Hi, I downloaded the "Monitoring of Java Virtual Machines with JMX" application and installed it using Splunk Web. It's on a Windows PC with Splunk Enterprise (trial). I got the following error in Splunk Web. ERROR ExecProcessor - message from "python C:\Splunk\etc\apps\SPLUNK4JMX\bin\jmx.py" It has been determined via the REST API that all inputs have been disabled Note: I have the correct server name and JMX port given in config.xml file. I tested the connection from my PC using JConsole and it works perfectly fine. Could you help me on this? How do I log this error to error file (from jmx.py code?) Thank you, Ananth ... View more

Hello, I'm evaluating splunk to capture data for raising data alerts, raising technical alerts etc. Most of data generated is using Log4J2. I'm able to forward data from an Linux machine to a receiver (in windows PC). I'm able to view real-time search. Now I need to filter the data based on regex or any expression and link it to email Alerts. I tried using fields, but it seems complex to extract data from my search results. Below is sample data: 2015-04-07 17:05:09,019 ERROR o.m.e.DefaultMessagingExceptionStrategy [[SplunkErrorProducer-vv3].SplunkErrorProducerFlow.stage1.02] ******************************************************************************** Message : Component that caused exception is: DefaultJavaComponent{SplunkErrorProducerFlow.component.207509504}. Message payload is of type: String Code : MULE_ERROR--2 -------------------------------------------------------------------------------- Exception stack is: 1. payload contents = Printing: CommonProductResult #0 {..... 250 lines more ...} ********************************************************************************* My questions are: 1) How do I extract data beginning from "payload contents" to the "********" line (around 250 lines - which are not fixed). 2) Even if I define a field, how can the field data be part of the email body for an alert? Could you help me on this? Is field object necessary or any other way to extract data based on specific pattern and link it to email Alerts? Thank you, Ananth ... View more

Hello, I'm evaluating Splunk and got enterprise trial installed in my PC. I would like to forward events/java log file data using an universal forwarded to enterprise trial. The forwarder will run on an unix machine (simple: setup a forwarder, see how it works in splunk server/receiver) The documentation links are confusing 😞 and is frustrating: 1) The documentation has splunk on unix, unix add on, splunk app for stream etc. Which one is exactly the universal forwarder? (which will just do forwarding of data that is configured for). 2) What should I download and where is the step-by-step installation guide for this universal forwarder? Thank you, Ananth ... View more