Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,000 results
Sorted by:
04-27-2022
12:33 PM
Hello, Are there any queries I can run from SPLUNK search head to find: 1. all configured DB Connections and their associated index/source Types in SPLUNK. Any help will be highly appreciated!...
Labels
- Labels:
-
search head
11-17-2020
10:21 AM
Hi I have currently 5-6 index setup where consider abc as fieldname , which is extracted at index time and same fieldname is called with different name in different indexes like cde, efg . Now...
Labels
- Labels:
-
Other
02-16-2022
01:46 AM
Greetings, I am trying to get different log types such as security and audit logs for example from a single IP source from my HF instance, how exactly should I be settings my settings in Inputs, Tra...
Labels
05-19-2022
01:11 PM
Hello all, I'm finding the default indexer.conf settings too small, making various sourcetypes only searchable back about 4 months but I need a years worth/ability to search back to.
I've found n...
Labels
- Labels:
-
indexer
10-11-2021
06:14 PM
Hi, I need to install the below add-on, this add-on creates indexes and required roles, we dont want the add-on to control the indexes, so indexes.conf in this add-on is taken out , and we will c...
Labels
06-25-2020
08:58 AM
...ystem via syslog, Indexer must receive all the logs, Third Party system must receive a subset of these data (three sourcetypes) using syslogs (udp). I used the available documentation (https://d...
- Tags:
- syslog
- third party
Labels
- Labels:
-
heavy forwarder
-
syslog
04-28-2016
03:30 PM
4 Karma
Still haven't seen an official answer to this. Source and host can use regex patterns, but sourcetypes cannot. Even a splunk blog recommends a way that is well... not recommended: http://blogs.splunk...
09-24-2019
04:44 AM
1 Karma
...otally different environments (separate licenses).
I'm assuming this can be accomplished on the universal forwarder by using multiple target groups and modifying the inputs.conf files of the sourcetypes...
10-23-2019
12:02 PM
I want to change the sourcetype for all incoming logs with sourcetypes not starting with abc. I have following setting but it would change it for all the sourcetypes
#Transforms.conf on i...
03-31-2015
01:49 PM
...have a props.conf built, but we want to have a one props.conf to control these settings across the applications. How can I tie the sourcetypes to the one props.conf file?
thanks, Jenn
