Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Search
Splunk Community
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
8,000 results
Sort by:
08-16-2015
05:07 AM
...otally naive to SPLUNK. I have followed configuration steps, but I didn't find the logs on "$SEPM_HOME/data/dump"
06-03-2015
01:48 PM
1 Karma
I just loaded Splunk 6.2.3 and am forwarding event log events from my laptop running Windows 7. Everything looks OK except I cannot see any "EventLogDescription" data in Splunk. Was this a...
03-18-2015
09:10 AM
Hi, I'm new to Splunk.
I signed up for the Cloud trial.
When I first logged in I was presented with a "file upload" form to add data into Splunk.
I can't seem to find that form now (after a f...
07-08-2019
07:31 AM
...ourcetype=DataSource event="GRANTED"
| stats max(_time) AS lastUsed by Username
| rename Username AS samAccountName ]
So I get my lookup list of users, start the subsearch pull back a l...
11-30-2011
07:21 PM
...is-pic\PM\PMLog\PMLog.txt20111126
\\aaasvr\iis-pic\PM\PMLog\PMLog.txt20111128
\\aaasvr\iis-pic\PM\PMLog\PMLog20111128.txt
but in my source data, only one file (\\aaasvr\iis-pic\P...
11-27-2024
04:54 AM
I am trying to configure Splunk to ingest only application, system and security logs from my local machine. But I can't find "Local event log collection" on my Splunk enterprise on my MacBook.&n...
Labels
- Labels:
-
Mac
03-15-2024
12:03 AM
我現在遇到一個問題,我在SH放置好一個apps並連到uf上,在uf上也有監控到資料路徑, 但我在search時就沒有辦法找 以下是我的 inputs.conf: [monitor:///tutorialdata/www*/access.log]
index = web
host_segment=2
sourcetype = web:access
[m...
Labels
- Labels:
-
host
-
index
-
props.conf
10-05-2016
06:10 AM
...}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}
token.4.replacementType = timestamp
token.4.replacement = %Y-%m-%dT%H:%M:%S
Now the below were some of the events in my .csv file which I'd kept in samples d...
07-24-2013
02:10 AM
...The difference with these events compared to the ones with my new source type is that now Splunk tells me it found 133 events but I can't see them, with the new source type Splunk doesn't find any e...
04-25-2017
12:29 AM
...ight source type, and for some reason I can't find the data input under "Data inputs" to edit it.
If I want to go to Add Data > Forward it tells me that "There are currently no forwarders c...
