Thread Info | |||||
---|---|---|---|---|---|
Hi, scenario: a log uploader application helps in uploading logs to a directory. let it be splunkdata/timeofupload/yo...
by
smolcj
Builder
in
Getting Data In
02-22-2013
|
0
|
6
| |||
Hi Splunk experts, I am using regex transform to mask data in splunk. But splunk only masks first occurence of string...
by
vaibhavagg2006
Communicator
in
Getting Data In
02-21-2013
|
0
|
5
| |||
Hi,
I'm trying to set timestamp recognition for a sourcetype, in order to avoid recognising timestamp in the event...
by
echalex
Builder
in
Getting Data In
09-21-2012
|
0
|
3
| |||
I just turned on a splunk forwarder with the active directory monitoring on my AD server. Since the windows logs WinE...
by
yannK
Splunk Employee
in
Getting Data In
02-21-2013
|
3
|
1
| |||
I need to come up with a way to monitor files via UNC (I know this is not the preferred way) for ~140 servers that ar...
by
ShaneNewman
Motivator
in
Getting Data In
02-20-2013
|
0
|
1
| |||
I have currently one Splunk server who works as indexer and searcher. I want to add second server which will be a mir...
by
bckq
Path Finder
in
Getting Data In
10-21-2012
|
0
|
5
| |||
Is it possible to deploy an app from the Splunk master node /master-app/cluster/local to all the peer nodes ?
by
ssankeneni
Communicator
in
Getting Data In
12-05-2012
|
2
|
4
| |||
I have a requirement where in order for the remote machine to send data over the TCP connection to Splunk, it needs S...
by
rohitgupta
New Member
in
Getting Data In
02-20-2013
|
0
|
1
| |||
Hello,
I'm new in splunk. Splunk with syslog works correct now. I try test netflow from cisco asa. I set netflow i...
by
popo80
New Member
in
Getting Data In
02-18-2013
|
0
|
1
| |||
This is a common issue with the syslog sourceytype. By default it behave differently from the other inputs, the host ...
by
yannK
Splunk Employee
in
Getting Data In
02-20-2013
|
2
|
1
| |||
Using [monitor://path] Stanza i need to monitor a folder which contains binary data. When i set the props.conf as,
...
by
chimbudp
Contributor
in
Getting Data In
02-20-2013
|
0
|
3
| |||
I would like to monitor assembly folder in windows. Path :- C: \Windows \assembly
I have set the inputs.conf in Un...
by
chimbudp
Contributor
in
Getting Data In
02-18-2013
|
0
|
8
| |||
Hi,
Ive been playing with the SEDCMD in my props.conf to anonymize CC data in a log.
Originally I tried this:...
by
doreno
Explorer
in
Getting Data In
02-19-2013
|
0
|
11
| |||
I want to index only specific fields like error status in an event and discard the rest. How do I set splunk to do th...
by
pdash
Path Finder
in
Getting Data In
02-18-2013
|
0
|
3
| |||
I know that you can control the Universal Forwarder to grab historical event logs from Windows using "current_only = ...
by
vragosta
Path Finder
in
Getting Data In
02-19-2013
|
0
|
2
| |||
Anyone know why 5.0.1 UFs are reporting data in with host name of $decideonstartup. Looks like this setting was added...
by
dchodur
Path Finder
in
Getting Data In
01-29-2013
|
1
|
6
| |||
I need to monitor the Assembly folder in Windows Server : [monitor://C:\Windows\assembly] index=Assembly_monitor
t...
by
chimbudp
Contributor
in
Getting Data In
02-19-2013
|
0
|
4
| |||
Is there any way to distinguish the various priorities/levels of syslogged messages when viewed from Splunk?
I don't ...
by
NK_1
Path Finder
in
Getting Data In
01-18-2012
|
0
|
3
| |||
Hey folks,
Long time Splunk fan here. Initially when we started using Splunk, our queries were simple, and so sear...
by
KA_splunk
Explorer
in
Getting Data In
02-14-2013
|
2
|
11
| |||
I am using a Universal Forwarder to monitor the following directories and files, but somehow it is not routing it to ...
by
tsunamii
Path Finder
in
Getting Data In
02-18-2013
|
0
|
2
| |||
I've "configured" the Splunk for Cisco IPS application, but I'm getting the following back from the scripted input:
...
by
aart_bos
Loves-to-Learn
in
Getting Data In
02-07-2013
|
0
|
1
| |||
I have an alert on my windows 2008R2 indexer that calls sendsnmptrap.cmd (see link to script below). My question is i...
by
mship
Path Finder
in
Getting Data In
02-18-2013
|
0
|
1
| |||
Why time zone in Splunk 5.0.2 for Moscow (Russia) is +3? Must be +4!
by
PaVedme
Engager
in
Getting Data In
02-13-2013
|
1
|
1
| |||
Hi Everyone.
Perfmon logging used to work for me by placing what should have been in perfmon.conf into inputs.conf...
by
matthewcanty
Communicator
in
Getting Data In
02-15-2013
|
0
|
6
| |||
I have a database input configured:
[dbmon-tail://spa/dwf_rdfdirector_r]
host = spa
index = emc
interval = auto
...
by
micm
Explorer
in
Getting Data In
01-22-2013
|
0
|
2
|