Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
3,000 results
Sorted by:
08-17-2021
07:34 PM
which mode does the splunk forwarder support ? If push or pull mode is all supported, we want to know how to configure the different mode,and the disad...
Labels
- Labels:
-
deployment client
-
universal forwarder
12-23-2021
05:13 AM
...| collect index=sec_apps_summary source="savedSearch_1d" And earliest , latest setting as -1@d and @d . There is another SEARCH-2, that invokes the 'saved search' and the SPL starts l...
Labels
- Labels:
-
other
02-22-2022
09:45 PM
I have released an app for Splunk Enterprise. As Splunk Enterprise is kind of on-premise product and runs on customers' local host, I use file log to collect debug logs with reference to h...
Labels
- Labels:
-
app
09-06-2021
12:00 AM
I have been unable to get the universal forwarders to correctly collect the SMB Server audit logs. The inputs.conf file on the deployment server has the following stanza configured but there are no l...
Labels
- Labels:
-
inputs.conf
-
universal forwarder
-
Windows
02-17-2022
07:56 AM
Hello community,
on my desk, I have a pretty edgy request that is giving me quite a headache.
I would need to collect (with | collect) the output of a search in a new sourcetype created d...
Labels
- Labels:
-
saved search
4 weeks ago
...552aa7f9ebd704a91c8|{authType}|{ "message": { "number": "1856345" }, "transaction": { "sample1": "value1", "sample2": "value2" }}<|<|
I am looking for collecting data from both of above m...
Labels
- Labels:
-
join
-
stats
-
subsearch
-
transaction
06-08-2017
04:30 PM
Did i mess something or just compeletly don't understand what collect does. Below is may saved search and conf file, it returns results, it saved as report, it is scheduled seach, and it runs. h...
Show results in replies (3)
-
...For collect command index="" should be sufficient. However, there are some other considerations a...
-
Does the index already exist? Also, is there a reason you want to use collect instead of a s...
-
For collect command index="" should be sufficient. However, there are some other considerations a...
05-06-2021
06:36 AM
I have created a collection in app/local/collections.conf a matching lookup in app/local/transforms.conf I have 5 key fields which together for the unique key, the combination of these is also s...
Labels
- Labels:
-
lookup
