Thread Info | |||||
---|---|---|---|---|---|
I installed Splunk on Win2k8 R2 and enabled the universal forwarder. Then splunkd would NOT function properly.
Sho...
by
tlyczko
New Member
in
Getting Data In
03-30-2011
|
0
|
1
| |||
Is there a property that would allow me to discard log lines that don't start with a timestamp? I realize that I can ...
by
mslvrstn
Communicator
in
Getting Data In
03-30-2011
|
0
|
1
| |||
Hi, I'm having a problem with ARCserve post backup script that should start Splunk again. Prebackup script for stoppi...
by
gljiva
Path Finder
in
Getting Data In
02-11-2011
|
0
|
1
| |||
Upon an upgrade to 4.2 I noticed that splunk spit out the following:
Possible typo in stanza [source::/tmp/test.cs...
by
joshd
Builder
in
Getting Data In
03-30-2011
|
0
|
2
| |||
With previous Splunk installations, at install time, the hostname was written to etc/system/local/inputs.conf. That d...
by
vbumgarner
Contributor
in
Getting Data In
03-29-2011
|
0
|
1
| |||
Splunk is picking up a csv file that looks like this:
SP A,03/27/11 13:10:00,10,4,5,6
SP A,03/27/11 13:20:00,4,4,2...
by
dinisco
Explorer
in
Getting Data In
03-28-2011
|
0
|
2
| |||
Setup We have a cluster of compute nodes, call them node01-node05. They all will run jobs that create data we'd like ...
by
kevintelford
Path Finder
in
Getting Data In
11-03-2010
|
0
|
2
| |||
I've installed Splunk. Now, how do I turn it into a universal forwarder?
With light and heavy forwarders, I used ...
by
Steve_G_
Splunk Employee
in
Getting Data In
03-29-2011
|
1
|
1
| |||
Hey everyone. I am looking to possibly begin using some lightweight forwarders on some of our production servers to g...
by
msarro
Builder
in
Getting Data In
03-28-2011
|
0
|
5
| |||
I need to extract a timestamp from log files looking like that :
Feb 16 23:58:44 ...
As you can see, there is n...
by
lmeur
Engager
in
Getting Data In
03-24-2011
|
1
|
3
| |||
I just got off the phone with Support and was told that I needed to use Universal Forwarder (mode) in order to forwar...
by
the_wolverine
Champion
in
Getting Data In
03-24-2011
|
1
|
4
| |||
Trying to find a solution to my problem:
http://answers.splunk.com/questions/13139/wineventlogsecurity-filtering-d...
by
arapozo
Explorer
in
Getting Data In
03-28-2011
|
3
|
2
| |||
Hi every one , i am using Splunk on windows operationg system. I would like to deliver reports in pdf format to end u...
by
chandansingh
Explorer
in
Getting Data In
03-28-2011
|
0
|
1
| |||
I have been trying with the below query to capture the failed login attempts made on the windows servers.
source="...
by
npandith
Explorer
in
Getting Data In
03-27-2011
|
0
|
1
| |||
Hey All,
I enabled the squid app for splunk and threw a log file into it. Pretty quick and easy, and I whipped ou...
by
jgauthier
Contributor
in
Getting Data In
03-26-2011
|
1
|
4
| |||
EDIT: I've discovered this only happens if I specify more than one stanza on the same port -- different remote IPs, s...
by
twinspop
Influencer
in
Getting Data In
03-25-2011
|
0
|
3
| |||
I'm trying to create a search to determine which hosts in a CSV file don't have any events associated with it within ...
by
zschmid
Path Finder
in
Getting Data In
11-17-2010
|
2
|
4
| |||
Has anyone setup the windows "netstat" command as an input?
I like the "netstat" source provided in the unix app, ...
by
Lowell
Super Champion
in
Getting Data In
01-12-2011
|
1
|
3
| |||
We performed renames on several servers and am seeing them all show with a weird issue. It seems that there are still...
by
dchristilaw
New Member
in
Getting Data In
03-25-2011
|
0
|
1
| |||
I have set up a few heavy forwarders. I did this to filter data, and learn how. Some of these are on a WAN and will r...
by
jgauthier
Contributor
in
Getting Data In
03-25-2011
|
1
|
6
| |||
Can I use the universal forwarder 4.2 to send data to an indexer running Splunk 4.1.7 (or older) ?
by
rasingh
Path Finder
in
Getting Data In
03-25-2011
|
1
|
1
| |||
Hi,
is it possible to use different indexes on the main splunk server which received the data from windows forwar...
by
krusty
Contributor
in
Getting Data In
12-15-2010
|
1
|
8
| |||
I have a handful of different sourcetypes that all get written to log files in /var/log/app. I also have more than on...
by
tpsplunk
Communicator
in
Getting Data In
03-04-2011
|
3
|
13
| |||
I have the following stanza in transforms.conf:
[medusa_media_access-drop-events]
REGEX = ^\S+\s++\S+\s++\[[^\]]*\...
by
spock_yh
Path Finder
in
Getting Data In
03-21-2011
|
0
|
2
| |||
I'm having a heck of a time figuring out the best way to get splunk to show these multiline events in one event. Any ...
by
michaelhobbs
Explorer
in
Getting Data In
03-23-2011
|
1
|
7
|