Getting Data In

Community Activity

universalfowarder syslog receive and send hi universalforwarder receives and send the syslog data to do? If possible, how do? by khyoung7410 Communicator in Getting Data In 04-12-2012 0 2	0	2
Looping through a Macro using a csv lookup? I have a request from a user who wants to get some stats from the Exchange App around specific users. Namely they're... by Brian_Osburn Builder in Getting Data In 04-12-2012 3 2	3	2
how to sett forwarers to index on path and file name Is it possible to set up forwarders to index data on the path of the file and a portion of the file name automaticall... by jbirchall1 New Member in Getting Data In 04-12-2012 0 2	0	2
Does maxVolumeDataSizeMB in indexes.conf do anything? As far as I can tell, setting maxVolumeDataSizeMB does not trigger bucket moves and has no impact at all. Does anyone... by eugenekogan Explorer in Getting Data In 04-12-2012 0 6	0	6
Error installing any app When I try to install any app from the zipped file, I get an error like: There was an error processing the upload. L... by tchristian New Member in Getting Data In 04-12-2012 0 3	0	3
Props/transforms rewrite of _raw is adding a blank event Hi, I am using a props/transforms TRANSFORM to add the source (log file) name to the _raw log event line. props.con... by Glenn Builder in Getting Data In 04-12-2012 0 1	0	1
Charset Encoding Hi guys, I have installed Splunk 4.3 on a MAC OSX 10.7. I am trying to index data with non utf encoding. I have tri... by kenchisho Path Finder in Getting Data In 04-12-2012 0 3	0	3
Choosing the correct timestamp Hi, I'm having a weird problem with recognizing timestamps. The actual timestamp looks like this: [2012-04-11 11:24:... by echalex Builder in Getting Data In 04-12-2012 0 4	0	4
Can I run multiple Universal Forwarders on Windows Server 2008? I have a Universal Forwarder looking at a directory holding our proxy logs. New logs are dumped into the directory e... by wbfoxii Communicator in Getting Data In 04-12-2012 1 3	1	3
universal forwarder please I need help , I deployed a universal forward by following tutorial "distributed deployement manual" The un... by sarah89 Path Finder in Getting Data In 04-12-2012 1 16	1	16
Filtering and sending only specific data Hi again, I got one question in filtering and routing to indexer. i got my props like this: pros.conf [WinEven... by JPValadas Explorer in Getting Data In 04-12-2012 0 9	0	9
Segregation of incoming data In our environment (mid-size enterprise with remote sites) we have our primary indexer on dedicated hardware. All dat... by sconnors Engager in Getting Data In 04-12-2012 0 5	0	5
Indexing content that may contain in-line gzip We need to index content that may contain in-line gzip (or other compression) content. We do not need to search on th... by johnamcafee New Member in Getting Data In 04-11-2012 0 1	0	1
Why won't Splunk re-index my data? I wanted to see how Splunk would index my data, so I configured it to index a few files into a 'test' index. Now tha... by Mick Splunk Employee in Getting Data In 04-11-2012 3 6	3	6
Major discrepancy between per_sourcetype_thruput and tcpin_connections - which is right? I'm looking at a Splunk instance right now that is getting 99+% of its data as one particular sourcetype, from two he... by Jason Motivator in Getting Data In 04-11-2012 1 5	1	5
warning and violations, how to reduce my indexed volume ? Hi I have a license pool for X Gb per day, and I blow it every almost every single day. How to selectively reduce m... by mataharry Communicator in Getting Data In 04-11-2012 1 3	1	3
Explain this transform v4.3 sles 11.1 can you explain for me this transform [csafields] REGEX = ^[^\\|]+\\|([^\\|]+)\\|([^\\|]+)\\|([^\\|]+)\\|([^... by cvajs Contributor in Getting Data In 04-11-2012 0 8	0	8
want to have Mutiline log file as single event - props.conf My log goes like this. I want all contents between "BeginEvent" and "EndEvent" as a single event. Any help? Will grea... by ma_anand1984 Contributor in Getting Data In 04-11-2012 0 4	0	4
Forwarder keeps monitoring after app undeployed Hi, I'm just setting up a deployment server and created a simple app to test it. The app was installed fine on my un... by echalex Builder in Getting Data In 04-11-2012 0 5	0	5
Splunk going down in events indexed All day, I've been watching the amount of events indexed in Splunk go up and down. It stays in the 1.8-1.9 billion e... by nkitmitto Explorer in Getting Data In 04-10-2012 1 1	1	1
List of checkpoint libraries necessary for lea-loggrabber Hi, I'm getting ready to deploy the splunk Lea-Loggrabber client (32-bit) on RH6 64-bit OS. Would anyone happen to ha... by jbsplunk Splunk Employee in Getting Data In 04-10-2012 5 1	5	1
Incorrect hostname for Cisco WAAS Logs I've got a weird issue with some Cisco WAAS devices identifying their hostname correctly in Splunk. We are in the pro... by lukemarrott Engager in Getting Data In 04-10-2012 0 3	0	3
Receiver not receiving newly added index and data from sender! I am currently successfully forwarding data of a created index from a sender to a receiver, the issue is I have creat... by Dark_Ichigo Builder in Getting Data In 04-09-2012 0 3	0	3
Data Index Question - Data Also On Indexer Not Indexing Hello Everyone, I currently have an indexer (one box) which also has data that I want to index. I specified the loca... by A4orce84 New Member in Getting Data In 04-09-2012 0 2	0	2
Generate graph from 'CPU RAM process' log How should I configure the Search (and Report) so to get a CPU & RAM line chart (the values not a count) by process? ... by splunk_zen Builder in Getting Data In 04-09-2012 0 3	0	3