The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.

Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.

Forums: Posted by Yancy

Topics 1–20 of 23

Topic	Author	Replies	Latest Post
Restoring raw files In: SplunkAdministration (Not tagged) On occasion, it would be useful to produce the original log file that the application / webserver / ...	Yancy Posts	1	31 months ago...
Love the app, hate the documentation In: SplunkRequest (Not tagged) As a Subject Matter Expert on various topics at my company, I know how easy it is to make assumptions ...	tgreenlaw Posts	26	33 months ago...
deployment server changes In: SplunkRequest (Not tagged) +1 for this request. I think this would help streamline deployment.	mikelanghorst Posts	7	33 months ago...
Autocomplete on tags In: SplunkRequest (Not tagged) The problem with tagging is that it is quite easy to build up disparate taxonomies without "helpers". ... +1 on this This would be really helpful for creating variations on a base tag. I find myself tagging ...	nik Posts	4	33 months ago...
Grouping searches In: SplunkAdministration (Not tagged) You can group searches together with Transaction Searches if there's some common elements between these ...	tnine Posts	5	33 months ago...
Self-guided classes In: SplunkGeneral (Not tagged) Only the one, which is at http://www.splunk.com/web_assets/education/subsearch/index.htm I like it ... I like the Correlation with Subsearches self-guided class, are there plans for more self-guided clas...	Yancy Posts	5	34 months ago...
Splunk free license limits In: SplunkGeneral (Not tagged) The total index size should only be limited by your available storage and your retention policy. If ...	hotdogwater Posts	1	34 months ago...
tags represented by a tag cloud In: SplunkRequest (Not tagged) I'd like to see this feature too. Maybe something like a souped up EventTyper that produces a Wordle-like ...	brettnem Posts	3	35 months ago...
Latency between events In: SplunkSearchAndAlert (Not tagged) Excellent. Didn't know about these builtin fields (duration, first, last) until now. So, I have a number of logs that have requests and responses written in them. They have a unique identifier ...	Yancy Posts	2	36 months ago...
WQL interval issues, system eventlog In: SplunkAdministration (Not tagged) It looks like the WITHIN keyword would help per: http://msdn.microsoft.com/en-us/library/aa394527(VS.85).aspx So ...	mfetting Posts	6	39 months ago...
Just plain source type In: SplunkApplications (Not tagged) http://www.splunk.com/doc/3.4.3/admin/propsconf#propsconfspec You should also set MAX_EVENTS then ...	mvanaswegen Posts	4	42 months ago...
Extracting fields In: SplunkAdministration (Not tagged) You shouldn't need to augment your logs with delimiters. More so,use that when your logs are already ...	mjtice Posts	2	42 months ago...
10GB day limit reached-looking for a search which will alert me before that threshold gets reached In: SplunkGeneral (Not tagged) There's a Usage Report within the Administration panel under License & Usage. It seems like a good ...	fduarte Posts	3	42 months ago...
Reading remote log file/directory In: SplunkAdministration (Not tagged) Can you get to the path directly from Windows? You should just need to give the path to the folder, ...	deepaksplunk Posts	4	42 months ago...
Limiting splunkd & metrics log sizes In: SplunkAdministration (Not tagged) Perfect. Just what I was looking for. I'm running Splunk in a distributed environment with Splunk configured as a light-weight forwarder. While ...	Yancy Posts	5	43 months ago...
splunk -wmi.exe application crash In: SplunkAdministration (Not tagged) Is Splunk running under a domain account that has admin on those boxes? I had some similar crashes ...	jwinzenz Posts	1	44 months ago...
Wildcards for Data Inputs In: SplunkAdministration (Not tagged) Thanks for tip on ./splunk list monitor very helpful for me. Can someone explain the correct form ...	patkinson Posts	10	44 months ago...
Multiple Syslog entries displayed as single line after updrage to v3.3.3 In: SplunkGeneral (Not tagged) Saw this in the Known Issues for 3.3.3, hope it helps. # Default syslog parsing via UDP does not ...	blamprecht Posts	5	44 months ago...
Language for capturing data from Windows Servers In: SplunkGeneral (Not tagged) The Scriptomatic utility from MS can be helpful for writing and exploring WMI queries in general. Get ...	pdesouza Posts	8	45 months ago...
Pulling Remote EventLogs In: SplunkAdministration (Not tagged) Fixed. Forgot to enable splunk-wmi.py in my inputs.conf I want to pull EventLogs from remote Windows boxes via WMI, but the config does not seem to be taking. ...	Yancy Posts	1	46 months ago...

1 2 Next »

Forums: Posted by Yancy

Description:

Permalink:

Splunk.com

Product:

Solutions:

Industries:

Partners:

About_us:

Support:

Services:

Resources:

Download