Getting Data In

Community Activity

	How to join match on closest time? Hi, After some advice please. I am using a left join with Max=0 as need to find some events over a 24 hour period, h... by finchy Explorer in Getting Data In 03-22-2023 0 1	0	1
	Why is wildcard not working in log file name for input.conf? Hello, I have the input.conf for several log files as [monitor:///u01/mnt/log-1/data/trafficmanager/access/*] index... by phamxuantung Communicator in Getting Data In 03-22-2023 0 5	0	5
	Receiving error that “could not load lookup xxx” when using Splunk API to call report, but no such lookup files hi i got a weird problem when i call Splunk API'https://localhost:8089/servicesNS/-/search/search/jobs?output_mode=js... by Zane Explorer in Getting Data In 03-21-2023 0 0	0	0
	How to clean up dnslogs and replacing and trimming characters? We have some MS dns logs we want to ingest and we want to clean up some of the text before processing. Essentially ... by secphilomath1 Explorer in Getting Data In 03-21-2023 0 1	0	1
	Why is Splunk showing a time difference? HiWe are trying to write the props from couple of days Issue: splunk showing time difference 4 to 5 hours logs are co... by Jackinout9 Loves-to-Learn in Getting Data In 03-21-2023 0 4	0	4
	Windows Eventlogs from windows splunk universal forwarder lacking timezone Timezone on my splunk indexer is GMT and windows machine is PST. I found that the metadata from Windows Eventlogs los... by Alex00001 Loves-to-Learn in Getting Data In 03-21-2023 0 6	0	6
	How to send event from UF to multiple Heavy Forwarders and different indexers I have the following situation:I have an universal forwarder that were sent logs to (HF1 and index=idx1)Could you pro... by randqm Loves-to-Learn Everything in Getting Data In 03-21-2023 0 5	0	5
	Why am I receiving warning about apps and default apps? does this affect anything typically? I ask this because I have apps that I downloaded from splunkbase and put into /... by domino30 Path Finder in Getting Data In 03-20-2023 0 1	0	1
	Documentation for AWS app for S3 Hi We have a requirement to pull data from third-party aws account. Third party provider will push the data to a S3 ... by Luckyani Explorer in Getting Data In 03-20-2023 0 0	0	0
	For inputs.conf, can the time_before_close setting be used with [batch]? Follow on question to https://community.splunk.com/t5/Getting-Data-In/Can-batch-read-a-partial-file-such-that-the-of-... by actionabledata Path Finder in Getting Data In 03-20-2023 0 1	0	1
	How do I individual count each of them in this path? So, I wanted to Split the path into multiple events so that i can count whatever i want to count like active or dev o... by thiruyadav17 Engager in Getting Data In 03-20-2023 0 2	0	2
	DB Connect - Problemas con JDBC (petaSQL)? I am new to Splunk technology and I would like to learn Splunk.I have tried to connect a petaSQL server from Splunk, ... by jaegyunk New Member in Getting Data In 03-20-2023 0 2	0	2
	How to uninstall Splunk Enterprise on Windows 11? Hello, I would like to uninstall Splunk on my windows machine, do i need to stop the service first and then uninstall... by Roy_9 Motivator in Getting Data In 03-20-2023 0 1	0	1
	Why does btool quit with "SPLUNK_HOME must be set. Stopping."? My GoogleFu is failing me. There's a lot of btool tutorials, but I can't find this solution... I'm on a Windows 10 sy... by mykol_j Communicator in Getting Data In 03-20-2023 0 4	0	4
	Multiple file monitors on Windows machine- Some work only when others are disabled? I'm having difficulty ingesting log data from flat files into Splunk. I'm monitoring six different directories, each ... by mburgess97 Path Finder in Getting Data In 03-20-2023 0 10	0	10
	How to search for events with domains on DNS Blocklist? I have lookup table with a DNS blocklist. What query can I use to search for events with any of the blocklisted domai... by waJesu Path Finder in Getting Data In 03-20-2023 0 2	0	2
	Getting mainframe logs into Splunk? hi, How can i get logs from mainframe into splunk is there any forwarder avaialble? if not whatelse can be done to ge... by ChhayaV Communicator in Getting Data In 03-20-2023 0 8	0	8
	Connecting Universal Forwarder to Heavy Forwarder Issue? Hello Community, I am having issues connecting my Universal Forwarder with a Heavy Forwarder. I have the following se... by DanAlexander Communicator in Getting Data In 03-19-2023 0 4	0	4
	Best Practices for Managing Applications from Splunkbase? On the topic of managing applications from Splunkbase, I have a few questions. Take the TA-Exchange-Mailbox as an exa... by mburgess97 Path Finder in Getting Data In 03-19-2023 0 2	0	2
	How to combine multiple events into a single event based on identical timestamp? Hi, I am exporting my SAS server but it's splitting one big event to multiple small events with identical timestamp. ... by human96 Communicator in Getting Data In 03-19-2023 0 5	0	5
	How to index updates from existing CSV file? Hello, I have a CSV file with 2 fields. (field1,field2). The file is monitored and the content is indexed however th... by Juan_Leon Explorer in Getting Data In 03-18-2023 0 2	0	2
	Why is the interval setting in inputs.conf ignored? Currently on v 9.0.3 (but has been happening forever). On our universal forwarders we're using the Splunk provided bi... by mykol_j Communicator in Getting Data In 03-17-2023 0 6	0	6
	Could not use striptime to parse timestamp Having problem creating a props configurationSeeing could not use striptime to parse timestamp.Below logs comes from ... by Jackinout9 Loves-to-Learn in Getting Data In 03-17-2023 0 4	0	4
	Issues using Linux extraction using Splunk Linux TA Can someone guide me in the right direction. I have an issue with src_ip extraction using the nix splunk TA.I see t... by mburgess97 Path Finder in Getting Data In 03-17-2023 0 5	0	5
	Is it possible to configure 'REST' data input with a 'payload' parameter? Hello, Is it possible to configure 'REST' data input with a 'payload' parameter (bolded section in below 'curl' comma... by jawaharas Motivator in Getting Data In 03-16-2023 0 1	0	1