Getting Data In

Thread Info

"INFO WatchedFile - Resetting fd to re-extract header"?

I have the csv file which has the below lines. ========================= METRIC_NAME,METRIC_UNIT,BEGIN_TIME,END...

by Explorer in

Kv store status showing failed not able to start?

Getting errors as Failed to start KV Store process. See mongod.log and splunkd.log for details. tried few steps by...

by Path Finder in

Granular AWS CT Account Logging using Log Prefix within Splunk TA for AWS

Hello, I realize this is a rather specific request so I'll keep it short and simple to see if anyone has had previ...

by Path Finder in

Update slpunkclouduf.spl app on Windows Universal Forwarder- What is the syntax we should use to force the update?

Hi, Got a message from Splunk that our universal forwarder certificate package will be expiring soon and trying to...

by Engager in

How do we get duplicate time values from file?

Hello All, I have a file that is created/appended via a bash script (varialbe >> file.txt) It puts the newest d...

by Contributor in

Why am I receiving a "Server is busy" error after configuring the HTTP Event Collector?

Dear all, I have configured the HTTP Event Collector but can't successfully send events. My configuration in in...

by Explorer in

Two types of data over the same port?

I'm trying to get both JSON and syslog information from our firewall into Splunk Cloud using universal forwarder. ...

by Explorer in

How to ingest bloomberg application data into splunk?

hai all, can you suggest is there anyway to ingest blookberg application data into splunk

by Path Finder in

How do I extract these events between two date ranges?

Hello!, First time posting here. Just started learning Splunk and I am trying to extract events between two date rang...

by Engager in

Why did Deployment client stop phoning home?

Hello, We have a huge setup and UFs are managed through Deployment server, All the UFs are at far places and ...

by Loves-to-Learn in

Any suggestions on how to check on issues with logs from network devices not writing into disk in rsyslog?

Hello Splunk Experts, We had issue where several network devices not ingesting into SPlunk. Further checking with ...

by Explorer in

How do I send journald logs to my Splunk indexer?

I would like to separate these logs into units (ie - etcd.service, kube-apiserver.service, kube-controller-manager.se...

by New Member in

Universal Forwarder- Am I misunderstanding the UF?

Good Morning all , I have a standalone splunk installation , there is no syslog data being transmitted and Im rea...

by Loves-to-Learn Lots in

Can splunk enable listen be made more secure?

Is it possible to restrict the "splunk enable listen" command so that it only listens to certain IP addresses? Or bet...

by Explorer in

Universal Forwarder failed to start--how do I get it to ingest the missed entries?

The UF service failed to start after a reboot on a Windows Server. I've addressed that issue, but there are logs th...

by Explorer in

How to remove Commas In a Field Value?

Hello! I have recently just downloaded Splunk on my MAC for experimenting/practicing searching and dashboarding. I...

by Explorer in

Why is data not getting indexed?

Hi everyone, i have a splunk universal forwarder installed in linux machine and configured some log files to forwa...

by Path Finder in

Splunk Add-on for Microsoft Cloud Services Fields: How to make field names more usable?

Hi, I have implements the Splunk Add-on for Microsoft Cloud Services and while I can get data in the filed na...

by Path Finder in

How to combine events which got generated in a specific span?

Hi Team,Im trying to combine events which are generated in a specific span of 1hr and show the count as 1 instead of ...

by Path Finder in

Why does splunk show no logs at a particular time frame in day when searched on the specific index and sourcetype?

I have a clustered splunk environment and monitoring in place for quite a few application logs.Lately , I have been e...

by Explorer in

How do I use self signed SSL with HEC?

Similar to some other existing community posts, I am having issues sending POST requests to the https://.../services/...

by New Member in

How can you get Splunk Universal Forwards on every host in a Windows Domain in an isolated environment?

How can you get Splunk Universal Forwards on every host in a Windows Domain in an isolated environment (no internet a...

by New Member in

Can you extract file from zip and ingest

We are new to splunk and we are trying to find about all the vast capabilities that splunk offers. So here is the s...

by New Member in

How can I put a website on a dashboard studio? Is that possible?

Is it possible to monitor a website URL on a dashboard? and how can i configure this easilly?

by Engager in

WebLogic add-on is not parsing UTC time zone correctly but does correct with GMT

I've discovered issue with WebLogic add-on (1.0.0) for Splunk and I am having hard time figuring out how to fix props...

by Path Finder in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

"INFO WatchedFile - Resetting fd to re-extract header"?

Kv store status showing failed not able to start?

Granular AWS CT Account Logging using Log Prefix within Splunk TA for AWS

Update slpunkclouduf.spl app on Windows Universal Forwarder- What is the syntax we should use to force the update?

How do we get duplicate time values from file?

Why am I receiving a "Server is busy" error after configuring the HTTP Event Collector?

Two types of data over the same port?

How to ingest bloomberg application data into splunk?

How do I extract these events between two date ranges?

Why did Deployment client stop phoning home?

Any suggestions on how to check on issues with logs from network devices not writing into disk in rsyslog?

How do I send journald logs to my Splunk indexer?

Universal Forwarder- Am I misunderstanding the UF?

Can splunk enable listen be made more secure?

Universal Forwarder failed to start--how do I get it to ingest the missed entries?

How to remove Commas In a Field Value?

Why is data not getting indexed?

Splunk Add-on for Microsoft Cloud Services Fields: How to make field names more usable?

How to combine events which got generated in a specific span?

Why does splunk show no logs at a particular time frame in day when searched on the specific index and sourcetype?

How do I use self signed SSL with HEC?

How can you get Splunk Universal Forwards on every host in a Windows Domain in an isolated environment?

Can you extract file from zip and ingest

How can I put a website on a dashboard studio? Is that possible?

WebLogic add-on is not parsing UTC time zone correctly but does correct with GMT

New This Month - Splunk Observability updates and improvements for faster ...

What's New in Splunk Cloud Platform 9.3.2411?

Buttercup Games: Further Dashboarding Techniques (Part 6)

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

splunkd.log errors and broken fishbucket on splunk...

update to Splunk Add-on for Infoblox?

CSAM Reports - 500 ERROR