Thread Info | |||||
---|---|---|---|---|---|
On the indexer, I have the following property config: [host::newdatamine] TIME_PREFIX = ^[INFO|ERROR|WARN]\s+[ TIME_F...
by
onlineops
Engager
in
Getting Data In
03-01-2012
|
0
|
1
| |||
How do i delete host, sourcetype and source from splunk.. have tried following option,i am able to remove index but i...
by
vaibhavbeohar
Path Finder
in
Getting Data In
02-29-2012
|
0
|
1
| |||
Hi,
I have a log source that is causing some problems. I think it is caused by events like this ones:
29-02-201...
by
lpolo
Motivator
in
Getting Data In
02-29-2012
|
0
|
2
| |||
I have log files with file names like:
report-2012-02-25.csv
report-2012-02-26.csv
In those reports only some ...
by
imrago
Contributor
in
Getting Data In
02-29-2012
|
1
|
2
| |||
The REST API docs indicate that it is possible to install an app via "URL". Using splunk 4.1.6, this response is give...
by
awesomo9000
Engager
in
Getting Data In
02-17-2012
|
1
|
1
| |||
I'm sure there is a better way. I'm trying to get a list of hosts for a given time range. The search I'm using now is...
by
MBerikcurtis
Path Finder
in
Getting Data In
02-28-2012
|
1
|
1
| |||
Before I got my server named properly for splunk I received a lot of records under the hostname 'localhost:localdomai...
by
fzyqkl
New Member
in
Getting Data In
02-28-2012
|
0
|
1
| |||
Currently we are logging all our network device data from our routers to a single syslog host. This syslog host forwa...
by
sonicZ
Contributor
in
Getting Data In
02-27-2012
|
1
|
4
| |||
Currently our Sun systems dump all of their authentication logs to the syslog sourcetype.
I want to pull those "a...
by
moshman
Explorer
in
Getting Data In
02-28-2012
|
3
|
3
| |||
Other than props.conf, is there any other file that controls how multi-line events are split or kept together? We are...
by
romantercero
Path Finder
in
Getting Data In
02-27-2012
|
0
|
2
| |||
Greetings everyone. I am receiving a gamut of old files, some of which contain test data showing records from 1970. S...
by
msarro
Builder
in
Getting Data In
02-28-2012
|
0
|
5
| |||
Hello,
I'm trying to break logs collected from Microsoft Forefront Client Security into separate events. Here is a...
by
justinhart
Path Finder
in
Getting Data In
02-10-2012
|
0
|
12
| |||
I am just about to start indexing a large amount of CDR (call detail records) which i will be retrieving via SFTP.
...
by
nickhills
Ultra Champion
in
Getting Data In
01-15-2012
|
0
|
4
| |||
I'm trying to figure out the best way to extract a time stamp (not date) from a row when using multikv.
Here's the...
by
kubowler99
New Member
in
Getting Data In
02-25-2012
|
0
|
4
| |||
So I have searched through answers and haven't really found a good best practice for what I am trying to accomplish s...
by
jerrad
Path Finder
in
Getting Data In
01-04-2011
|
1
|
2
| |||
I have tried to set up a universialforwarder (first time from cli) and have it monitor some log files (/var/log/dhcpd...
by
fisk12
Path Finder
in
Getting Data In
05-19-2011
|
0
|
2
| |||
I'm trying to index an XML file that has multiple lines in the beginning that I do not want or need indexed. I've wor...
by
jgedeon120
Contributor
in
Getting Data In
02-25-2012
|
3
|
8
| |||
My understanding is that once the Deployment Server is setup, that if I install a aplunkforwader and point it to the ...
by
HarryJohn
Explorer
in
Getting Data In
02-24-2012
|
0
|
1
| |||
My log format is below: 10.10.143.18 - "-" [21/Feb/2012:00:05:39 +0900] "POST /default/2881.ajax HTTP/1.1" 200 115538...
by
napo
Engager
in
Getting Data In
02-22-2012
|
0
|
4
| |||
Splunk 4.3 is installed locally on my Windows computer where time zone is set correctly. I have timestamps formatted...
by
greg
Communicator
in
Getting Data In
02-18-2012
|
0
|
4
| |||
Is there a SPLUNK forwarder or agent to collect logs from Microsoft SCOM ACS database? If so, it the solution filly s...
by
opsec
New Member
in
Getting Data In
02-23-2012
|
0
|
1
| |||
We are using a 4.2.1 UF node to monitor a directory that contains web access log files, and send those files to an in...
by
beaumaris
Communicator
in
Getting Data In
01-12-2012
|
0
|
2
| |||
I am trying to configure Splunk to properly split events from a data source. Here's what an event looks like:
----...
by
johnboldt
Explorer
in
Getting Data In
02-23-2012
|
0
|
1
| |||
Hi,
I have installed splunk in one server machine and able to get the data but when i try to get the data from rem...
by
vaibhavbeohar
Path Finder
in
Getting Data In
02-23-2012
|
0
|
2
| |||
Hi
I have taken SNMP data into splunk through a CSV conversion of polled data. The sample data looks as below
...
by
raki
New Member
in
Getting Data In
02-22-2012
|
0
|
1
|