Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
250 results
Sorted by:
09-08-2021
09:49 AM
...retrained source types I see a few callouts for log files such as syslog but the majority of log files are not present in this list. Perhaps some of these types can be used elsewhere though? For example, I...
Labels
- Labels:
-
sourcetype
-
universal forwarder
03-22-2021
02:47 AM
On my Linux server the universal forwarder and Splunk_TA_nix are installed, at least df and cpu are enabled in inputs.conf. vi /opt/splunkforwarder/etc/apps/Splunk_TA_nix/local/inputs.conf [s...
- Tags:
- troubleshooting
Labels
- Labels:
-
troubleshooting
10-03-2019
01:42 AM
Discarding Specific type of traffic either on forwarder or indexer fails, I tried to discard it using blacklist on forwarder and nullqueue transform on indexer and both failed.
here is a log s...
03-07-2011
05:02 AM
1 Karma
Hi All,
I'm presently forwarding a number of different events to a receiver. It's working fine for complete events, (i.e 4729, 4728 etc.) but I would like to be able to forward on Both the E...
06-08-2019
06:55 AM
1 Karma
Hi,
i'm new to splunk , i just wounder what is the difference between override source type/index from forwarder and from indexer???
and also if i choose to override sourcetype of files in u...
06-20-2016
05:47 PM
Now this could be a case of RTFM, but I can't find this in TFM 🙂
I am trying to find some documentation on what the Universal Forwarder does when it can't connect to an indexer for various s...
06-23-2021
03:46 PM
Universal Forwarder installed on a Windows server using all default settings. Where can I find the stanza that has the types of events it is logging so that I can validate it received th
Labels
- Labels:
-
configuration
01-24-2022
09:17 AM
I am building a new Splunk environment, and due to the number of clients we have, we are building a simple distributed environment that consists of 1 Heavy Forwarder, universal forwarders all p...
Labels
- Labels:
-
heavy forwarder
-
props.conf
-
transforms.conf
12-05-2018
05:01 AM
1 Karma
...This data is then forwarded to one of the Indexers which does the indexing.
So far everything seems to be working, but for a few questions regarding the source type:
in inputs.conf in the e...
06-22-2016
01:53 AM
Hello,
I tested Splunk Light Trial version and this trial version is on Cloud service.
So I don't have a choice, I have to download the Universal Forwarder Credentials to configure the u...
