Thread Info | |||||
---|---|---|---|---|---|
lets say daily I recieve 5 files, and I am indexing 5 files and running my query to generate the report. Now, my requ...
by
abhayneilam
Contributor
in
Getting Data In
10-18-2012
|
1
|
9
| |||
Hi,
I'am working with a text file indexed in Splunk. Every 15 minutes this file is completely replaced. At this mo...
by
jumah35
New Member
in
Getting Data In
10-23-2014
|
0
|
6
| |||
Hi,
is there anything pokeable from a load balancer over TCP to validate the availability of a TCP data input? I c...
by
acidkewpie
Path Finder
in
Getting Data In
10-23-2014
|
0
|
1
| |||
I have a timestamp that is not coming incorrectly. Splunk is reading the seconds portion of time in my event as minut...
by
skirkpatrick
New Member
in
Getting Data In
10-24-2014
|
0
|
1
| |||
Hi, i have events with microseconds in timestamp, for example 2013-02-13:22:09:43.687263. I see that in custom time s...
by
my_splunk
Path Finder
in
Getting Data In
05-23-2013
|
3
|
1
| |||
Hi!
I'm sending a JSON document to a TCP Data Input on my Splunk server. I noticed the magical field _time that a...
by
jeanmatthieu
Explorer
in
Getting Data In
10-24-2014
|
1
|
3
| |||
I'm not exactly sure what is going on but when I installed universal forwarder and the receiver my splunk is getting ...
by
jcbfaulks
Explorer
in
Getting Data In
10-23-2014
|
0
|
2
| |||
In Inputs.conf you can set an interval that a powershell script runs to collect data... but can you somehow set the f...
by
mtmoore
Explorer
in
Getting Data In
10-23-2014
|
2
|
3
| |||
Hi, when I do the filtering windows log, I use the main program 6.1.4 then changed forwarder license, so Windows AD (...
by
chengyu
Path Finder
in
Getting Data In
10-23-2014
|
0
|
3
| |||
I am not getting expected behavior when specifying inputs.
All my logs are in a folder called "/syslog/"
1.3M -...
by
xdaxdb
Explorer
in
Getting Data In
10-22-2014
|
0
|
11
| |||
I'm working in an environment where we have the universal forwarder (5.0.5 - old I know) installed on all our systems...
by
riodutchie
Explorer
in
Getting Data In
10-23-2014
|
0
|
7
| |||
I noticed that a new install of splunkforwarder automatically monitors the following directories:
Monitored Direct...
by
bbiandov
Path Finder
in
Getting Data In
10-22-2014
|
1
|
2
| |||
I have a log file with a timestamp at the beginning of an event in the format YYYY-MM-DD HH:MM:SS.mmm. The automatic ...
by
ulrich_track
Path Finder
in
Getting Data In
10-23-2014
|
0
|
2
| |||
Hi,
I've looked though similar questions about log rotation and also the most related documentation topic here htt...
by
rnr
Path Finder
in
Getting Data In
10-20-2014
|
1
|
5
| |||
I am getting these errors, even though i think i have the timestamp parsed correctly based on other splunk answers.
...
by
sonicZ
Contributor
in
Getting Data In
10-22-2014
|
0
|
1
| |||
by
dgravesa1
New Member
in
Getting Data In
10-22-2014
|
0
|
2
| |||
Can SSL configuration be applied on Splunk Universal Forwarders? My understanding is that it was only available on Sp...
by
Ant1D
Motivator
in
Getting Data In
10-22-2014
|
1
|
4
| |||
I've set up forwarding many times, but for some reason cannot get my auditd log to properly appear in Splunk. I'm ban...
by
BT_Neophyte
Explorer
in
Getting Data In
10-22-2014
|
0
|
2
| |||
I want to get the time in this format 2009-Sep-30 from 20090930
by
srinathd
Contributor
in
Getting Data In
10-22-2014
|
0
|
1
| |||
I have these 2 group:
[monitor:///pack/jboss/server/edu01_*/logs/server.log] sourcetype = server_log index = myind...
by
khuongdp
New Member
in
Getting Data In
10-21-2014
|
0
|
2
| |||
I have created an outputs.conf on my Indexer. With the following stanza.
[output]
defaultGroup = indexerB
[indexA...
by
gekoner
Communicator
in
Getting Data In
10-21-2014
|
0
|
1
| |||
Splunk is not recognizing the timestamps in these logs. Some are picked up but others are grouped together into a sin...
by
smudge797
Path Finder
in
Getting Data In
10-21-2014
|
0
|
3
| |||
Hi, I like to filter out "%ASA-4-106023" before sending log to splunk indexer, Below are my config:
inputs.conf [m...
by
mehhos
Engager
in
Getting Data In
10-21-2014
|
0
|
2
| |||
I have Splunk Universal Forwarders installed on my Windows Domain Controllers. Up until 5 weeks ago, sourcetype=Activ...
by
psharkey
Explorer
in
Getting Data In
10-17-2014
|
1
|
1
| |||
I know this is not a Splunk specific question, however I have asked a similar question in the past about tuning for U...
by
jodros
Builder
in
Getting Data In
10-15-2014
|
0
|
1
|