Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
8,000 results
Sorted by:
07-27-2020
01:46 AM
Hello, In one of the windows machine logs (path: C:\servicedesk\logs) sending via the universal forwarder to Splunk. So I created inputs.conf and below are the monitor paths, so now am getting l...
- Tags:
- Any
Labels
- Labels:
-
configuration
11-30-2011
09:32 AM
1 Karma
I have this in my inputs.conf
_whitelist=(\.log|log$|^messages|^secure|mesg$|cron$|acpid$|\.out)
Can anyone help me understand what are the " ^ " and the " $ " are used for?
- Tags:
- inputs.conf
05-25-2021
09:07 PM
I have a host that I am receiving logs into my heavy forwarder and that works fine. I now have a new log source on the same host and the entry in my inputs.conf is not passing the data I need t...
Labels
- Labels:
-
inputs.conf
12-03-2020
10:07 AM
...hey talk about modifying the file "props.conf" and "transforms.conf" what is the difference between doing it from inputs.conf and the other way? inputs.log [monitor:///folder/folder/folder/i...
Labels
10-06-2023
05:38 AM
Hi Splunkers, I have a problem with a blacklist filter. On customer's UF, we filtered out some events changing the inputs.conf file. The ones based on comma separated list, like Windows EventID, a...
Labels
12-28-2022
07:25 AM
I'm working on an input.conf from a universal forwarder when I noticed the first stanza is missing a ] ex: [WinEventLog://Application instead of [WinEventLog://Application] Since I d...
Labels
- Labels:
-
inputs.conf
-
universal forwarder
03-30-2023
12:29 PM
Im a splunk admin and I got asked to update the inputs.conf file for the app pingfederate. Im a little unsure of how to do it and I figured id ask here instead of bricking our prod system. T...
Labels
- Labels:
-
deployment server
01-29-2013
02:15 PM
1 Karma
Anyone know why 5.0.1 UFs are reporting data in with host name of $decideonstartup. Looks like this setting was added in 5.0 for the inputs.conf file and the default for system/default/inputs.conf....
- Tags:
- inputs.conf
Show results in replies (3)
-
...ew 5.0.1) it will create 3 files in etc/system/local. One of these files is an inputs.conf file with t...
-
...tc\system\local\inputs.conf ( echo [default] >> \\%1\c$\PROGRA~1\SplunkUniversalForwarder\e...
-
Matt: I had to specify the host name in my inputs.conf file manually to make perfmon stats c...
11-25-2020
05:01 AM
Hello, I have made a new app under deployment apps with the following inputs.conf [monitor:///root/something/something/something/something/]
index = test
whitelist=console-202[\S\s...
- Tags:
- Deployment Server
Labels
