Getting Data In

Community Activity

Override source key in inputs.conf Hello, We are helping our indexers get through a bout of too-many-sources. We've applied the short-term solution (a... by mixolydian Path Finder in Getting Data In 12-05-2011 1 3	1	3
Why splunk forwarder not send the same data from WinEventLog:Security This is what I get from universal forwarder : Message=Security Enabled Global Group Member Removed: Member Nam... by TheGU Path Finder in Getting Data In 12-04-2011 0 1	0	1
formatting Windows Eventlog in Unix Splunk Using Splunk indexer (Linux)+ Forwarder v4.2.4 at some Windows Servers. Forwarding is working but cant see details of... by sneuser New Member in Getting Data In 12-04-2011 0 2	0	2
cannot download splunk 4.2.4 I have tried to download splunk-4.2.4-110225-linux-2.6-amd64.deb but: 1. The browser (firefox and chrome) hasn't st... by pervoliner Engager in Getting Data In 12-02-2011 3 8	3	8
Indexing Latency Chart It would be both useful and interesting to be able to graph the indexing latency for various data sources or hosts ov... by rotten Communicator in Getting Data In 12-01-2011 5 3	5	3
totally redundant 2 node cluster How to accomplish? Right now, I have two indexers with distributed search, but they each have separate indexes, so i... by mmattek Path Finder in Getting Data In 12-01-2011 0 4	0	4
Prevent header row from being indexed I am receiving duplicate header rows in my output.csv. How do I prevent the header row from being indexed? my props.... by efelder0 Communicator in Getting Data In 12-01-2011 0 1	0	1
Wildcard for subfolders I need to index a CSV file that gets created daily in a folder with that day's name on it. So today's path is ..lo... by joshftx Explorer in Getting Data In 11-30-2011 0 3	0	3
Importing data Hello, I am going to set Splunk up on a test rig for work as a possible tool that might be used. If snare is install... by j666gak Communicator in Getting Data In 11-30-2011 0 1	0	1
Getting "unclean shutdown detected" alerts and "fast recovery" prompts on splunkd start-up after 4.2 upgrade Since I upgraded my indexer to 4.2, I very frequently see the following output on Splunk start-up : [root@splunk-inde... by hexx Splunk Employee in Getting Data In 11-30-2011 5 4	5	4
Can multiple indexers write to a single index My question is about Splunk topology. Can multiple indexer processes write to a single physical index? Or is there ... by jamesoconnell Path Finder in Getting Data In 11-30-2011 1 12	1	12
Inputs.conf I have this in my inputs.conf _whitelist=(\.log\|log$\|^messages\|^secure\|mesg$\|cron$\|acpid$\|\.out) Can anyone help me... by hartfoml Motivator in Getting Data In 11-30-2011 1 3	1	3
Splunk forwarder not working Hello I couldnt see the log files indexed in splunk Could you please help and mafdetlogindexer is the index name in t... by vramali1 New Member in Getting Data In 11-29-2011 0 2	0	2
Convert datetime(in user format) extracted from field to splunk understandable format I have time logged in as the below format .... 2011-11-18T00:00:00 .... I am able to extract that time using field ... by adityapavan18 Contributor in Getting Data In 11-29-2011 0 2	0	2
Parametrized universal forwarders in a distributed env. Perhaps I'm missing out on something but I haven't found details in the Splunk documentation about how we can setup g... by greg0ry Engager in Getting Data In 11-29-2011 0 2	0	2
monitoring splunk server(s) Hi, I would like to know if there is a 'best practice' document around the topic of monitoring and alerting about a s... by mflamerich Explorer in Getting Data In 11-29-2011 1 1	1	1
splunk's internal logs for indexing process hi... I have huge amount of data to be indexed and all of them are being indexed with 1 log format (sourcetype) but s... by nina15 Communicator in Getting Data In 11-28-2011 0 4	0	4
Source type is not setup properly and field extractions are not working I need to monitor/splunk multiple files in a directory "/app/products/xxxx/yyy/logs/" This directory has files like... by desi-indian Path Finder in Getting Data In 11-28-2011 0 3	0	3
scripted input batch script cant access files in same dir Hi, My Windows batch script executes a bin file and uses a text file to hold the state of the last execution, all th... by rlourenco Engager in Getting Data In 11-28-2011 0 3	0	3
Firewall Services Search Need a search to list the top 25 non-http and non-https services people are connecting to through my ASA. Does anyon... by gharpe2 Explorer in Getting Data In 11-28-2011 0 3	0	3
Notify Splunkd about a new index after move Hi, In my cold to frozen script I copy the bucket to another server. The second server is used to access the older e... by joonradley Path Finder in Getting Data In 11-28-2011 0 2	0	2
Firewall Traffic I need a search to show the top 25 non-http and non-https services going out of my firewall. Does anyone have a sear... by gharpe2 Explorer in Getting Data In 11-27-2011 0 1	0	1
Installing Splunk Light Forwarder on Linux We have two servers. One primary server (Debian Linux) running our software and a secondary server (also Debian Linux... by sipapress2go Engager in Getting Data In 11-27-2011 2 2	2	2
UDP:514 and source types I wonder if someone could please explain to me how to achieve the following - I am running Splunk 4.2.4 I have a spl... by beano500 Engager in Getting Data In 11-26-2011 0 7	0	7
Routing not working as expected I made the following edits in the to the local\props and transforms files in order to redirect all events coming from... by mikefoti Communicator in Getting Data In 11-25-2011 0 2	0	2