Getting Data In

Discussions

Thread Info

universalforwarder 4.2.1 unable to connect to index server 4.2.1 with sslv3

have enabled SSLv3 on splunk 4.2.1 index server and universalforwarder 4.2.1, universalforwarder doesn't seem to be a...

by Path Finder in

How to monitor http web pages and splunk the results?

Hello I'm looking to set something up that calls a bunch of http webpages that run on some of our boxes that need ...

by Communicator in

Monitoring timestamp rotation log files

Hi, I am not sure if out of box solution there for log rotation, when you are adding the file or directory. We are u...

by Path Finder in

Scheduling csv view/dashboard delivery

Hello, i want to schedule email export csv for the view/dashboard like the pdf server : I know do it for search...

by Explorer in

Re-index after changing props.conf?

Yesterday afternoon I updated a number of files which had missing data in them in a directory which Splunk's tailing ...

by Contributor in

snare Sourcetype

Hi all, i'm running splunk 4.2.1 i need to take windows log by snare agent. When i create a data input and select ...

by New Member in

Using cidrmatch with a CSV file throws error.

I am trying to match a list of CIDR ranges in a csv file to hosts that are going outbound on our network...basically ...

by Explorer in

source::.../ in props.conf sourcetype stanza appears to be causing high overhead

I have a customer that set up the followin sourcetype spec in props.conf. on an AIX installation. /opt/usi is at the ...

by Splunk Employee in

ERROR TailingProcessor - Ignoring path due to: This key could not be found : _MetaData:Index

I checked out the new Universal Forwarder and ran into some problems that I dont understand. First I configured the ...

by Contributor in

How can I fix the timestamp parsing?

I have a log file that has entries like: 2011 May 03 14:20:25:923 GMT +2 BW.AFSAdapter-AFSAdapter blablabla So...

by New Member in

windows universal forwarder events not parsing on receiver

Hello, Using Splunk 4.2 (96430) for both a Universal Forwarder and a regular/receiver installation, on Windows Server...

by New Member in

How to split a file into events based on multiple criteria?

Hello I have a log file that has two different types of events in it. Events that look like this <logtime="201...

by Communicator in

UDP syslog seprate index for specific hosts

Hey Guys, I have multiple host in my network using UDP:514 syslog to main index in splunk but now i want to create...

by Explorer in

TIME_FORMAT, it's May, not January

Overnight I noticed that my Splunk was suspiciously empty for a specific CSV file which was read in daily. Upon fu...

by Contributor in

After enabling Universal Forwarder in Splunk 4.2, and restarting, it crashed?

When I enable Universal Forwarder in core Splunk 4.2, after restart, it crashed.

by Splunk Employee in

Extracting fields from a simple KV input

I'm a trying to index multi line key value (KV) data from a TCP input. I have full control of the input so I can modi...

by Explorer in

universal forwarder

I have already installed full splunk on my server1.I want that server1 send data to another splunk server2.Can I inst...

by Explorer in

splunk forwarder

Can 4.2.1 Forwarder send data to 4.1.6 Indexer?

by Explorer in

Timestamp with different field name?

My timestamp is contained in a field called SESSION_TIMESTAMP. Is there a way I can map the Splunk "understood" times...

by Path Finder in

Some questions on migrating to 4.2 forwarders

Hi, 1) I've read the article on migrating a light forwarder. However I've some heavy forwarders in use and wonder ...

by Contributor in

Splunk insisting on Auto-finding CSV fields?

Hello, Splunk is insisting on trying to auto-find headers in a tab-delimited CSV file for which I have manually de...

by Path Finder in

Break Log file with header and details into events

I have a log file that looks generally like this Header data time=xxxxxx databasename=yyyyyyy numberortables=xx...

by Explorer in

How do you handle traffic spikes from servers?

Our developers tend to use syslog, um, carelessly. For example, one server yesterday decided to send out 1000 identic...

by Influencer in

configure forwarding in splunk

How do I configure forwarding in Splunk?I have splunk running on linux server and I want that Splunk sends events to ...

by Explorer in

deployment-server question

in this manual http://www.splunk.com/base/Documentation/latest/Deploy/Extendedexampledeployseveralstandardforwarders ...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

universalforwarder 4.2.1 unable to connect to index server 4.2.1 with sslv3

How to monitor http web pages and splunk the results?

Monitoring timestamp rotation log files

Scheduling csv view/dashboard delivery

Re-index after changing props.conf?

snare Sourcetype

Using cidrmatch with a CSV file throws error.

source::.../ in props.conf sourcetype stanza appears to be causing high overhead

ERROR TailingProcessor - Ignoring path due to: This key could not be found : _MetaData:Index

How can I fix the timestamp parsing?

windows universal forwarder events not parsing on receiver

How to split a file into events based on multiple criteria?

UDP syslog seprate index for specific hosts

TIME_FORMAT, it's May, not January

After enabling Universal Forwarder in Splunk 4.2, and restarting, it crashed?

Extracting fields from a simple KV input

universal forwarder

splunk forwarder

Timestamp with different field name?

Some questions on migrating to 4.2 forwarders

Splunk insisting on Auto-finding CSV fields?

Break Log file with header and details into events

How do you handle traffic spikes from servers?

configure forwarding in splunk

deployment-server question

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions