Getting Data In

Community Activity

	Duplicate and Missing Logs After Splunk Universal Forwarder Pod Restart in EKS We are experiencing consistent log duplication and data loss when the Splunk Universal Forwarder (UF) running as a He... by Ravi1 Loves-to-Learn in Getting Data In 06-30-2025 0 1	0	1
	Citrix NetScaler sourcetype for HEC The current Netscaler guidance is that logs should be exported via HEC. However, it seems like the app doesn't have a... by _joe Contributor in Getting Data In 06-30-2025 0 1	0	1
	Modify Security Events for EventCode 4624) Hello! I have logs from Domain Controller Active Directory in Splunk and try to configure monitoring of user logons (... by Kosyay Explorer in Getting Data In 06-30-2025 0 12	0	12
	error on dbx connect : DBX Server is not available, please make sure it is started and listening on 9998 port or consult Hello,im facing a problem on my Dbx connect : Cannot communicate with task server, please check your settings. DBX Se... by hv64 Explorer in Getting Data In 06-30-2025 0 4	0	4
	About Upload File Hi guys,I am new here and I want to explore some things in splunk. I have a txt file, I uploaded it and I want to get... by tanjiro_rengo New Member in Getting Data In 06-30-2025 0 4	0	4
	Need help receiving and parsing IPFIX data in Splunk using Splunk Stream Hello everyone,I have a network monitoring system that exports data via IPFIX using Forwarding Targets.I am trying to... by kn450 Explorer in Getting Data In 06-29-2025 0 1	0	1
	Cannot parse linux logs My linux logs cannot parsed in dashboard. My renderxml is setted to false by meg Observer in Getting Data In 06-27-2025 0 3	0	3
	Data not reaching Splunk Cloud after Migrating to new Universal Forwarders Hello,I am having issues getting data into Splunk Cloud with two new Universal forwarders.I have two existing Univers... by Pete_ Explorer in Getting Data In 06-26-2025 0 7	0	7
	How to forward csv data files from sharepoint online to splunk cloud I don't mean SharePoint activity, admin or audit logs. I mean actual data files (that will be converted later to look... by untieshoe Path Finder in Getting Data In 06-26-2025 0 3	0	3
	Log formatting not as expected Jun 26 13:46:12 128.23.84.166 [local0.err] <131>Jun 26 13:46:12 GBSDFA1AD011HMA.systems.uk.fed ASM:f5_asm=PROD vs_na... by splunklearner Communicator in Getting Data In 06-26-2025 0 6	0	6
	Why for f5 data we use [UDP://9514] instead of using syslog? I came across in our repo a monitoring stanza for f5, which is [UDP://9514]. I wonder if there is any reason not to u... by danielbb Motivator in Getting Data In 06-26-2025 0 3	0	3
	Splunk HEC/kafka raw logs parsing / addons Hello, is it possible in Splunk HEC from Kafka to receive raw events on HF in order to parse fields with addons?It se... by splunkreal Motivator in Getting Data In 06-26-2025 0 4	0	4
	Index time based retention - based on indexed time or event time? This information is probably located in one of the docs but didn't find it in anything I've read just now. Under norm... by Runals Motivator in Getting Data In 06-25-2025 0 6	0	6
	Filter events on UF I have a data source of significant size and I want to filter a large percentage of the data on the UF so it isnt sen... by chrisyounger SplunkTrust in Getting Data In 06-24-2025 0 1	0	1
	Perfmon counters not coming in after Universal Forwarder update to 9.2.6.0 from 9.2.0.1 Thought I would post here in the community as well since I have this opened with support. A couple weeks ago, another... by DarthHerm Explorer in Getting Data In 06-24-2025 0 4	0	4
	using mcollect to collect metric data Hi,I am using mcollect to collect data from certain metrics into another metric index. I have created the new metric ... by _pravin Contributor in Getting Data In 06-24-2025 0 4	0	4
	Struggling to correctly parse JSON data Hello,We have multiple fortigate devices forwarding to a logstash server that is storing all the device's logs in 1 f... by LOP22456 Explorer in Getting Data In 06-24-2025 0 5	0	5
	Warnings Hey mates, I'm new to Splunk and while ingesting the data from my local machine to Splunk this message shows up."The ... by yash_eng New Member in Getting Data In 06-23-2025 0 3	0	3
	Windows UF stop after batch mode is finished Hello, I have a Windows machine with an UF installed that logs various logs such as wineventlog. These logs work corr... by Anders333 Explorer in Getting Data In 06-23-2025 0 8	0	8
	Finding forwarders that have not sent data Hello , Can anyone please provide me a query which lists out all forwarders that have not send data over the last 30... by sverdhan Loves-to-Learn Lots in Getting Data In 06-20-2025 0 5	0	5
	Rest apis for metric data/ values I am trying to fetch metric values of the infra i am monitoring using rest apis, so far all the apis i have tried are... by kalyan New Member in Getting Data In 06-20-2025 0 1	0	1
	exclude winevent older than 7 days from ingest Hello,I am about to onboard 1000+ Windows UF. Those have windows event logs going back many years. Is there a way to ... by Andre_ Path Finder in Getting Data In 06-20-2025 0 23	0	23
	What Log Files Should Be Monitored in SUSE Linux for Splunk ES, and How Do They Differ from Standard Linux Monitoring? Hi Splunk Community,We’re currently onboarding SUSE Linux (SLES/OpenSUSE) logs into Splunk Enterprise Security (ES) a... by sumanssa Observer in Getting Data In 06-19-2025 0 3	0	3
	Lost AWS events after ingestion I am in the middle of a Splunk migration. One of the tasks is to moved data from some sourcetypes onto the new server... by vishalduttauk Communicator in Getting Data In 06-19-2025 0 3	0	3
	splunk enterprise \| services start error why this issues I was trying to upgrade the splunk enterprise Checking prerequisites... Checking http port [80... by Mirza_Jaffar1 Explorer in Getting Data In 06-19-2025 0 6	0	6