Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
4,000 results
Sorted by:
04-27-2022
04:19 PM
Get data from Universal Forwarder, but 100MB data takes an hour Do you have any settings to speed up?
Labels
- Labels:
-
inputs.conf
-
universal forwarder
03-02-2022
06:52 PM
I have configured Heavy Forwarder to collect and forward syslog data to our Splunk Indexers. We purposely don't wish to use syslog server for the log collection due to other reasons. Now we also h...
Labels
- Labels:
-
heavy forwarder
08-26-2021
03:04 PM
I am trying to implement a simple Splunk system on my local computer to learn a bit about how you set up forwards and get data into Splunk. I am running Splunk Enterprise on a CentOS 8 v...
Labels
- Labels:
-
universal forwarder
04-06-2022
09:08 PM
hi all,
how can i send the same data from one universal forwarder to multiple universal forwarder ?
is there a way to configure this ? if yes, please tell me the process.
Labels
- Labels:
-
configuration
Show results in replies (4)
-
it should be the same way you generally forward data to indexing tier [tcpout] d...
-
can we transfer the same data from SplunkUF to two different groups? @PickleRick @m...
-
It's not that simple. Splunk counts the licence usage based on raw data that is written to i...
-
Yes you can but it will hit the license meter twice so you need to cautious about that. ...
01-11-2021
06:30 PM
1 Karma
Hello, I need to check to see if Syslog data is reaching my forwarders. What would be the best query to use to check this?
Labels
- Labels:
-
heavy forwarder
02-14-2022
04:50 PM
...as paused the data flow. Forwarding to host_dest=<indexer_ip> inside output group default-autolb-group from host_src=<UF_server_hostname> has been blocked” which appears to be relevant....
excerpts from UF logs.pdf (67 KB)
Labels
- Labels:
-
indexer
-
universal forwarder
12-17-2021
06:17 AM
Hello splunkers, i need to understand the best way to forward my data in multisite indexer cluster for Disaster Recovery management: For example, we have: On Site A 1 manager node (a...
Labels
- Labels:
-
other
02-18-2020
11:40 AM
...seACK = false
Note :-
The configuration for forwarding the data to syslog can be found under [tcpout:forwarders_syslog]
The following errors are found on splunkd.log when the heavy forwarder t...
06-10-2019
08:20 AM
Hello all,
I have a working universal forwarder that happily sends data to my Enterprise indexer.
The data shows up under the forwarder's hostname on the indexer.
I would like to have a c...
09-03-2021
07:15 AM
