Thread Info | |||||
---|---|---|---|---|---|
I have a log file with a timestamp at the beginning of an event in the format YYYY-MM-DD HH:MM:SS.mmm. The automatic ...
by
ulrich_track
Path Finder
in
Getting Data In
10-23-2014
|
0
|
2
| |||
Hi,
I've looked though similar questions about log rotation and also the most related documentation topic here htt...
by
rnr
Path Finder
in
Getting Data In
10-20-2014
|
1
|
5
| |||
I am getting these errors, even though i think i have the timestamp parsed correctly based on other splunk answers.
...
by
sonicZ
Contributor
in
Getting Data In
10-22-2014
|
0
|
1
| |||
by
dgravesa1
New Member
in
Getting Data In
10-22-2014
|
0
|
2
| |||
Can SSL configuration be applied on Splunk Universal Forwarders? My understanding is that it was only available on Sp...
by
Ant1D
Motivator
in
Getting Data In
10-22-2014
|
1
|
4
| |||
I've set up forwarding many times, but for some reason cannot get my auditd log to properly appear in Splunk. I'm ban...
by
BT_Neophyte
Explorer
in
Getting Data In
10-22-2014
|
0
|
2
| |||
I want to get the time in this format 2009-Sep-30 from 20090930
by
srinathd
Contributor
in
Getting Data In
10-22-2014
|
0
|
1
| |||
I have these 2 group:
[monitor:///pack/jboss/server/edu01_*/logs/server.log] sourcetype = server_log index = myind...
by
khuongdp
New Member
in
Getting Data In
10-21-2014
|
0
|
2
| |||
I have created an outputs.conf on my Indexer. With the following stanza.
[output]
defaultGroup = indexerB
[indexA...
by
gekoner
Communicator
in
Getting Data In
10-21-2014
|
0
|
1
| |||
Splunk is not recognizing the timestamps in these logs. Some are picked up but others are grouped together into a sin...
by
smudge797
Path Finder
in
Getting Data In
10-21-2014
|
0
|
3
| |||
Hi, I like to filter out "%ASA-4-106023" before sending log to splunk indexer, Below are my config:
inputs.conf [m...
by
mehhos
Engager
in
Getting Data In
10-21-2014
|
0
|
2
| |||
I have Splunk Universal Forwarders installed on my Windows Domain Controllers. Up until 5 weeks ago, sourcetype=Activ...
by
psharkey
Explorer
in
Getting Data In
10-17-2014
|
1
|
1
| |||
I know this is not a Splunk specific question, however I have asked a similar question in the past about tuning for U...
by
jodros
Builder
in
Getting Data In
10-15-2014
|
0
|
1
| |||
I have a dashboard containing a checkbox with some values. These values are OR'd together in my search string. For ex...
by
jmc82
Explorer
in
Getting Data In
10-21-2014
|
2
|
1
| |||
After reading this and this I'm not sure about the use of persistent queues on Splunk.
In particular, in one impl...
by
fernandoandre
Communicator
in
Getting Data In
05-14-2012
|
1
|
2
| |||
I am having issues setting up a UNIX universal forwarder to monitor IBM IHS http log files -- it does not appear to b...
by
sjnorman
Explorer
in
Getting Data In
09-11-2014
|
0
|
3
| |||
alt textI have a log file that writes everything in one line. I'm try to count the number of events in the logfile bu...
by
jbouch03
Path Finder
in
Getting Data In
10-20-2014
|
0
|
3
| |||
I was wondering if anyone has a good search that can help track the weekly upgrade progress for UF agents? With the d...
by
ltrand
Contributor
in
Getting Data In
10-20-2014
|
1
|
1
| |||
Hi,
I see duplicate data getting ingested when a file which was already ingested is being recreated upon a system ...
by
soniaraj13
New Member
in
Getting Data In
10-19-2014
|
0
|
1
| |||
I have a datasource that looks like this:
{
"results": {
"serverone": {
"time": 2,
"results":...
by
David
Splunk Employee
in
Getting Data In
10-19-2014
|
0
|
1
| |||
Hello Splunkies,
I was wondering if splunk could monitor a logs sent by email to splunk server. if yes how this co...
by
royimad
Builder
in
Getting Data In
03-18-2013
|
0
|
2
| |||
I want to index the dynamic performance views that are available in SYS of Oracle Database on Splunk. These views inc...
by
rsawant
Explorer
in
Getting Data In
10-15-2014
|
1
|
5
| |||
I'm running two Windows Splunk servers (combo search heads and indexers, v6.0.1). One is dedicated to our non-product...
by
redc
Builder
in
Getting Data In
02-21-2014
|
0
|
2
| |||
Experts,
we have 100GB license and that data is being fed to Splunk. Out of that 100GB, 10% is what need to be ret...
by
Raghav2384
Motivator
in
Getting Data In
10-16-2014
|
1
|
2
| |||
I have a .csv file containing a list of email addresses (approximately 35k addresses/rows). I'm trying to compare the...
by
thejamesvolta
Engager
in
Getting Data In
12-12-2012
|
3
|
3
|