Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
4,000 results
Sorted by:
10-28-2020
02:11 AM
1 Karma
...etch such events it is better that we use one syslog server and install UF to monitor and send events written in syslog server. However I saw their is an add-on named as "Splunk add-on for Netscaler C...
Labels
01-02-2021
12:50 AM
...esource on all Splunk Cluster VMs: 12Core CPU(2.4Ghz) 20GB of Ram and SSD in all splunk VMs note (i dont use any event filtering or special process on data in HF in yet , just data get in and forward...
- Tags:
- heavyforwarder
- syslog
Labels
08-22-2019
07:08 PM
Below is my use-case (Heavy Forwarders -> Indexers). Need expert assessment.
1) I have very huge log files.
2) So, I have used heavy forwarders to cut down data at source using REGEX t...
07-08-2016
05:39 PM
Hello,
I have a setup that consists of a Search Head and 2 indexers in a cluster. I also use a self signed SSL certificate between the indexers and my universal forwarders.
For some reason, m...
09-09-2013
05:00 AM
...erver
Everything works find except that ALL the data that gets forwarded as syslog ALSO gets indexed and there seems to be no way to avoid this. There is no way to filter the incoming data stream an r...
02-01-2021
09:08 AM
...ctually use the inputs.conf on the TA we built for UFs, that tells those UFs to clone their data for the heavy forwarder, to start monitoring IIS logs (in other words, not changing anything on the HF), i...
Labels
11-02-2017
05:30 AM
one of our end-user clients have massive information stored in ELK stack. Our company needs to collect those data into Splunk using Splunk Universal forwarder . They can't send us fluentd due to f...
10-25-2010
05:21 PM
A client is interested in the best ways to generally get data into Splunk without installing forwarder on all their machines. Is there a doc on this somewhere?
I can start with:
Decide to use...
10-19-2017
09:32 AM
...ork. I'm not receiving any events and I've checked in the actual file I'm forwarding - there's data in there.
Basically all events for sourcetype=csi_pclog need to be dropped, except events with t...
08-12-2020
01:06 PM
...ame to know this uses some polling mechanism as against to UFs which push the data. I've worked with UFs only in the past. Network traffic or intermediate forwarder as a bottleneck,Could these be a r...
Labels
