Getting Data In

Community Activity

Universal Forwarder .... as a language API Are there any plans to release a UF programming API ? Not the full blown UF functionality, but maybe just the output ... by Damien_Dallimor Ultra Champion in Getting Data In 12-13-2011 1 1	1	1
Splunk pulling the date from log data - not timestamp I have two types of logs that are formatted thusly: hostname app->name: date time log data and hostname:date time... by hharvey Explorer in Getting Data In 12-13-2011 0 1	0	1
Apache web log analysis New to Splunk. Goal: Create an Apache access_log analysis that lists page views, and other useful access log analysi... by jeffatmoodleroo Engager in Getting Data In 12-13-2011 4 3	4	3
Windows monitor security only 4624 ID Hello, I've got a little problem. I would like to monitor security events from remote machine, but ONLY 4624 events (... by lantuin Explorer in Getting Data In 12-13-2011 0 20	0	20
dd/mm/yyyy is being returned as mm/dd/yyyy I've been through the forums and this has been asked many times, but I'm not getting anywhere with it. I'm admitting... by wayneevans Explorer in Getting Data In 12-13-2011 1 5	1	5
Trying to filter logs in the inputs- not working Trying to filter the backdated logs which has appeared from till yesterday and start with recent logs [monitor:///di... by saravanababumr New Member in Getting Data In 12-12-2011 0 1	0	1
Need to filter some logs from my inputs Trying to filter the backdated logs which has appeared from till yesterday and start with recent logs [monitor:///di... by saravanababumr New Member in Getting Data In 12-12-2011 0 1	0	1
Trouble with TA-Juniper I have a Juniper firewall that forwards syslog/udp:514 data from a forwarder to an indexer in one of my 2 production ... by Kate_Lawrence-G Contributor in Getting Data In 12-12-2011 0 1	0	1
Way to insert/create field based on source? I have a need (OK, it's a desire) to create a field that I can search on based on an input. The particular field I w... by mfrost8 Builder in Getting Data In 12-11-2011 2 6	2	6
Splunk stopped indexing some files Hi, We are indexing a directory on one of our servers (/sonic/logs) and Splunk suddenly stopped indexing a few of th... by jaydee77ca New Member in Getting Data In 12-09-2011 0 3	0	3
Time stamp parsing not seeming to work Using Splunk 4.2.4 on Windows XP I am a newbie trying to parse my FTP logs that have time stamps that look like 04... by esi_splunk New Member in Getting Data In 12-08-2011 0 1	0	1
Cleaning up props.conf, \| (OR) not working for multiple sources I have the following in props.conf [source::udp:32001] TZ = UTC TIME_FORMAT = %b %d... by jeff Contributor in Getting Data In 12-08-2011 0 3	0	3
Does Splunk have production-ready REST interfaces to input data? The title says it, my question is if Splunk supports REST interfaces for simply inputting data. I read about this to... by mahbe Engager in Getting Data In 12-08-2011 0 3	0	3
Recommended no of forwarders for a receiver I would like to find out if there's a recommended value for no of universal forwarders to connect to a receiver. We h... by wanling Path Finder in Getting Data In 12-08-2011 0 3	0	3
Monitoring FTP gz files Hi, I am planning a Splunk deployment that involves indexing large number of gz files FTP from multiple sources. Can ... by alextsui Path Finder in Getting Data In 12-08-2011 0 3	0	3
Lookups not working I am running splunk4.2.2 on Linux servers On My search-heads under /app/splunk/etc/system/local props.conf entrie... by desi-indian Path Finder in Getting Data In 12-07-2011 0 5	0	5
Deleting data from summary index or any index? I am summarizing my data every minute but I do not need that data after one hour. So I have schedule another search t... by asingla Communicator in Getting Data In 12-07-2011 0 2	0	2
File Eating I am eating NESSUS.V1 files from our Nessus contiues monitoring system Nessus puts the output from the scan in XML f... by hartfoml Motivator in Getting Data In 12-07-2011 0 7	0	7
How to define the listening port on a specific interface for universal forwarder deployment At the moment the universal forwarder client is listening locally for deployment on port 8089, but on all interfaces ... by phaelf Explorer in Getting Data In 12-07-2011 0 1	0	1
HPUX 11.11 or AIX 4.x compatibility? A customer in manufacturing who is already using Splunk to monitor their database systems wants to start monitoring s... by gpburgett Splunk Employee in Getting Data In 12-07-2011 0 1	0	1
can't find the file (source) i set a input (directory) and i use command "splunk list monitor" splunk list monitor command result: \\aaasvr\iis-pi... by ypfbkg Explorer in Getting Data In 12-06-2011 0 2	0	2
text files being ignored We have below monitor stanza in inputs.conf file [monitor:///usr/sap/IXD/SYS/profile] disabled = false index = erp ... by Rajshekhar New Member in Getting Data In 12-06-2011 0 7	0	7
'daily indexing volume limit exceeded' still showing up after removing reference to large data source Have Splunk v4.2.4 installed as stand-alone (trial license). Imported a huge file and got the 'daily indexing volum... by gmodeloh Engager in Getting Data In 12-06-2011 0 2	0	2
How to prevent this from being sent to indexer from heavy forwarder I know there have been quite a few messages on this, but I am still confused. I am trying to configure my heavy forwa... by rcavallo New Member in Getting Data In 12-06-2011 0 3	0	3
Can I inject events into Splunk via a script? Splunk supports scripted inputs (where splunk calls a script and indexes the results). But what about the reverse: c... by Justin_Grant Contributor in Getting Data In 12-05-2011 3 8	3	8