Getting Data In

Community Activity

	How to get last 5 mins triggered alerts and its data like host, source, message, etc fields using Splunk REST API Hi Team, How to get last 5 mins triggered alerts and its data like host, source, sourcetype, message, etc fields usi... by msunilreddy New Member in Getting Data In 09-02-2025 0 1	0	1
	Unable to access services/saved/searches REST API for Splunk Cloud Hi Team, I got one trail account from Splunk Cloud. I need to access below API.services/saved/searchesBut when I tr... by msunilreddy New Member in Getting Data In 09-02-2025 0 1	0	1
	Generate Splunk Cert with "bin/splunk createssl server-cert" including Server Alternative Name (SAN) Hey,i am trying to connect from EDGE Processor to my Splunk Server and iam getting the following error:/opt/splunk-ed... by stehsa Engager in Getting Data In 08-29-2025 0 2	0	2
	Transforms Truncating - Setting SOURCE_KEY We are currently having an issue where our masking transforms are not working due to the length of _raw being too lar... by mmendez-opentec Explorer in Getting Data In 08-28-2025 0 9	0	9
	SC4S not able to parse syslog and ingest I've set up my SC4S and connected to my indexer. Logs are ingested as show below but further down, those does not get... by wayne333 Explorer in Getting Data In 08-28-2025 0 2	0	2
	Kafka Broker Error – Topics not receiving events (Status code KAFKA-1) Hello,I’m experiencing an issue with my Kafka broker integration with Splunk.The error message I’m seeing is:Kafka Br... by kn450 Explorer in Getting Data In 08-28-2025 0 2	0	2
	to read the first previous event out of the selected time range Hi, can anybody help, please?Here the status quo:In the Dashboard there is time picker object.selected time range: 20... by spisiakmi Contributor in Getting Data In 08-28-2025 0 7	0	7
	how to connect Azure Event Grid to Splunk using Webhooks and Cloud Events I am the technical lead for a product that we hope to integrate to Splunk instances using webhooks. As an intermedia... by LymanHurd New Member in Getting Data In 08-27-2025 0 1	0	1
	Indexer Cluster Fixup Tasks Stuck (fsck failed: exitCode=24)(bucket is already registered) After the Splunk Master enters maintenance mode, one of the indexers goes offline and then back online, and disables ... by azer271 Path Finder in Getting Data In 08-27-2025 0 2	0	2
	Splunk HEC Data Ingestion Issue from Azure Web Apps to Customer Cloud Instance EnvironmentSending from: Azure Web Apps (Kudu CLI)Target: Two Splunk instancesPersonal trial Splunk (working)Customer... by coddydaddy88 Explorer in Getting Data In 08-26-2025 0 7	0	7
	$_index_name in indexes doesn't expand when moving indexes to frozed Hi, I have issues with Splunk Enterprise 9.4.2 not expanding $_index_name from etc/system/local/indexes.conf.My defau... by jni Explorer in Getting Data In 08-25-2025 0 2	0	2
	Splunk Cisco encore Events with no Timestamp Hello friends,Splunk is cranky with errors stating: Failed to parse timestamp in first MAX_TIMESTAMP_LOOKAHEAD (40) c... by b17gunnr Path Finder in Getting Data In 08-25-2025 0 2	0	2
	Need to exclude or discard specific field values which contains sensitive info from indexed events I Need to exclude or discard specific field values which contains sensitive info from indexed events. Users should no... by Karthikeya Communicator in Getting Data In 08-25-2025 0 17	0	17
	Solaris UFs have different build hash than others This just makes things confusing - why do the RPM and DEB versions (both x86 and ARM) and Windows of v9.3.3 have buil... by haraksin Communicator in Getting Data In 08-23-2025 0 3	0	3
	XmlWinEventLog:ForwardedEvents sourcetype field extraction issue Hi,I’m currently receiving Windows logs in Splunk via the (UF → HF → Splunk Cloud). The logs are being assigned to tw... by tech_g706 Path Finder in Getting Data In 08-22-2025 0 1	0	1
	Indexed Extractions not working properly Hi all,we collect some json data from a logfile with a universal forwarder.Most times the events were indexed correct... by klowke_svbz Loves-to-Learn in Getting Data In 08-22-2025 0 4	0	4
	Timestamp extractor issue on UF I have two time stamps in each record 2025-08-20 17:37:00.317 and SEN_20250820153640.1703351.txt.And want to use firs... by LIS Path Finder in Getting Data In 08-22-2025 0 9	0	9
	Event Time does not match We are using SC4S to collect local logs from FortiAnalyzer. We've noticed a error: the timestamp within the log file ... by phamanh1652 Path Finder in Getting Data In 08-21-2025 0 14	0	14
	Filter TCP traffic on Heavy Forwarder to Drop a Sourcetype I have noticed that my vmware logs which are forwarded to my HF via TCP are very large. We would like to filter out ... by splunk_admin Observer in Getting Data In 08-21-2025 0 2	0	2
	UF Data . by Priya70 Explorer in Getting Data In 08-21-2025 0 5	0	5
	Splunk Observability Cloud/SignalFx - Related Content Feature is not immediately shown Hello Splunkers!After deploying the Splunk Otel Collector I wanted to check all of the traces and metrics send from o... by chuvii New Member in Getting Data In 08-20-2025 0 0	0	0
	Power Platform audit logs We are looking for Power Platform audit logs to ensure that these logs will automatically show up in SPLUNK if they a... by bellb New Member in Getting Data In 08-19-2025 0 1	0	1
	Inputs not getting deleted when the mapped global account is deleted I have developed splunk add on using splunk ucc.Where the inputs can be created adding a global account value. [It sh... by TestUser Loves-to-Learn Lots in Getting Data In 08-19-2025 0 1	0	1
	Install Universal Forwarder on Exchange Server I’ve installed the Universal Forwarder on an Exchange Server 2016. It successfully collects most of the logs defined ... by phamanh1652 Path Finder in Getting Data In 08-18-2025 0 6	0	6
	XML Parsing in transforms.conf Hi, I am having some big issues trying to parse certain XML logs into Splunk.A sample online log which is in the same... by ta1 Explorer in Getting Data In 08-17-2025 0 5	0	5