Hi,
I have about 500 hosts to configure syslog.global.loghost on multiple Vcenters. We are forwarding the logs to a Splunk Universal forwarder. Some ESX host servers keep g...
Hello,
I've tried parsing my Radius logfiles using this tutorial : https://fraserclark926577729.wordpress.com/2019/12/18/monitoring-windows-nps-logs-with-splunk/
So i created m...
Hello! Our Splunk server receives dc logs on a daily basis from another network team. Under Files & Directories in Data Inputs, I have the file path for those logs configured to be c...
We're using DB Connect v3.1.4 Occasionally, an SQL Query in a Data Lab Input gets changed. I need to know where the logfiles are located and if they are ingested into Splunk. That way, I can a...
Hey,
I have issues with parsing events, multiple events/records (raw data) are within the same event. Sample data and my props configuration file are giving below. How help will be highly a...
Hi, I am new to Splunk. How to search error messages in the logfile using SPL. I am using the below formats to search for error messages. source="sample_logcat.txt" host="debug" sourcetype="A...
Hi, I want to implement retention policy on logfiles, in the doc https://docs.splunk.com/Documentation/Splunk/8.0.3/Troubleshooting/Enabledebuglogging they didn't mention such a configuration, t...
Hello Splunk members! I have a CSV Lookup file with 2 columns ClientName HWDetSystem BD-K-027EY VMware I have an index with ASA Firewall log which I want to s...
I am getting the logfile imported to Splunk, but each line is an event with no field name. Can I break up the line into columns? If not, how do I parse the line to extract a number?
I...
How to calculate file size size which is indexed in splunk.
For example
xx1.log
xx2.log
two files indexed at splunk and i want to calculate the size of the source after index.