Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
801 results
Sorted by:
08-31-2021
12:59 PM
Hello, How I would write my Props Configuration (Tme Prefix, Time Format, LINE/EVENT Breaker...etc) for following HTML data source. A segment of HTML data from source file provided&n...
- Tags:
- PROPS-Conf-HTML
Labels
- Labels:
-
field extraction
09-09-2021
09:40 AM
Hello, I have issues to write PROPS configuration file for following csv file (please see screenshot below for sample data) with No Header on it. Five columns showed in the screenshot are all v...
- Tags:
- PROPS-CSVwoHeaders
Labels
- Labels:
-
field extraction
-
rex
11-03-2021
03:10 PM
...rite PROPS configuration file for that csv source file, since I am getting some error messages in timestamps and some extra columns at the beginning of events. Any help will be h...
- Tags:
- PROPSCONF-CSV
Labels
- Labels:
-
regex
06-26-2015
03:36 PM
1 Karma
...tanza is:
[monitor:///opt/inboundlogs/10.10.10.10/*_syslog.log]
host = 10.10.10.10
disabled = false
source = $HOSTNAME 10.10.10.10
sourcetype = vm_app
index = app_foo
The file name is /opt/i...
04-24-2013
05:46 PM
...plunk server split the events up correctly at time of indexing.
Is there an app I need to install to configure a receiver?
Should I have multiple receivers for different source types? Or do I m...
01-24-2022
02:43 PM
Hello, I am getting some error messages within my PROPS Configuration file to parse timestamp data. The sample file/event, my props configuration, and error message are giving below. Any help will b...
- Tags:
- PROPS Timestamp
Labels
- Labels:
-
field extraction
09-28-2021
09:12 AM
Hello, I have some issues writing a PROPS configuration file for the following source data stored in text file. I also used TIMESTAMP_FIELDS= timeStamp there, to have field v...
- Tags:
- PROPS with Fieldname
Labels
- Labels:
-
field extraction
02-08-2016
04:07 PM
1 Karma
...ecords have the client's IP address (or the source IP) in them.
Is there a way to configure Splunk so that it records the client IP in the record metadata? I would like the server to obtain this i...
02-16-2016
09:11 AM
Hello,
We would like to match all sources except the ones including /splunk/ in props.conf.
Example: No match for /opt/splunk/var/log/splunk/metrics.log and /opt/splunk/var/log/splunk/s...
