Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
219 results
Sorted by:
11-22-2015
10:04 PM
Hi,
I've got a universal forwarder and I'm trying to monitor C:\Windows\System32\winevt\Logs . I've tried 2 solutions: CLI and Inputs.conf.
CLI: Splunk add monitor C:\Windows\System32\winevt\...
04-08-2010
10:12 PM
2 Karma
...ocation is restricted to a subset of the otherwise generally available set of conf directories, as listed in this topic:
http://www.splunk.com/base/Documentation/latest/Admin/Wheretofindtheconfigurationfiles
09-10-2020
05:39 AM
Hello all, I have what is probably a pretty basic question about configuration files. I know the precedence goes like this: 1. System local directory -- highest priority 2. A...
Labels
- Labels:
-
indexer
11-22-2016
10:25 AM
I have hundreds of logs in my directory. I need the entire data from each log to be represented as one event. May I know what settings I should use in props.conf to represent each log file as an s...
10-05-2016
08:10 AM
2 Karma
After upgrading from Splunk Enterprise 6.4.3 to 6.5.0, the ldapsearch in Splunk Supporting Add-on for Active Directory (2.1.3) is now getting the error - "SSL configuration issue: invalid CA public k...
07-28-2014
06:49 AM
1 Karma
Hi,
I need to monitor two catalina logfiles that are in the same directory, but have different formats (and sourcetypes).
The naming convention is ../catalina.YYYY-MM-DD.log and catalina.out.Y...
- Tags:
- inputs.conf
03-02-2017
04:29 PM
...ailingProcessor - Parsing configuration stanza: monitor:///logs/sam/ct/sactws0*/.../web.
02-04-2015
06:59 AM
Hey Guys,
I'm trying to index Data via File Monitor
[monitor://D:\CDR]
disabled = false
index = cdr
sourcetype = cdr
This works just fine, but now I want to separate the files in this D...
- Tags:
- inputs.conf
- monitor
02-17-2017
02:44 PM
...he $SPLUNK_HOME/etc/apps/SA-ldapsearch/local directory, and in which file.
It was a real pain getting the LDAP server certificate for STARTTLS in the first place (had to resort to wireshark), but n...
08-05-2016
02:06 PM
...refs.conf that has TZ in it. Can anyone shed light on why Splunk would ignore the configuration even though it shows up in btool?
PS, this is a shcluster, so that's why the file is in default.
T...
