Getting Data In

Community Activity

How to parse the Docker json logs? Hi,This is the log sent from Docker("log":"[21:52:02] [/home/a143519/.local/share/code-server/extensions/ms-toolsai.j... by jackin Path Finder in Getting Data In 03-16-2023 0 1	0	1
What changes we need to get the data into test index? Hi, While trying to configure the rapid7intsightsvm app the data is not indexing to index which I have configured. N... by AL3Z Builder in Getting Data In 03-16-2023 0 3	0	3
WinEventLog:Security EventCode 4732 Name instead of SID in Splunk- How can I view the account or username? Hello, I have all auditing enabled via GPO and I am getting WinEventLog:Security logs in Splunk. I am attempting to ... by garrywilmeth Explorer in Getting Data In 03-16-2023 0 1	0	1
Is there documentation for an Icons list we can include in a Dashboard Panel? Hello.Is there a documentation to have a full visual list, how many and which icons, Splunk Enterprise includes in it... by verbal_666 Builder in Getting Data In 03-16-2023 0 3	0	3
Blacklisting in [WinEventLog://Security] Im looking to drop EventID 4673 where the action=failureHere is an example log 3/15/2023 02:51:42 PM LogName=Security... by nick_currie Path Finder in Getting Data In 03-16-2023 0 8	0	8
When installing the Universal Forwarder on a Domain Controller, are we supposed to check the box for "Add user as local administrator"? Hello. Please see the screenshot on this post, its from the Splunk Universal Forwarder (UF) installer steps. Are we s... by johannterc New Member in Getting Data In 03-15-2023 0 6	0	6
Search to get difference of data from current month and previous month? Hi Legends, I want to know is this type of splunk query possible to create? We want a query which will pull 2 types o... by nicksrulz Explorer in Getting Data In 03-15-2023 0 9	0	9
AWS CloudTrail SQS Based S3 error? Hi, I tried to configure CloudTrail SQS Based S3 and I got the following message: "Warning: This message does not hav... by leuorrouel Loves-to-Learn in Getting Data In 03-14-2023 0 6	0	6
Looking for solutions for Linux/Unix Auditing? Fairly new Splunk user here looking for Linux auditing solutions. I am running a disconnected version of Splunk Ente... by kymenope Explorer in Getting Data In 03-14-2023 0 1	0	1
High CPU utilization with splunk 9.x ( mainly windows UF) After upgrade to 9.x, higher cpu utilization. by hrawat Splunk Employee in Getting Data In 03-14-2023 0 1	0	1
Timestamp parsing from filename HiI want to write the props for below logs.Actually the logs are coming with no timestamp and the file name having th... by jackin Path Finder in Getting Data In 03-13-2023 0 4	0	4
Way to exclude ingestion of events for a specific IP address from a SourceType? When I try use : transforms.conf [setnull] REGEX = 192\.168\.1\.50, 172\.16\.1\.50 DEST_KEY = queue FORMAT = nullQ... by elvis5 Loves-to-Learn Lots in Getting Data In 03-13-2023 0 3	0	3
What version of Splunk is the Splunk UF Daylight Savings Time bug fixed in? Good day. I have looked in the community posts and know that there is a daylight savings time bug in some Splunk UF'... by lesliejones3 Loves-to-Learn in Getting Data In 03-12-2023 0 1	0	1
How do I set the CRON job for scripted inputs so that the timezone is not UTC? Hello,I have a scripted input with a CRON set to 50 5-23 * * * so that it "sleeps" between the hours of midnight and ... by andrewtrobec Motivator in Getting Data In 03-11-2023 0 2	0	2
DB Connect replacing trailing Zero's? Hi Has anyone seen this before, I'm using DB connect to pull data in from a MySQL db, and this is the results shown i... by Gattaca2 Explorer in Getting Data In 03-11-2023 0 3	0	3
Get Blob Data W/O Key or SAS Token (use service account)? Hi All,One of our team just asked me about pulling logs in from an Azure blob container. I read his doc about using a... by jlaytonrpd New Member in Getting Data In 03-10-2023 0 0	0	0
Qualys TA: WARNING: Failed to parse API Output...XML or text declaration not at start of entity My Qualys VM detection pull stopped working. I found a new warning log. TA-QualysCloudPlatform (host_detection): 2023... by ejwade Contributor in Getting Data In 03-10-2023 0 2	0	2
Data from a subsearch is repeated in the stats column? TL;DRWhat is wrong with the SPL at the end? I am trying to list the IIS cs_user_Agent(s) for each test customer.The E... by MScottFoley Path Finder in Getting Data In 03-10-2023 0 4	0	4
Is there any splunk insertion limitation? Our customer is running a script that is performing around 80k times of individual data insertion into Splunk. We ar... by sccheah82 Explorer in Getting Data In 03-10-2023 0 3	0	3
Drop 9 of 10 Events (Sampling) Hi @ All Splunkynatorshow to sample incoming (HEC) data?I want get statistical data /events to save license volume, d... by CMEOGNAD Engager in Getting Data In 03-10-2023 0 2	0	2
break events each 6lines Hello, I'm having issues with line break for some reason. I'm looking to break an event every 6 lines. Any suggestion... by CarolinaHB Explorer in Getting Data In 03-09-2023 0 1	0	1
Splunk Indexing rate in extremely high Hello,We are using a Splunk enterprise license currently with 24 gb of license space. Our problem is that are indexin... by Mescudi Explorer in Getting Data In 03-09-2023 0 3	0	3
Dealing with OMG huge events I've got a few log4j application logs that can get extremely long when my developers decide to dump out message paylo... by mikelanghorst Motivator in Getting Data In 03-08-2023 1 7	1	7
HTTP Event Collector: Is it possible to send multiple events in one API call? In HTTP Event Collector, is it possible to send multiple events in one API call? I tried setting line break propertie... by vyarchak Engager in Getting Data In 03-08-2023 1 11	1	11
How to delete the uploaded log file? Hi team, I have uploaded the log file in Splunk via the upload option from settings. How to delete the uploaded log f... by MS23 Explorer in Getting Data In 03-08-2023 0 2	0	2