...33 : "Alex Bob"}}
I wanted to rename those field names when the events arrive, not when support users search in the application.
For example, I wanted to rename 111 to "TimeStamp"; 222 to "E...
...uestion is: Is it possible to skip the scheduler and edita conf file on the DCN itself to start ingesting VMWare and vCenter data right away? We have a limited time schedule since this is just a test e...
...howing the same thing so it looks like the network connectivity between my two servers are working fine.
However, in the log file I am receiving the following:
03-19-2017 15:39:00.074 +0000 W...
...ant to do the sorts at search time and not with the forwarder. So could someone tell me what files I would have toeditto make this happen?
So far I see
C:\Program Files\Splunk\etc\apps\search\l...
...hile configuring the universal forwarder.
There is a log file in the c: drive of this Windows machine which I want Splunk to source for me to search. Which inputs.conf file should I edittoconfigur...
I got a problem getting splunk to read my XML files correctly.
Example on one of my XML files:
http://imgur.com/RTlYiLy
I want splunk to create a event for every row(the element)
and e...
...nvironment. And I repeat, there is no issue over there. However, when I deploy it on prod, it is failing couple of times in each log.
Log sample
= ID: 453608, XXXXXXXXX: **MonitorAll Y...
Hi, I have a flat file multiline log:
Here is my props.conf
[emailAlerts2]
SHOULD_LINEMERGE=true
BREAK_ONLY_BEFORE_DATE = false
BREAK_ONLY_BEFORE = </EcomLogEntry>
TRUNCATE=0
M...
I have a report running in SPLUNK on a daily basis. The timestamp for this report is the "Report Date" field (i.e. today). However, the events are actually from the previous day.
Therefore am I a...