...ag::host=VPN). Sourcetype and sourcefor this VPN log data is shared with many different typesofdata (e.g. sourcetype=syslog).
I have many different hosts for this VPN data and their IP addresses c...
I've heard that using Splunk's default sourcetype detection is flexible, but can be hard on performance. What is the best way to define sourcetypes that keeps performance speedy?
Hi,
We currently use 6.6.2 and we rely on summary indexes to avoid recalculation of old data.
We want to evaluate Splunk 7's metrics but we find that summary indexes are not supported. Is t...
...oginResonse" and "return>" so I set up a field extraction of:
Manager->Field->Field Extraction->New
- Destination App - Search
- Name - LoginResponse
- Apply to - source ...index......
...dded a regex expression for the host too).
I see from $SPLUNK_HOME/en-GB/manager/search/data/inputs/monitor the Data Input I added and it says 4 under the Number of files
But I don't see a...
...hat sort ofdata should I start getting in? What dashboard should I build? They've started...but need that ah-ha example to see how this tool will fit into their existing environment and w...