Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

Syslog and Splunk?

Hello Everyone, We are sending VPN data via syslog over UDP to our splunk server. The reason we are using syslog a...

by Path Finder in

How to forward entire .txt file in splunk from batch file

I have a batch file that runs this: break > D:\....\test.txt break > D:\....\test2.txt process1 >> D:\....\...

by Explorer in

Deleting an add-on created by Add-on builder: have you seen the following error?

Hi, I removed an add-on manually by deleting the folder $SPLUNK_HOME/etc/apps/TA-myProject. But now, i'm having an...

by New Member in

How to convert date and time in UTC to EST?

How to convert the DateTime in UTC to EST? I have the time value as 20161221211100. Thank you in advance.

by Communicator in

overwrite index on heavy forwarder based on port

Hi. We are about to ingest logs from multiple suppliers, where the individual supplier has full control over their...

by Contributor in

Can I use a _meta variable from inputs in a transforms on the same heavy forwarder?

Hi. I have a business requirement where I need to index data from multiple of our vendors that also use Splunk. T...

by Contributor in

CSV input, only headers

Hi all, I've configured a universal forwarder on Windows server to monitor a folder with csv files. These fil...

by New Member in

DBConnect 3.2.0 integration with MongoDB

Hi all, I have problem getting Splunk to connect to MongoDB. Below are what i have done so far: 1. Download the d...

by Path Finder in

Splunk Universal Forwarders audit logs merged - audit.conf configuration

Hi All, As indicated here (https://community.splunk.com/t5/Getting-Data-In/Why-am-I-unable-to-monitor-SPLUNK-HOME-v...

by Communicator in

How to make Splunk ignore logs older than specific days

Dear Team, I had an issue with splunk and had to follow this post: https://community.splunk.com/t5/All-Apps-a...

by Loves-to-Learn in

Why am I seeing so many corrupt buckets?

While searching for the reason why our indexers are creating so many hot buckets, I executed: | dbinspect index=* cor...

by Path Finder in

Exchange log fowarding.

Hi all, After setting up the universal forwarder on a Exchange server. Which configuration should be done in the GUI ...

by New Member in

Getting data into Splunk ES

I already have a Splunk Indexer, and the data is being sent there. I have a separate ES server. How do I view my da...

by Engager in

Strip leading junk to index json

I have some json coming in from syslog and there's a bunch of added junk that's inhibiting the field extraction. I ...

by New Member in

Splunk rest api result not returning aggregated field

search index=abc dp_"response"| stats perc95(api_time_taken) as abc by api This is the search query I am using ...

by New Member in

input Tab doesnt load : Mircosfot azure add on

Hi we have to ingest activity log into Splunk. we installed microsoft addon for Splunk on our heavy forwader. when ...

by Observer in

Frozen data deletion script - deletes older than 12 months data

Hello guys, I've created a shell script, scheduled with cron-like software, which deletes 12+ months data except f...

by Builder in

Help with building REST API input in Splunk addon builder for Oracle Cloud integration

I am building a REST API input using add-on builder for ingesting logs from Oracle Identity Cloud Service following i...

by Builder in

Routing events to a specific index based on a field value via transforms and props not working as expected

I am trying to route certain events to a specific index based on a field value. All events are sent to a heavy forwar...

by Communicator in

Not able to authenticate Splunk REST API with Postman

I'm able to confirm this works for me curl command is working for me. It returns a session ID. curl -k https://splun...

by Communicator in

Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.

Getting Data In

Discussions

Syslog and Splunk?

How to forward entire .txt file in splunk from batch file

Deleting an add-on created by Add-on builder: have you seen the following error?

How to convert date and time in UTC to EST?

overwrite index on heavy forwarder based on port

Can I use a _meta variable from inputs in a transforms on the same heavy forwarder?

CSV input, only headers

DBConnect 3.2.0 integration with MongoDB

Splunk Universal Forwarders audit logs merged - audit.conf configuration

How to make Splunk ignore logs older than specific days

Why am I seeing so many corrupt buckets?

Exchange log fowarding.

Getting data into Splunk ES

Strip leading junk to index json

Splunk rest api result not returning aggregated field

input Tab doesnt load : Mircosfot azure add on

Frozen data deletion script - deletes older than 12 months data

Help with building REST API input in Splunk addon builder for Oracle Cloud integration

Routing events to a specific index based on a field value via transforms and props not working as expected

Not able to authenticate Splunk REST API with Postman

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.

Share your experience in our
Career Survey Now!

Can I use a _meta variable from inputs in a transf...

DBConnect 3.2.0 integration with MongoDB

Splunk Universal Forwarders audit logs merged - au...

Exchange log fowarding.

Splunk rest api result not returning aggregated fi...