Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
197 results
Sorted by:
3 weeks ago
On my Linux server the universal forwarder and Splunk_TA_nix are installed, at least df and cpu are enabled in inputs.conf. vi /opt/splunkforwarder/etc/apps/Splunk_TA_nix/local/inputs.conf [s...
- Tags:
- troubleshooting
Labels
- Labels:
-
troubleshooting
10-03-2019
01:42 AM
Discarding Specific type of traffic either on forwarder or indexer fails, I tried to discard it using blacklist on forwarder and nullqueue transform on indexer and both failed.
here is a log s...
03-07-2011
05:02 AM
1 Karma
Hi All,
I'm presently forwarding a number of different events to a receiver. It's working fine for complete events, (i.e 4729, 4728 etc.) but I would like to be able to forward on Both the E...
06-20-2016
05:47 PM
Now this could be a case of RTFM, but I can't find this in TFM 🙂
I am trying to find some documentation on what the Universal Forwarder does when it can't connect to an indexer for various s...
12-05-2018
05:01 AM
1 Karma
...This data is then forwarded to one of the Indexers which does the indexing.
So far everything seems to be working, but for a few questions regarding the source type:
in inputs.conf in the e...
11-11-2019
06:31 PM
I want to use forwarder to forward mail logs to indexer.
However, the log forwarded from the forwarder is displayed separately from the indexer.
how can i solve it.
start character: M...
06-22-2016
01:53 AM
Hello,
I tested Splunk Light Trial version and this trial version is on Cloud service.
So I don't have a choice, I have to download the Universal Forwarder Credentials to configure the u...
03-08-2020
04:29 AM
Hi Splunkers,
Splunk suggests to extract fields at forwarders for structured data, why? and what if i have field names in the log / no filed field names in the log?
I have a confusion that w...
10-01-2014
02:49 AM
1 Karma
Hello!
I need help to configuration a heavy-forvarder.
My data contain event of 9 types:
datetime1,type1,val1,val2,val3,...
datetime2,type2,val1,val2,val3,...
datetime3,type4,val1,val2,v...
- Tags:
- heavy-forwarder
04-26-2018
12:07 PM
...hat source types the Universal Forwarders are sending to this Heavy Forwarder.
The Heavy forwarder is not running in preview mode. I've run plenty of searches that report both UF/HF activity to t...
