Forums: Posted by donypie

Ok it works fine with host="MyHost" sourcetype="WinEventLog:Application" Thanks a lot for your he...
Hi all, I send windows event log via a Splunk forwarder to a Splunk server running on a Linux server. ...

Hi, It works ! sorry for this post. Pierre.
Hello all, I have to suppress some fields in events before indexing. I think I have to use sed. I ...

Hi all, I would like to use the python dnslookup.py script as indicated in the Splunk doc external_cmd ...

Hi, It's now clear. Thanks a lot for your help. Kind regards. Pierre.
Thanks for your answer. So, we can conclude that it's better to let Splunk roll naturally from hot to ...
Thanks a lot for your answer. But can you tell me which settings I have to use to obtain a naturally ...
Hi all, Can you tell me what you are doing for splunk's backup ? How do you backup your hot indexes ...

Hi all, We have two sites NBB4 and NBB2. We would like to install two splunk, one in each site. The ...

Hello, Can you tell me what is the best platform for installing Splunk : - Linux RedHat ...

Hi emma, Thanks for your reply. I have found the variable SPLUNK_DB in the /opt/splunk/bin/setSplunkEnv ...
Hi Joe, I have tested the following solution : 1) Install Splunk with the following option : ...
What I have done is the following : Install Splunk with the default data path /opt/splunk/var/lib/splunk ...
If I set the diskusage to 1G, Splunk starts but I have error messages : 06-06-2006 15:25:43.474 ...
Hi Joe, I have made a link to /data/splunk with this command but : ln -s /data/splunk /opt/splunk/var/lib/splunk [root@linprd03 ...
Have tried to change to 5 G, but the problem is still there. How can I solve it ?? 06-02-2006 15:43:18.050 ...
Hi all, I have found an error msg in the splunk log : ERROR DiskUsageMonitor - The disk is full ...
Hi all, I have made an upgrade to Splunk 2.0 and now I haven't any data indexed. I have made a complete ...

Hi Joe, I used this technique to centralize all Solaris logs to a Linux RedHat central server where ...

Joe, Thanks for your script. I have also read the post of Paul Krizak concerning the /var/lock/subsys. ...
HI all, Does somebody has a start/stop script to be able to start splunk as a daemon at reboot/shutdown ...

HI all, Does somebody has a start/stop script to be able to start splunk as a daemon at reboot/shutdown ...

Joe, Thanks for your answer but we will try to compile perl with Thread support on Solaris. I think ...
Joe, It seems that I have to recompile Perl to have Thread support under Solaris.
Hi Joe, I have tried to use logminion on a Solaris 9 but I get an error : root@scnsys11:~/logminion/logMinion> ...

Joe, Thanks for your good answer. I will let you know how it will evolve. Thanks for your sup...
Hi Joe, Thanks for your answer but it's not clear for me. Why is the rotatePeriodInSecs set to ...
Hi all, If I want to limit the space used by the index to 5 G and keep data in splunk for 6 weeks, ...