Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
10,000 results
Sorted by:
02-13-2019
02:14 PM
...is the difference (aside from not removing a CR/LF)? What did I do wrong in the first one to cause Splunk to not actually prevent the data from being indexed? These are both in the etc/system/l...
06-11-2012
09:36 PM
I've struggled on this issue for the past few days and I can see to resolve it.
I've checked and rechecked my config.
None of my data gets indexed when my application is copied (with os path m...
10-17-2018
06:54 AM
The question pretty much sums it up.
I am wanting to get PerfMon data into a Metrics index and have been banging my head against it for about a week now. So far, I have been unsuccessful in my e...
Show results in replies (5)
-
...etting data. Collect perfmon data and wmi:uptime data in metric index 3.) Make sure the entire stack i...
-
...ourcetype=Process, host=servername, index=winmetrics. Metric event data without metric name is invalid and w...
-
...erfmon data and wmi:uptime data in metric index And as per Compatibility between forwarders and S...
-
...erfmon-data-to-metrics-index.html
-
...owever do not provide the data in a way that the Metrics index will accept. What I am aiming to do is c...
12-04-2019
03:06 AM
...to index=main.
Have someone faced this issue, then pls suggest what needs to be done so that the data can be moved to the right index.
09-30-2020
03:48 AM
Hello, I am using Splunk Enterprise 7.3.2. and I have structured event data within an events index that I am trying to convert into metrics data so that I can store it in a metrics index. I a...
Labels
- Labels:
-
index
-
other
-
sourcetype
-
time
06-15-2016
08:35 AM
...onnection_host = ip
disabled = 0
I would like to find what data is coming in on these ports, set them all up to come in on 9997, and send them to their own index, so that I can allow the managers of that data...
04-17-2019
12:23 PM
...roubleshootHTTPEventCollector#Possible_error_codes) says that is a Token disabled, but it doesn't say how to check for that)
I'm running it in a Windows Server 2012. don't know what more can i do now.
11-09-2017
07:26 AM
...nd when that didn't work, I edited inputs.conf and added index = "myIndex", but the data still shows up with index = "os".
Here's what the files look like now.
$ cat ~/etc/apps/Splunk_TA_nix/d...
05-14-2020
02:18 PM
...ttp_event_collector_metrics" .
Some data has been sent to it for testing.
Can someone explain what I'm seeing when looking at the entry below?
{ [-]
component: HttpEventCollector
data: { [-]
f...
12-01-2020
07:53 AM
...oving forward with RAID 0 configuration as it will halve our storage requirement and will provide good IOPS atleast. Is anyone using RAID 0 on prods for indexers? I managed few with reducing on data...
Labels
