Getting Data In

Community Activity

What is the file and variable in "Splunk Add-on AWS" for S3, that limits the ingestion of files to 1 hour? Hi, Please, Can some one let me know what is the file and variable in "Splunk Add-on AWS" for S3, that limits the ing... by acceo_purch New Member in Getting Data In 02-17-2023 0 1	0	1
How to set up an appropriate line breaker for data from log file? Hi Splunkers, I'm struggling with setting up an appropriate line breaker for data from log file. The example is belo... by slipinski Path Finder in Getting Data In 02-17-2023 0 3	0	3
Is it possible to collect Telegram chat logs to Splunk? Hello everyone, is it possible to collect logs from telegram chat to Splunk? exist any ready solutions? by bosseres Contributor in Getting Data In 02-17-2023 0 2	0	2
How to import json file? Hello, I am trying to import a json file to SPLUNK. It seems that the file is imported into one event but not all of ... by vernikose Explorer in Getting Data In 02-16-2023 0 8	0	8
How to search with regex and status count to show in a table? Hi, need some help in crafting a search query that could get count by a regex and display counts in a table. The lo... by Wendy Explorer in Getting Data In 02-16-2023 0 1	0	1
Having Difficulty Understanding Stanza in props.conf? Hey all, I have a relatively dumb question. I'm trying to familiarize myself with Splunk's props.conf and transforms.... by TheColorBlack Path Finder in Getting Data In 02-16-2023 0 2	0	2
Why does one log contains multiple messages with same timestamp? Hi guys, I was wondering if some one could please give me a hand on this. We have written a custom TA to extract logs... by freddy_Guo Path Finder in Getting Data In 02-15-2023 0 7	0	7
Sourcetypes with Docker and HTTP Event Collector (Trying to pull a few similar discussions together and recorded for posterity) Challenge The current Docker Logging... by sloshburch Ultra Champion in Getting Data In 02-15-2023 10 36	10	36
Windows Directory Monitoring: How to get file monitoring activity returned to my splunk server? Hi all, Splunk newbie with what I hope is a simple question...I have a UF installed on my windows file server, and i... by rsbst19 Engager in Getting Data In 02-15-2023 0 3	0	3
Can't Extract CEF Fields in Distributed Environment Hello to all.I am using the CEF Extraction TA for extracting CEF fields in a FireEye log. When I test this on a stan... by aferone Builder in Getting Data In 02-15-2023 0 10	0	10
Duplicate logs in Splunk for multiple sourcetypes? Hi All, Good day, we are getting Duplicate logs in Splunk for multiple sources with same event example below how to a... by sekhar463 Path Finder in Getting Data In 02-15-2023 0 9	0	9
Splunk Indexing is Paused Internal Grace Period? Hi All We are Using the Splunk Enterprise version with the Perpetual License Model with Index Capacity of 5 GB . W... by velayudhan New Member in Getting Data In 02-14-2023 0 5	0	5
Getting data into Splunk from Nagios-LS Howdy,I was wondering if anyone has any guidance on how to ingest data from Nagios Log Server?Prior to my arrival, we... by jdhenry Loves-to-Learn in Getting Data In 02-14-2023 0 0	0	0
How to configure the forwarding of Microsoft Windows Print Server logs? Hi Guys, I have installed universal forwarder on Print server, Windows Server 2012 R2 and configured the receiver IP ... by navdeepsingh83 New Member in Getting Data In 02-14-2023 0 3	0	3
Regarding Windows Print Monitoring, what do each of the "operation" field values mean, i.e., add, set, baseline? Regarding Windows Print Monitoring, what do each of the "operation" field values mean, i.e., add, set, baseline? For ... by nixhydra Explorer in Getting Data In 02-14-2023 0 0	0	0
Why are events with equal timestamps merged into one event? I have a few files in which the log events happen to not be in chronological order. Specifically, an event with say, ... by zapping575 Communicator in Getting Data In 02-14-2023 0 5	0	5
How to remove logs from specific sourcetype being indexed? Hi Everyone, Im trying to stop the following index from being indexed into Splunk using the props/transforms confs o... by newsplunker1 Path Finder in Getting Data In 02-14-2023 0 8	0	8
Can a Heavy-Forwarder just raw forward and not parsing? Hi all. Like the subject, can i tell an HF not to PARSE the events, just do a banal tcp forwarding of the raw data? I... by verbal_666 Builder in Getting Data In 02-14-2023 0 6	0	6
How to send aws eventbridge events to a specific index on splunk cloud We have been trying to ingest aws eventbridge events to splunk cloud using API destination partners provided by aws b... by Pavan0411 New Member in Getting Data In 02-14-2023 0 3	0	3
Does the data flow through those same queues at the indexer? If an HF is used for a intermediate / aggregation tier and the data is parsed, what does the ingestion pipeline look... by dokaas_2 Communicator in Getting Data In 02-14-2023 0 2	0	2
Why does UF still require clientCert when requireClientCert is already disable in indexer? Hello Splunkers, I would like to understand why a cert is need for the UF, when indexer already has requireClientCert... by splunker686 Explorer in Getting Data In 02-13-2023 1 1	1	1
How to forward an index to another Splunk instance (n00b)? I found this Index and Forward data into another splunk instance and then found the current version of the reference... by gsfc_linux_dan Explorer in Getting Data In 02-13-2023 0 6	0	6
How to add multiple _meta from one field? Hi all, I want to have on a HF (8.1.4) multiple _meta of one field values in one stanza.Any sugestion how?Example:acc... by janroc Explorer in Getting Data In 02-13-2023 0 4	0	4
Upgraded Indexer shuts down pipeline and has to be restarted? We have recently upgraded an indexer from 8.2.6 to 9.0.2 (running on Windows) and since then we have been plagued by ... by jeremyhagand61 Communicator in Getting Data In 02-12-2023 0 0	0	0
How to blacklist server from heavy forwarder? Currently my Heavy Forwarder is receiving unwanted logs from a lot of different devices, and it is taking up a lot of... by YungLee Engager in Getting Data In 02-12-2023 0 2	0	2