The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.
Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.
Previous Topic: can I skip header lines for an input file | Next Topic: SNMP Traps for IPS
Posts 1–4 of 4
I loaded an XLS of an extracted Windows Event Viewer of a single PC and need to review that XLS to determine when a user logged in and out each day. Once I loaded the XLS, I can't see to find it to search or or report on it. Help please....
Thank you
[Revised on Tue, 23 Feb 2010 11:21:48 -0800]
OS = Windows XP
Splunk 4.0.9
Excel format probably won't be indexed by Splunk - I bet that if you search index=_internal for the word binary you will see that Splunk did not index the file because of the proprietary binary stuff that MS puts in there. Can you export as CSV and try to upload?
Thanks for your input araitz. I loaded the log in via txt. now i need to generate a report for the min and max time for one user loggin in each day and am having difficulty doing that. Any suggestions?