Getting Data In

Community Activity

Are any default apps in universal forwarder unnecessary? I just installed universal forwarder, And was deploying my first app using DS, I came accros few apps in place prior ... by hectorvp Communicator in Getting Data In 12-22-2022 0 5	0	5
Extreme Latency with Windows Events on one Windows Event Collector. How do I troubleshoot? Hello i have two windows event collectors. 3 domain controllers send their events to one event collector (WEC01), and... by davidwaugh Path Finder in Getting Data In 12-22-2022 2 25	2	25
When monitoring CSV file on Windows, it only ingests top line and inconsistent events? We have a distributed splunk (8.x) environment on-prem, with CM and 3 peers, 2 SH, 1 deployment server, and many clie... by calvinmcelroy Path Finder in Getting Data In 12-22-2022 0 3	0	3
Where and how do I configure a sourcetype for generic xml? Hey there! I'm trying to monitor(batch)) a folder congaing xml files, the XML files don't necessarily have the same... by dorbi Explorer in Getting Data In 12-22-2022 0 5	0	5
What is the recommended method to ingest exported sysmon logs? Context: I have an external client that uses Arctic Wolf for sysmon logs on their endpoints and need to ingest those ... by russell120k Engager in Getting Data In 12-22-2022 0 2	0	2
How to resolve ERROR PersistentScript? Disponemos de Splunk Cloud Victoria 9.0.2208.4 y hemos instalado y configurado: - Seguridad en la nube de Cisco - Co... by gsiuv Loves-to-Learn Lots in Getting Data In 12-22-2022 0 7	0	7
Need help in integrating Amazon Eventbridge with Splunk through api Hi guys, We need to get events generated from aws eventbridge to get into splunk. So we tried integrating the eventb... by Pavan0604 Loves-to-Learn in Getting Data In 12-22-2022 0 0	0	0
AWS S3 Input- Ingest .csv files that are not actually csv formatted- Is there a way to turn off CSV parsing ability? We have a new Splunk Cloud environment We are using AWS TA Add On to ingest files from S3 The files have extension of... by ehudb Contributor in Getting Data In 12-21-2022 0 1	0	1
How to create after hour report? I am trying to create an after hour query with specific time frames 1. Mon 0000-0700 and 1900-2400, 2. Tue 0000-0700 ... by Johnsonbc Explorer in Getting Data In 12-21-2022 0 5	0	5
Splunk HF - Typing Queue full but CPU of the machine is low Hello Splunkers,I am currently having parsing problems with my Splunk Heavy Forwarder.I know I have heavy regex that... by GaetanVP Contributor in Getting Data In 12-21-2022 0 1	0	1
How to convert the data from JSON format to raw logs? Hi , After onboarding trendmicro XDR we are facing few issue. 1. Getting logs in JSON format 2. Data is not pursed.... by debjit_k Path Finder in Getting Data In 12-20-2022 0 5	0	5
JSON timestamp parsing- When events are being fed from UF, the timestamp can't be extracted? Hi all, I use following simple props.conf to some json type events: [my:sourcetype]category = StructuredDATETIME_CONF... by stwong Communicator in Getting Data In 12-20-2022 0 3	0	3
How to make changes so that all logs should be indexed in a proper format? I am getting logs in Splunk. But the logs are in improper format. So I want to make changes so that all my logs shoul... by alex4 Loves-to-Learn Lots in Getting Data In 12-20-2022 0 2	0	2
Why am I unable to see springboot application logs in splunk? Hi All, I have integrated Splunk HEC with springboot .when i hit application and checked in splunk am unable to see... by sindhuja Loves-to-Learn Lots in Getting Data In 12-20-2022 0 0	0	0
Can someone provide a work example for Splunk HEC using Java Spring Boot? Can someone assist with providing a working example on how to use and send data to Splunk HTTP Event Collect (HEC) fr... by aa70627 Communicator in Getting Data In 12-20-2022 1 5	1	5
What is the reason for an incomplete data HTTP event collector? Hello dear community Could you please tell me how to find the reason. I am using HTTP Event Collector for Kubernetes.... by igor04653 Loves-to-Learn Everything in Getting Data In 12-20-2022 0 1	0	1
How to configure statsd to send metric data to Splunk? What is process of configuring the statsd to pull airflow application metrics to splunk. Followed the below links bu... by lekhasri_reddy5 Loves-to-Learn Lots in Getting Data In 12-20-2022 0 1	0	1
How to add content from lookup table data? Good day All! i have created a lookup data \| inputlookup Autosys.csv and i have fileds KB,REGION AND JOB_NAME. i have... by sekhar463 Path Finder in Getting Data In 12-20-2022 0 5	0	5
Health Check: Intelligence download of "Phishtank" has failed on host "Splunksh01" at :Fri Apr 17 12:46:36 2020 "threat list download failed after multiple retries" Greetings!!! I need your help on how I can resolve the below issues, I got from message status 1 issue: Health C... by pacifikn Communicator in Getting Data In 12-19-2022 1 1	1	1
How to push Bots V3 Dataset in distributed deployment? Hi Team, I have the env setup like 2 Indexers, 1 Search Head,1 Heavy Forwarder,1 Deployment Server, 1 Cluster Maste... by Atchyuth_P Path Finder in Getting Data In 12-19-2022 0 0	0	0
What add-on can I use for integration of HPE iLO logs? Hi all, is there an existing add-on that I can use for getting HPE iLO data into splunk? I am planning on ingesting i... by ojay Path Finder in Getting Data In 12-19-2022 0 2	0	2
How to drop a subnet at index? Hi @gcusell, I have 2 double 1. How can I drop a source IP 10.0.0.0/24 subnet at indexer, I am aware of dropping a... by debjit_k Path Finder in Getting Data In 12-18-2022 0 5	0	5
How to create lookup without header? Hi I am going to create a DC list lookup daily using nslookup how I can I define the lookup without a header or I sh... by rayar Contributor in Getting Data In 12-18-2022 0 3	0	3
Configure forwarding data to two tcpout groups without blocking on group failure. Is it possible to configure heavy forwarders to send data to two tcpout groups (A,B) (outputs.conf) and don't block ... by jg91 Path Finder in Getting Data In 12-16-2022 0 1	0	1
How does xmlkv work? All of our data is in XML format that is being indexed. I've been able to pull out a lot of extractions for single va... by Zambonilli Explorer in Getting Data In 12-16-2022 1 5	1	5