Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
9 results
Sorted by:
10-01-2010
06:55 PM
1 Karma
Greetings! I'm still super new to splunk, so please be gentle :)
I am trying to extract a timestamp from CSV records.
A single CSV can contain N records. Each record has its own timestamp, but the ti...
07-24-2013
12:45 AM
I've implemented per-event source types assignment as described here: http://docs.splunk.com/Documentation/Splunk/5.0.3/Data/Advancedsourcetypeoverrides Basically it works. For events matching a R...
12-04-2018
10:20 AM
I've heard that using Splunk's default source type detection is flexible, but can be hard on performance. What is the best way to define source types that keeps performance speedy?
03-20-2019
01:55 PM
Both servers is CentOS 7
One with Splunk Enterprise 7.2.5
Splunk App for Infrastructure 1.2.3
Splunk Add-on for Infrastructure 1.2.3
one with Splunk Universal Forwarder 7.2.5
Error messa...
04-13-2010
05:25 PM
1 Karma
Hello,
System type: Linux
We have splunk running on our centralized syslog-ng server. We then have other servers forwarding syslog traffic to it. Those logs are then stored in their own f...
05-22-2014
04:01 PM
...nchqq-asa4-ncic\2014-05-22\daily-syslog.txt
\anchqqsw108m\logs\betast-asa4\2014-05-22\daily-syslog.txt
The source type for the log monitor (\anchqqsw108m\logs) is set to automatic.
Do I h...
08-21-2014
02:17 AM
1 Karma
Index time field extraction & Search Time field extraction
How do both differ ? Which has less performance impact of search query ?
09-24-2012
10:35 AM
1 Karma
I've seemingly installed the InterMapper app according to the directions, yet the sourcetype is syslog_forwarded instead of InterMapper. Where would that be configured?
9/24/12
10:27:29.000 A...
07-31-2010
12:27 PM
1 Karma
...ausing the data to be tagged with both sourcetypes.
DATA1
Aug 2 21:54:32 10.1.2.3 tmm[1853]: Rule syslog_http : HTTP,10.1.2.4:5804,vs_https_oursite,4.4.4.3:49788,oururl.com,/somepath,10.1.2.5:7...
- Tags:
- regex
