Getting Data In

Community Activity

Why isn't this transforming? I've got some Active Directory logs which are CSV that I'm trying to split apart into appropriate fields. The header... by howyagoin Contributor in Getting Data In 07-10-2011 0 2	0	2
Issues with timestamps I'm trying to get Splunk to index the output from the Connect:Enterprise cmulist command. I run the command periodica... by MickSheppard Path Finder in Getting Data In 07-08-2011 0 2	0	2
need help setting up a blacklist Hi guys, Trying to make a custom blacklist for one of my input monitor points that excludes certain directories and... by balbano Contributor in Getting Data In 07-06-2011 0 1	0	1
Is there a TZ = US/Arizona Is there a timezone classification for = TZ/Arizona? by gekoner Communicator in Getting Data In 07-06-2011 0 2	0	2
Splunk Forwarder behavior Two questions: Does Splunk forwarder maintain some kind of log files (or for that matter anything) which might keep ... by smahtha Engager in Getting Data In 07-06-2011 0 1	0	1
Which forwarder to use? Hi, I wish to tag basic information in source data before I send it to Indexer. I wish to tag the host, sourcetype a... by rahiparikh Explorer in Getting Data In 07-06-2011 0 1	0	1
Retain "Facility" via TCP/UDP:514 Direct Indexing Hi, We're currently experimenting with having Splunk directly index our Syslog-NG logs. However, we seem to have lo... by hmsjclee Engager in Getting Data In 07-06-2011 5 6	5	6
Using fschange to monitor files on linux server from windows splunk server I have splunk running on windows. I want to monitor the /etc directory on a linux server with fschange. Is that pos... by tasdienes Engager in Getting Data In 07-06-2011 0 2	0	2
Use host tags or another mechanism for provisioning granular data access controls on 1000s hosts? We have a fairly large Splunk environment with several 1000 hosts reporting in. Within our business we have requireme... by pj Contributor in Getting Data In 07-06-2011 2 8	2	8
500 internal server error on localhost hello erik i i get this when i try run webping 500 Internal Server Error TypeError: 'NoneType' object is unsubscri... by raulandres New Member in Getting Data In 07-05-2011 0 2	0	2
Short hostnames appear as IP address I have a problem where I can not find syslog messages for certain hosts based on the "host" field. e.g. the search h... by mhaverkamp New Member in Getting Data In 07-05-2011 0 1	0	1
Universal forwarder stops monitoring a file due to alleged lock I have a universal forwarder set up to monitor an apache access log, on a Windows machine. Every few days I get the f... by spock_yh Path Finder in Getting Data In 07-03-2011 0 1	0	1
will future versions of WMI not prefix all the sourcetype values with wmi? Just curious if this is in the roadmap. It's more than a little inconvenient that when people use WMI, the sourcetyp... by sideview SplunkTrust in Getting Data In 07-01-2011 1 1	1	1
Search Results With Surrounding Text Anyone know of a way to search for something and show results for that along with just a few lines around that result... by charlestips Explorer in Getting Data In 06-30-2011 1 1	1	1
How can I omit the timestamp and host that splunk automatically add to my logs hi guys, I've added my first logs in splunk today. I notice that in the beginning of each row splunk has added a pref... by dadi Path Finder in Getting Data In 06-30-2011 0 1	0	1
FreeBSD 8.2 support? Has anyone successfully installed splunk 4.2 on FreeBSD 8.x? I'm getting the following error output on FreeBSD 8.2 f... by wwwdrich Explorer in Getting Data In 06-29-2011 0 3	0	3
WMI EventLog Filtering Realization (Actions executed leading to the disruption): We are currently trying to poll Windows 2008 servers with ... by CerielTjuh Path Finder in Getting Data In 06-29-2011 1 4	1	4
Basic Windows Event filter via Universal Forwarder I've seen various answers to this general area of questioning, but I'm wondering what the current best practice is. ... by bcecka Engager in Getting Data In 06-29-2011 1 2	1	2
Internet access is denied when the splunk service is stopped I have just installed and setup splunk to pull my syslogs from my ASA 5510 firewall. All records are flowing correct... by l8nite4me Engager in Getting Data In 06-29-2011 3 2	3	2
multiple timezone in syslog events I am trying to extract the correct timezone and time from the syslog event below. Jun 28 17:32:44 10.xxx.xx.240 Jun... by EricPartington Communicator in Getting Data In 06-29-2011 1 1	1	1
How to export > 10000 Events to a .csv via CLI with good performance? Hello, in Splunk 3 we were exporting during night time via cronjob 1-hour chunks of data from the previous day via C... by tpaulsen Contributor in Getting Data In 06-29-2011 0 2	0	2
dynamic sourcetype extraction problems Hi all, I am trying to setup dynamic sourcetype extraction, but no luck. sample message has json: {"id":"someid","t... by Ultracpp Engager in Getting Data In 06-27-2011 1 2	1	2
How to extract fields from a single file containing multiple sourcetypes, each with multiline events ? My source file is like: ============================ App01trace 3 0 393222 0... by mzorzi Splunk Employee in Getting Data In 06-27-2011 0 2	0	2
No python.exe included with universal forwarder? I have a need to import older Windows .evt files into my splunk environment. Since the splunk server is on linux I g... by chadroberts Path Finder in Getting Data In 06-27-2011 0 9	0	9
"Latest Event" on main search dashboard 12 hours ahead? I have a Prod and QA instance of Splunk with 2 forwarders. Prod is v4.1.4, QA is v4.2.2. Both of them show a "lates... by mmletzko Path Finder in Getting Data In 06-24-2011 0 2	0	2