Getting Data In

Community Activity

Splunk 4.x and Exchange 2010 I´m running Splunk 4.x here and would like to import out flat file MS Exchange eMail tracking files into splunk. BUT ... by BastianW Path Finder in Getting Data In 02-09-2012 0 4	0	4
why Active Directory?? another way?? Hi, I found that in order to make splunk able to read Event Log remotely, or read network shares for log files, I ha... by hanene Explorer in Getting Data In 02-09-2012 1 2	1	2
Order in which buckets roll from hot/warm -> cold From: http://docs.splunk.com/Documentation/Splunk/4.3/admin/HowSplunkstoresindexes "Once Splunk has created some max... by forrest_whitche Explorer in Getting Data In 02-09-2012 1 3	1	3
Universal forwarder -> Scheduled a Script Input Hello, Is it possible to scheduled a script input in a universal forwarder? Thanks in advance. Luciano by lpolo Motivator in Getting Data In 02-09-2012 2 4	2	4
setting up filters properly Hi, I'm new to splunk. Got through the initial setup and forwarding syslog - cool stuff. What I want to do next is ... by infinitiguy Path Finder in Getting Data In 02-08-2012 0 8	0	8
Erro: 500 Splunkd daemon is not responding Receiving following Error each time while accessing access/client data search, 500 Splunkd daemon is not responding ... by zacshaik New Member in Getting Data In 02-08-2012 0 1	0	1
Time stamp of historical syslog data gets incorrectly set to the current year I have some syslog-like data from 2008 that I'd like to index with Splunk : Mar 7 13:33:21 beefysup01 avahi-daemon[... by hexx Splunk Employee in Getting Data In 02-07-2012 2 1	2	1
Windows Installer error 1310 - Splunk 4.3 I am trying to install Splunk 4.3 and get an Error 1310 with writing some python files. I also tried it on 4.2 and g... by stoeckp Engager in Getting Data In 02-07-2012 2 1	2	1
Can you forward indexed information to a syslog server Hi All, I was wondering if it's possible for the below: Server A - Contains the Event logs... i.e a domain controll... by Scarecrowddb Explorer in Getting Data In 02-07-2012 0 2	0	2
Time manipulation doesn't work My query runs for the past week and I want to append to sets of results from 2 different date ranges. What is my mist... by Yarsa Path Finder in Getting Data In 02-06-2012 0 1	0	1
Coradiant TrueSight API export format Hi, We're using Coradiant TrueSight AIMs, and want to import the API export files periodically into Splunk. On the ... by sbakker New Member in Getting Data In 02-06-2012 0 2	0	2
typo in macros.conf sed -i "s/^~$//" webintelligence/default/macros.conf Just noticed after 4.3 upgrade more errors and warning.. one of... by agrant Explorer in Getting Data In 02-06-2012 1 1	1	1
different sourcetypes with identical field names I have two different sourcetypes that both have the same field name. Is there any way to explicitly specify a fieldna... by nikmeiser Explorer in Getting Data In 02-06-2012 0 1	0	1
A single events has been indexed as 100 seperate lines When searching through logs generated by our java application server, we have noticed a new behavior that did not pre... by zliu Splunk Employee in Getting Data In 02-06-2012 0 3	0	3
Enable WMI in universal forwarder I have a wmi.conf file ready to go in my universal forwarder. However I probably need to enable it in the inputs.conf... by tympaniplayer Path Finder in Getting Data In 02-06-2012 0 1	0	1
Can't load my custom fields I try to index my logs with a custom Source type. Here is my files : Log file exemple : #HeaderKey1: header value 1... by apare Engager in Getting Data In 02-06-2012 0 3	0	3
How can I search a specific index via the API using curl? How can I search a specific index via the API using curl? When I try to use curl -u user:pass -k -d 'search=search i... by msmapper Path Finder in Getting Data In 02-03-2012 2 1	2	1
Timestamping difficulties on files with the same names but with different formats Hey, We are having some difficulties getting accurate timestamping on files with the same names, which are being fowa... by pl123 Path Finder in Getting Data In 02-03-2012 0 1	0	1
Sourcetype Override Hi guys... I have a couple of script inputs that generate network status data... the issue is that a single script in... by kenchisho Path Finder in Getting Data In 02-03-2012 1 2	1	2
custom timestamp parsing I have structured (CSV) files with named fields with a few different date-time formats - TIMEA,host,TIMET,DURATION,... by nikmeiser Explorer in Getting Data In 02-02-2012 0 1	0	1
Timestamp on one event determines subsequent line events in RMAN backup I want to index log events from RMAN backup log. This log has a log event per line but each line may not have a times... by rasingh Path Finder in Getting Data In 02-02-2012 0 1	0	1
Universal forwarder is not working as an intermediate forwarder. I have the below deployment topology Program -> Universal Forwarder (UF1) -> Universal Forwarder (UF2) (Intermediate... by asingla Communicator in Getting Data In 02-02-2012 1 4	1	4
Indexer Problem: ERROR TcpChannel - Fatal error on accept socket: Software caused connection abort Hi we get the following error message from time to time on our Indexers (Solaris 10 x86 64bit Splunk 4.2.5 or 4.3):... by chris Motivator in Getting Data In 02-01-2012 0 1	0	1
timestamp event Hi, I have already a date field on my CSV file but it isn't recognize. How I can help splunk to recognize this fiel... by gabriel94 New Member in Getting Data In 02-01-2012 0 1	0	1
Reduce on disk database size after delete I have run into a situation where a very large amount of data has been imported into the wrong index. This index con... by kevinzona Engager in Getting Data In 02-01-2012 1 2	1	2

Get Updates on the Splunk Community!

How to find the worst searches in your Splunk environment and how to fix them

Everyone knows Splunk is a powerful platform for running searches and doing data analytics. Your ...

Share Your Feedback: On Admin Config Service (ACS)!

Help Us Build a Better Admin Config Service Experience (ACS) We Want Your Feedback on Admin Config Service ...

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

AI is changing how teams investigate incidents, detect threats, automate workflows, and build intelligent ...

Getting Data In

Splunk 4.x and Exchange 2010

why Active Directory?? another way??

Order in which buckets roll from hot/warm -> cold

Universal forwarder -> Scheduled a Script Input

setting up filters properly

Erro: 500 Splunkd daemon is not responding

Time stamp of historical syslog data gets incorrectly set to the current year

Windows Installer error 1310 - Splunk 4.3

Can you forward indexed information to a syslog server

Time manipulation doesn't work

Coradiant TrueSight API export format

typo in macros.conf

different sourcetypes with identical field names

A single events has been indexed as 100 seperate lines

Enable WMI in universal forwarder

Can't load my custom fields

How can I search a specific index via the API using curl?

Timestamping difficulties on files with the same names but with different formats

Sourcetype Override

custom timestamp parsing

Timestamp on one event determines subsequent line events in RMAN backup

Universal forwarder is not working as an intermediate forwarder.

Indexer Problem: ERROR TcpChannel - Fatal error on accept socket: Software caused connection abort

timestamp event

Reduce on disk database size after delete

How to find the worst searches in your Splunk environment and how to fix them

Share Your Feedback: On Admin Config Service (ACS)!

Build the Future of Agentic AI: Join the Splunk Agentic Ops Hackathon

Transilience AI threat intel feed integration

I have question about Metrics

How to integrate threat armor with splunk?

How to integrate Google Cloud armor with splunk?

How to Integrate Iraje PAM with splunk? Is there a...

Getting Data In

Join the Conversation