| | I didnt see any documentation on doing an upgrade to 64b. 1 2 | 1 | 2 | |
| | Is there a way to pass the result of a savedsearch to a script? For example, if the search returns: suser duser ... 2 2 | 2 | 2 | |
| | Some events flow into the Splunk instance via syslog sockets. For a brief period of time, the sourcetypes that came ... 1 3 | 1 | 3 | |
| | I have a .csv file that I'm indexing. There is no timestamp information in the .csv file, but there is a date in the... 2 5 | 2 | 5 | |
| | strptime() format expression examples Below are some sample date formats with strptime() expressions that handle the... 0 8 | 0 | 8 | |
| | The flash module for the map is in front of the nav dropdowns. This a known issue? Any work arounds? Something i ma... 0 2 | 0 | 2 | |
| | Splunk always seems to get this wrong. I have the following in a vain effort to correct this TIME_PREFIX=^ TIME_FOR... 2 10 | 2 | 10 | |
| | Is there a way to set tags based off a wild card value? IE I have the following hosts and I want to apply the 'test'... 0 2 | 0 | 2 | |
| | Is the output of 'splunk list monitor' clipped at all? I have a directory with (approx) 50 log files, but the outp... 3 4 | 3 | 4 | |
| | I am expecting to see each record as an event, but the result is not as expected. Some records are displayed as indi... 0 1 | 0 | 1 | |
| | If we have an indexer configured w/a raid 5 or raid 6 array is this going to negatively affect performance? 2 4 | 2 | 4 | |
| | I am currently running a eval version of Splunk 4.0.9 on a Windows 2008 64Bit Host. Our purchase of Splunk has been a... 1 1 | 1 | 1 | |
| | Hi, we are currently testing a Palo Alto app sec firewall and are sending some test logs over to the central indexer ... 0 6 | 0 | 6 | |
| | I would like to deploy Light Forwarders at our remote locations to act as a syslog server. Can light forwarder be con... 2 2 | 2 | 2 | |
| | I've got a summary index query which currently matches only one (1) event in my existing data. I've run the fill_sum... 0 3 | 0 | 3 | |
| | I've found how to get data from a remote users Security Log but we are after a centralised area to keep these logs. I... 0 3 | 0 | 3 | |
| | I am revisiting splunk to see if it will meet our goals. Right now I am working on the initial index of our data gat... 0 4 | 0 | 4 | |
| | Our indexer and all forwarders are running 4.1.2. Recently we developed a need to send events from our forwarders in... 1 3 | 1 | 3 | |
| | What is the relationship between size of logs received by Splunk indexing servers versus indexing volume? On the load... 0 1 | 0 | 1 | |
| | I have a deployment server app with a single inputs.conf file. [tcp://localhost:9997] sourcetype = tcp-raw index = p... 1 2 | 1 | 2 | |
| | I want to use Splunk to monitor the error output of a telephone switch. I can easily see the data by connecting to th... 0 5 | 0 | 5 | |
| | I have the following in inputs.conf: [udp://32004] host = custom_host connection_host = non... 3 3 | 3 | 3 | |
| | Hi, I have a development support question. We have an application that is integrated with splunk. We have a C++ p... 2 1 | 2 | 1 | |
| | we only want to save the log info for 2 weeks. I tried to set this up by modifying the frozen time, but it doesn’t s... 1 3 | 1 | 3 | |
| | Suppose I splunk a file and it is gzip'd on disk under the appropriate Splunk index directory. Then let's say I con... 1 1 | 1 | 1 | |
