Getting Data In

Thread Info

TCP connection flowchart

Is there a TCP connection flowchart showing how the TCP connections are being established, controlled and closed betw...

by Legend in

Can't index data on network drives in (VirtualBox WinXP SP3)

Hello all, I got the problem, that Splunk is not able to index any data which is on the host system. Splunk itself...

by Path Finder in

Using a CSV to search

I am pretty sure this involves lookups but here is what I am attempting. I have a list of users in a CSV (users.cs...

by Explorer in

How to ask splunk to extract time_stamp only if time string is at the start of a line?

I tried to put the "TIME_PREFIX = ^" at props.conf at system/default, system/local, myapp/default, myapp/local but no...

by Engager in

How to get the number of "unique" request with splunk

We are currently looking for a way to find the number of "unique" request for a given event type with splunk. Like th...

by New Member in

The system cannot find the path specified.

Hello all, I am running Splunk 4.2.3 on WinXP 32Bit in VirtualBox. Everytime I try to add some files to my databas...

by Path Finder in

Forwarder / Indexer Transforms.

Hi guys, I have some universal-forwarders forwarding to an indexer (4.2.2) and all works great, i set the sourcety...

by Communicator in

Unable to pull Perfmon Counter for %Processor Time Windows 2003 32-bit

Has anyone seen the errors below and know how to correct? This same perfmon.conf is applied to both Windows 2008 64-b...

by New Member in

Splunk for Exchange App (i.e. activity monitoring app)

Is Splunk planning to create and/or provide a Splunk for Exchange App soon, to monitor emailing and other user activi...

by Splunk Employee in

Configure Splunk to use Exchange?

I'm in the process of evaluating Splunk within my company as a means to monitor certain server activity. I have a ...

by Engager in

Multi line Events parsing not working

Hi I have multilines events , splunk indexes the same event as multiple events. I want Splunk to consider the new...

by New Member in

How to recognize event time that is embedded in json string in epoch seconds?

I'm using "From files and directories" --> "Upload and index a file" to feed the data file. The file has data in foll...

by New Member in

OPSEC LEA for Solaris x86 intel based

Hi, is there any way to grab checkpoint log using Solaris x86 based? I see at splunkbase, the app only for SPARC. ...

by New Member in

Data flood protection on forwarder or indexers

Our splunk universal forwarders may be configured by our customers in terms of logs they want to collect and transfer...

by Path Finder in

Garbled Events in new Splunk installation on Debian

I recently installed Splunk on Debian 6. I created a TCP receiver on port 10000 and installed the Universal forwarder...

by New Member in

Forwarder stop accepting connections

This morning I opened a dashboard and was greeted with "results not found." I thought this was peculiar, so I started...

by Contributor in

Scripting to pull in logs from a URL

I am trying to create a script that will index retrieve Apache server logs but have been unable to figure out how to ...

by New Member in

I see splunk has some ".path" files in windows app bin directory. What are these for?

The windows app ships with some files that end in .path in the bin directory. How do these work? Is there any particu...

by Splunk Employee in

Problems with setting sourcetype through transformations.conf

This is driving me mad - have gone through the documentation and responses to queries in here but still can't get sou...

by Path Finder in

Labels not working on forms

I am creating a criteria form for a report. When I use "text" fields, the labels work fine. But if I use radio or dro...

by Communicator in

enter arbitrary date on a form, convert to unix time, and search based on date range

I'm probably making this too complicated, but I sense this should be easier than I'm making it out to be and I can't ...

by Contributor in

Can I run the universal forwarder with a 4.1x indexer?

Can I run a 4.2 universal forwarder with a 4.1x indexer, and a 4.1x deployment server? We are in the process of up...

by Path Finder in

Universal forwarder windows to syslog doesn't work

I am trying to get the Universal Forwarder to forward event logs (System and Security) from Windows to syslog on Linu...

by Path Finder in

Log time differs from time on splunk host

I'm running splunk in windows where the time is in PST. I read logs in GMT time, so when I search for most recent,...

by Path Finder in

Indexing xml log file input

I have a log file wherea typical line entry is as below ... I am trying to construct REGEX to be included in the "tra...

by Path Finder in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

TCP connection flowchart

Can't index data on network drives in (VirtualBox WinXP SP3)

Using a CSV to search

How to ask splunk to extract time_stamp only if time string is at the start of a line?

How to get the number of "unique" request with splunk

The system cannot find the path specified.

Forwarder / Indexer Transforms.

Unable to pull Perfmon Counter for %Processor Time Windows 2003 32-bit

Splunk for Exchange App (i.e. activity monitoring app)

Configure Splunk to use Exchange?

Multi line Events parsing not working

How to recognize event time that is embedded in json string in epoch seconds?

OPSEC LEA for Solaris x86 intel based

Data flood protection on forwarder or indexers

Garbled Events in new Splunk installation on Debian

Forwarder stop accepting connections

Scripting to pull in logs from a URL

I see splunk has some ".path" files in windows app bin directory. What are these for?

Problems with setting sourcetype through transformations.conf

Labels not working on forms

enter arbitrary date on a form, convert to unix time, and search based on date range

Can I run the universal forwarder with a 4.1x indexer?

Universal forwarder windows to syslog doesn't work

Log time differs from time on splunk host

Indexing xml log file input

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Forwarding all logs from HF to third-party using s...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025 🎉

Getting Data In

Are you a member of the Splunk Community?

Discussions