Getting Data In

Discussions

Thread Info

Setting up syslog on a wireless router

I have configured Splunk to capture syslog data on UDP:514 of my router but do not see any log data being captured, n...

by New Member in

keep some events and discard the rest

i have a huge log file with events, i need to keep around 20-30 events and discard the rest. I have used a stanza in ...

by Engager in

Index files in order of timestamp or record file timestamp as a field

I'm indexing a bunch of CSV files provided by an external vendor over ftp ( mapped or synched to my local drive ) the...

by Explorer in

How to test succesful Universal Forwarder installation?

I've installed the universal forwarder on a windows client to forward the data to my central log collecter which is a...

by New Member in

Can the universal forwarder route based on field found in the log message?

A file I am monitoring looks something like the following [timestamp] index=layer1 message="123456" [timestamp] in...

by Communicator in

Is it possible to manage Forwarders with mounted knowledge bundles?

I'm considering a Splunk cluster setup, where the Search Heads and Indexers (Peers) will be managed using mounted kno...

by New Member in

Splunk forwarder config not working

since are trying to separate out splunk forwarder config ("inputs.conf") according to indexer. we defined forwarder c...

by New Member in

search/jobs/export does not return results with empty column headers

I using the following command to retrieve a particular macro search result. curl -k -u admin:admin https:// ...

by Engager in

Monitoring files from multiple inputs

How can I set my monitor in inputs.conf so that both of these directories are monitored- 1./var/lib/usr 2. /var/lib/n...

by Engager in

Exchange App (Lookup - Database Information) not working

I'm setting up the Exchange App, data is received in the correct indexes however I'm not seeing data in all the dashb...

by Path Finder in

Define a default date format per Database

I've realised that there is no default Date format, so every date is in timestamp format, and so not readable for the...

by Builder in

How would you determine if data is pre-parsed?

We have three (Windows 2008 R2) domain controllers sending events to a single Splunk collector. We need to reduce ou...

by Explorer in

Timestamp detection fails

I try to parse out the timestamp of this line: Jun 3 17:39:09 svlog.myserver.net svdcdev 04/29/2013 09:14:37 AM ...

by Contributor in

Scripting Question

I am looking for some assistance to be able to script this lookup for windows systems tasklist /fo csv /v any i...

by Path Finder in

Can I configure index to replicate in clustering environment?

I am thinking to use data duplication function in clustering environment. As I do not need to duplicate summary index...

by Builder in

Why is my DBconnect input behind so far?

I have set up DB Connect on my Splunk 4.3 installation to provide an input that tails log data from a table. I didn't...

by Path Finder in

Extracting many "long key name" = "value" pairs from DB2's log files

Working on extracting some Key/Value pairs out of DB2's log files. I have a file like this: [...snip...] Buffe...

by Communicator in

Can you get a list of raw tcp ports being monitored from just an index name?

My app is sending events to a TCP port that Splunk is monitoring. Rather than make the port number part of the config...

by Communicator in

Converting a Huawei 450 byte binary cdr into a text file

Good Afternoon! Does anyone have perl script or other method for converting a Huawei 450 byte CDR into text for use i...

by New Member in

Forwarder Data Input recommendations for Windows servers - different roles

Best recomended practices - Data Input config for Windows servers with the following roles IIS - SQL - Domain Control...

by New Member in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Setting up syslog on a wireless router

keep some events and discard the rest

Index files in order of timestamp or record file timestamp as a field

How to test succesful Universal Forwarder installation?

Can the universal forwarder route based on field found in the log message?

Is it possible to manage Forwarders with mounted knowledge bundles?

Splunk forwarder config not working

search/jobs/export does not return results with empty column headers

Monitoring files from multiple inputs

Exchange App (Lookup - Database Information) not working

Define a default date format per Database

How would you determine if data is pre-parsed?

Timestamp detection fails

Scripting Question

Can I configure index to replicate in clustering environment?

Why is my DBconnect input behind so far?

Extracting many "long key name" = "value" pairs from DB2's log files

Can you get a list of raw tcp ports being monitored from just an index name?

Converting a Huawei 450 byte binary cdr into a text file

Forwarder Data Input recommendations for Windows servers - different roles

Observability Highlights | January 2023 Newsletter

Security Highlights | January 2023 Newsletter

Platform Highlights | January 2023 Newsletter

How to configure Azure functions to pass the loggi...

Is it possible to send Jenkins custom logger to Sp...

Why do I receive SSL alert number 40 with selfsign...

Why am I unable to call HEC instance from Splunk C...

How do I correctly index github enterprise logs?