to do log monitoring and for this we are looking @ s... by jaymehta18 New Member in Getting Data In 04-26-2012 0 3	0	3
Not receiving Linux logs Hello, I am setting up a test rig, and not receiving any logs from another Linux box (please see rig details below).... by j666gak Communicator in Getting Data In 04-26-2012 0 7	0	7
props.conf not breaking on data correctly I apologize for the Splunk formatting of my configuration settings....for some reason this UI is removing my "_" from... by MasterOogway Communicator in Getting Data In 04-26-2012 0 16	0	16
Filter events from forwards Hello - I want to send only events with keyword BIDPRICE from my application logs. I guess i need to modifiy props.co... by chittari New Member in Getting Data In 04-25-2012 0 14	0	14
filtering search results I have a very simple search/chart to look for failed logons on my domain: EventCode=4625 Account_Name="*" \| timechar... by Michael Contributor in Getting Data In 04-25-2012 1 3	1	3
Splunk cannot find correct source log I have a set of log events that contain the following Key value pair "source" : "integer". Therefore, splunk is repor... by lpolo Motivator in Getting Data In 04-25-2012 0 4	0	4
Inputs not routing to correct index I have data being sent in by universal forwarders on port 9908 that I would like put into a custom index. This is ho... by rmcdougal Path Finder in Getting Data In 04-24-2012 0 1	0	1
Forwarder Not Forwarding New Monitored Logs I have just added two new logs to be monitored on one of my servers but the data is not coming back for those files. ... by rgcurry Contributor in Getting Data In 04-24-2012 0 4	0	4
Breakdown by Sourcetype from Each Forwarder We have a number of heavy forwarders sending cooked data to our indexers. We can get the total KBs sent by each forwa... by reed_kelly Contributor in Getting Data In 04-24-2012 0 10	0	10
How to process event exact same for events from multiple event source type? Let us say you have following lines in your props.conf file: [WinEventLog:Security] REPORT-common = user-account-ch... by tonopahtaos Path Finder in Getting Data In 04-24-2012 0 6	0	6
Regex transform on a dynamic default host? Hello, I have Splunk on some Windows VMs that run on ESX hosts. For each guest, the ESX hosts generate customized p... by cphair Builder in Getting Data In 04-24-2012 0 1	0	1