Thread Info | |||||
---|---|---|---|---|---|
I am expecting to see each record as an event, but the result is not as expected. Some records are displayed as indiv...
by
msenthilganesh
New Member
in
Getting Data In
05-26-2010
|
0
|
1
| |||
If we have an indexer configured w/a raid 5 or raid 6 array is this going to negatively affect performance?
by
Chris_R_
Splunk Employee
in
Getting Data In
03-05-2010
|
2
|
4
| |||
I am currently running a eval version of Splunk 4.0.9 on a Windows 2008 64Bit Host. Our purchase of Splunk has been a...
by
littlejef
Engager
in
Getting Data In
05-24-2010
|
1
|
1
| |||
Hi, we are currently testing a Palo Alto app sec firewall and are sending some test logs over to the central indexer ...
by
balbano
Contributor
in
Getting Data In
05-25-2010
|
0
|
6
| |||
I would like to deploy Light Forwarders at our remote locations to act as a syslog server. Can light forwarder be con...
by
Genti
Splunk Employee
in
Getting Data In
05-25-2010
|
2
|
2
| |||
I've found how to get data from a remote users Security Log but we are after a centralised area to keep these logs. I...
by
wdc
New Member
in
Getting Data In
05-25-2010
|
0
|
3
| |||
I am revisiting splunk to see if it will meet our goals. Right now I am working on the initial index of our data gath...
by
ASW3382
New Member
in
Getting Data In
05-24-2010
|
0
|
4
| |||
Our indexer and all forwarders are running 4.1.2. Recently we developed a need to send events from our forwarders in ...
by
Jaci
Splunk Employee
in
Getting Data In
05-21-2010
|
1
|
3
| |||
What is the relationship between size of logs received by Splunk indexing servers versus indexing volume? On the load...
by
Genti
Splunk Employee
in
Getting Data In
05-24-2010
|
0
|
1
| |||
I have a deployment server app with a single inputs.conf file.
[tcp://localhost:9997]
sourcetype = tcp-raw
index =...
by
Jaci
Splunk Employee
in
Getting Data In
05-14-2010
|
1
|
2
| |||
I have the following in inputs.conf:
[udp://32004]
host = custom_host
connection_host = n...
by
jeff
Contributor
in
Getting Data In
05-18-2010
|
3
|
3
| |||
Hi,
I have a development support question.
We have an application that is integrated with splunk. We have a C...
by
mctester
Communicator
in
Getting Data In
05-20-2010
|
2
|
1
| |||
we only want to save the log info for 2 weeks. I tried to set this up by modifying the frozen time, but it doesn’t se...
by
dcroteau
Splunk Employee
in
Getting Data In
05-21-2010
|
1
|
3
| |||
Suppose I splunk a file and it is gzip'd on disk under the appropriate Splunk index directory.
Then let's say I c...
by
maverick
Splunk Employee
in
Getting Data In
05-22-2010
|
1
|
1
| |||
Forwarding a question:
"... attempting to setup a lookup table. Each time I save an automatic lookup it always ret...
by
Genti
Splunk Employee
in
Getting Data In
05-21-2010
|
0
|
1
| |||
If our app's inputs.conf uses an index other than "main" (e.g. a custom index for our app) does our app's setup UI (o...
by
Justin_Grant
Contributor
in
Getting Data In
05-12-2010
|
1
|
5
| |||
Does a forwarder keep using the initial TCP connection to the indexing server, or does it close the connection after ...
by
Jaci
Splunk Employee
in
Getting Data In
05-21-2010
|
2
|
1
| |||
Hi there. I'm new to splunk. Having a bit of trouble getting my head around it ( I know SQL well ) .
I want to get...
by
return2health
Engager
in
Getting Data In
05-21-2010
|
1
|
2
| |||
I am perplexed with what I'm experiencing right now.
I have all the file inputs enabled for monitor but I'm not se...
by
Nicholas_Key
Splunk Employee
in
Getting Data In
05-03-2010
|
1
|
2
| |||
I monitor a log file (access_log) that gets rolled every night at 1 am using a copy command "cp /dev/null access_toda...
by
Jaci
Splunk Employee
in
Getting Data In
05-20-2010
|
1
|
3
| |||
I am creating an app for Splunk 4.1 that has a scripted input that retrieves data from a database. At first run, it w...
by
jwestberg
Splunk Employee
in
Getting Data In
05-19-2010
|
2
|
5
| |||
Hi,
I am collecting event logs thru WMI for Windows 2000 and 2003 servers, for 2003 everything seem ok but for 200...
by
phoenixsecure
Engager
in
Getting Data In
04-30-2010
|
2
|
2
| |||
How do keep splunk from removing syslog priority fields? They are removed once indexed into splunk.
by
Chris_R_
Splunk Employee
in
Getting Data In
02-08-2010
|
0
|
3
| |||
Since I updated our server to 4.1.2 I'm seeing the following error with most searches.
The lookup table 'sid_...
by
Yancy
Path Finder
in
Getting Data In
05-19-2010
|
2
|
2
| |||
Can I use blacklist in a batch stanza? I couldn't find anything in the documentation saying otherwise.
Thanks,
by
carmackd
Communicator
in
Getting Data In
05-18-2010
|
2
|
2
|