Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About rjlaral
rjlaral
New Member
Member since:
07-12-2017
06-05-2020
Community Statistics
| Posts | 3 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 07-12-2017 |
Activity Feed
- Posted How do I populate a Microsoft Word Template with Splunk Data? on Getting Data In. 10-17-2018 12:30 PM
- Tagged How do I populate a Microsoft Word Template with Splunk Data? on Getting Data In. 10-17-2018 12:30 PM
- Tagged How do I populate a Microsoft Word Template with Splunk Data? on Getting Data In. 10-17-2018 12:30 PM
- Tagged How do I populate a Microsoft Word Template with Splunk Data? on Getting Data In. 10-17-2018 12:30 PM
- Tagged How do I populate a Microsoft Word Template with Splunk Data? on Getting Data In. 10-17-2018 12:30 PM
- Tagged How do I populate a Microsoft Word Template with Splunk Data? on Getting Data In. 10-17-2018 12:30 PM
- Posted Re: Tagging data from different sources that will send to same forwarder... on Getting Data In. 07-18-2017 07:50 PM
- Posted Tagging data from different sources that will send to same forwarder... on Getting Data In. 07-13-2017 07:48 PM
- Tagged Tagging data from different sources that will send to same forwarder... on Getting Data In. 07-13-2017 07:48 PM
- Tagged Tagging data from different sources that will send to same forwarder... on Getting Data In. 07-13-2017 07:48 PM
- Tagged Tagging data from different sources that will send to same forwarder... on Getting Data In. 07-13-2017 07:48 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 |
10-17-2018
12:30 PM
Hello all!
First of all, apologies about my English skills. I designed a Microsoft Word template (including some custom fields) as a base design for a client's report. This report shows data extracted from Splunk Searches and interpretation about it.
I'm wondering what would be the best way (or proper way) to extract this Splunk data and populate fields inside Word's template at the same time. My intention is to automatize the report generation process as much as I can.
Can anyone guide me in the proper direction?
Thank you very much and best regards,
Rafael
PD.: I checked about "Office Documents Template System (ODTS) for Splunk", but I still don't know if it's what I'm looking for.
... View more
07-18-2017
07:50 PM
Ciao Signor Cusello, Greentings Mr. Woodcock:
First of all, thank you for your responses! and my apologies for my later response.
It's my fault, but I also need to configure other (real hardware) servers to send logs to Splunk Forwarder's VM so it can send all collected logs to indexer. And, I face same issue: categorize this logs for further analysis and identify app-log relationship. So, in scenario, Splunk FW VM not only collect logs from other VMs (and you're right, Mr. Woodcock, is VMWare ESXi) but servers outside the VMWare enviroment.
My real problem is I don't understand how Splunk architecture works and, by the way, including syslog functionality; but the last one is more easiest than Splunk. I consider Splunk documentation is the hard way for learn Splunk from scratch. Signor Cusello, thank you for URLs you indicated in your response.
Can you provide me several specific points to go in the right direction, guys? Maybe further advices? Examples? I really appreciate that. I'll keep an eye on your answers.
Thank you very much and best regards,
Rafael
... View more
07-13-2017
07:48 PM
Hello All:
Greetings. First of all, thanks for take your time and read this question; apologies by my poor English.
I'm really N00b about Splunk Enterprise and Splunk Forwarder, but I must be involved in a project in my work, so I must be learn!!!. I deeply read this article (https://answers.splunk.com/answers/333248/how-to-implement-tagging-on-a-universal-forwarder.html), this (https://answers.splunk.com/answers/129225/tag-data-on-universal-forwarder.html) and this (https://answers.splunk.com/answers/501121/how-to-add-custom-tags-to-event-data-via-universal.html) related to my question, but I don't understand very well those answers.
This is my scenario: In premise, a server is installed with a number of virtual machines (VMs), one of them have Splunk Forwarder installed. Other VMs have applications generating logs we want to analyze. In other site, we have another server running Splunk Enterprise.
We want to collect information from VMs and send to Splunk Enterprise via Splunk Forwarder for futher analysis, but we want to tag this information to categorize it and do analysis. For example, if VM1 run App1 and generating LogApp1, we want to send this data to Splunk Enterprise and be able to do several search, analysis, filters over LogApp1 data.
So:
What is the right configuration over log data in VMs and Splunk Forwarder to tagging, categorize it in order to identifying in Splunk Enterprise? I'm thinking in use syslog to send data from VMs o Splunk Forwarder, but How I must tag this data in order to get a tagged data and not a mess?
Can you provide me full example in how I must configure VM, syslog (if this is part of solution), Splunk Forwarder and Splunk Enterprise (Is indexers involved here?)
Please, I really N00b about Splunk Architecture and any help will be appreciated, even if you consider basic your support, guide, advice or answer. I really open to Splunk 101 answers.
Please, let me note if you need further explanation about my problem, I hope I had described enough.
Thank you very much and best regards,
Rafael
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
06-05-2020
02:03 AM
|
