I would like to retrieve the data in /var/log as correctly as possible. Currently I am simply monitoring the entire /var/log folder with no pre-selected sourcetype. On the Listofpretrained...
I am able to get a listof indexes and their sourcetypes using | metadata type=sources index=* sourcetype=* ||dedup source, but I want to add the sourcetypes to the list and be able to pick the i...
Hi,
Could you tell me, do you have sort of "listof supported data sources"?
Actually, I want to know complete listof connectors to data sourcetypes supported in Splunk Enterprise.
Thanks!
Hi,
Is there a pretrainedsourcetype for .dat OSIsoft PI log files ?
I know I can create a .csv file manually from the .dat file, then use the .csv file in Splunk but I would like to read the l...
...lass that includes just the clients. But a number of the scripts have sourcetypes (auditd, Unix:ListeningPorts, etc.) that are absent from the Settings: (Data) Sourcetypes display, and as a result I c...
Hi,
I am trying to write a query to list events from sourcetype A only when the corresponding event in sourcetype B does not contain a specific event code. I believe the only correlation e...
After I installed rfc5424 app, rfc5424_syslog is not showing in source_type drop down list.
Is it suppose to show? or I need to set it rfc5424_syslog manually?
...ith each other. I'm also trying to find out when the last time a "WinEventLog" source talked to Splunk so I can query machines that are not communicating.
So, can someone tell me how I can search f...