| | I was moving some buckets around to make some space on my main storage volume. I know the db_* directories are compl... 3 5 | 3 | 5 | |
| | Would I be able to rename a "Source Type" after the data got already indexed into Splunk? Can I rename a type of pat... 1 2 | 1 | 2 | |
| | On the system affected, I cannot visit the "Manager" page under any the apps except search. I tried to visit the "man... 0 1 | 0 | 1 | |
| | The splunk cold storage file system is 100% full. I'm relatively new to splunk & not sure the proper way to purge. 0 3 | 0 | 3 | |
| | Situation: SSL enabled SplunkWeb. Enterprise evaluation license. Upon connecting to the log-in page, users are presen... 0 2 | 0 | 2 | |
| | I recently upgraded to 4.1.2 from 3.4.x. I needed to remove several hosts from our index, so I followed the instruct... 1 2 | 1 | 2 | |
| | It it possible to get the result of current splunk index to a new index files as a new source type? [ Already indexe... 0 3 | 0 | 3 | |
| | My Splunk server is listening to UDP port 514 for syslog information. How can I route data to a given index based on... 0 1 | 0 | 1 | |
| | Is there anyway to run an sql like 'plan' on a splunk search to determine efficiency? 5 4 | 5 | 4 | |
| | Another License questions, If the Enterprise Demo license got converted to Free license, Then purchase enterprise li... 3 2 | 3 | 2 | |
| | Instead of file being appended, if the file gets overwritted or rewrited, does splunk re-evaluates the entire file da... 1 1 | 1 | 1 | |
| | I have seen manytime where Splunk didn't copped either multi or single line data correctly ending up with events that... 0 1 | 0 | 1 | |
| | I have an ISA web log of the following format. Splunk doesn't correctly identify the timestamp in every event, even ... 4 2 | 4 | 2 | |
| | I had the Unix app running for a while on this instance and that was indexing a lot of data so I disabled the 'os' in... 1 1 | 1 | 1 | |
| | I'm trying to get Splunk SSO working with MS - Forefront TMG (we're thinking about deploying it as our proxy solution... 0 2 | 0 | 2 | |
| | I am trying to implement file integrity monitoring. I have configured fschange as follows: [fschange:/opt/bea/10_sp0... 0 6 | 0 | 6 | |
| | I have an "app" that I deploy with my 4.x deployment server. It sends savedsearches.conf, tags.conf, props.conf, eve... 0 2 | 0 | 2 | |
| | Anyone know the best way to monitor deployment activity of a splunk server? I've found DeploymentMetrics coming from... 0 1 | 0 | 1 | |
| | I see the same host in my Summary page in Search app with same event count. They are the same host but show up like:... 1 1 | 1 | 1 | |
| | In configuring Splunk to use LDAP, I'm seeing the following error in splunkd.log: ERROR authenticationManagerLDAP... 0 1 | 0 | 1 | |
| | I'm in the process of upgrading my deployment server to 4.x. I don't push configuration change that often and I hav... 0 2 | 0 | 2 | |
| | Hi everybody At the moment I've got about 170 indexes on my indexer. I What's the best practice limit of numbers of... 0 2 | 0 | 2 | |
| | Can someone shed light on the purpose of the _s _st and _h indexed fields? These seem to correspond to source, sourc... 0 2 | 0 | 2 | |
| | I have a pair of Search Servers A + B , these are fronted by a Load Balancer so the users just go to a single IP Addr... 2 2 | 2 | 2 | |
| | I'm having an issue with my summary index. I have a search which results in 48000+ events. I saved the search and en... 1 1 | 1 | 1 | |
