Getting Data In

Community Activity

How to send data to multiple indexes? Hello Experts.. Configuring the inupts.conf file I am trying to send data from the same windows log to multiple index... by KCM Engager in Getting Data In 01-24-2023 0 1	0	1
How can we configure Splunk to allow access to port 514? Hello All, I am running Splunk 9.0.2 on Oracle 8.6. We monitor Cisco devices. These devices require using port 514 to... by eholz1 Builder in Getting Data In 01-24-2023 0 5	0	5
How to create regex formula to match all until 3 or more spaces? Hello everyone, I have such fields in log:event="some text text2 text3 something something2", how should I make... by bosseres Contributor in Getting Data In 01-24-2023 0 9	0	9
Splunk HTTP Event Collector's: What is the definition of size limit? Hi guys, Happy New Year, i do some code testing with the Splunk HEC, now i need to transfer some large volum data wit... by King_Of_Shawn Explorer in Getting Data In 01-24-2023 0 7	0	7
How to limit the max size of a single index? I have a bunch of indexes, but one in particular I want to keep smaller. How do I do this?From the docs it looks like... by zpasplunk Explorer in Getting Data In 01-23-2023 0 6	0	6
How to onboard unique data from DB connect to Splunk Cloud? Hi, I want to onboard unique data from sql server to splunk, i have db connect app and i configured everything. We ... by punithsj96 Explorer in Getting Data In 01-23-2023 0 1	0	1
Getting sourcetype as XMLWinEventLogs? Hi All, trying to get WinEventlogs from SF to Indexer via HF. The logs are getting indexed but seems likes they are n... by KulvinderSingh Path Finder in Getting Data In 01-23-2023 0 3	0	3
How to resolve splunk-perfmon.exe errors of Counter is not found? I have noticed that after updating the Universal Forwarder to 7.3.1 (not sure if it is that update or a Windows updat... by dlpco Path Finder in Getting Data In 01-23-2023 3 7	3	7
How can I list out the services request to splunk by user? Hi, Could you please help me in listing out the services request to splunk by user, I' m trying to upload it to the t... by Raj Builder in Getting Data In 01-22-2023 0 4	0	4
Why are indexers not parsing events? Fairly new to Splunk so may not have the correct terms for everything. Currently working in a distributed environment... by devin07 Explorer in Getting Data In 01-21-2023 0 8	0	8
Is it possible to do a Splunk query that can give me difference in values? We have ingested into Splunk logs from our application - these logs include two keys - stageType and correlation id,... by AruBhende Explorer in Getting Data In 01-20-2023 0 4	0	4
Parsing queue and Aggregation queue sizes on heavy forwarders? We are seeing the aggregation and parsing queues almost constantly flatlining at a 100% on our HFs. On our indexers t... by jihape Path Finder in Getting Data In 01-20-2023 0 7	0	7
How do we know which logs or if data does't coming from DB connect to Splunk? we are using DB connect addon to get data from Oracle DB while searching the data was stopped coming but inputs are ... by sekhar463 Path Finder in Getting Data In 01-20-2023 0 2	0	2
Why am I unable to call HEC instance from Splunk Cloud form javascript file? CORS issue Hi, I have trial account with Splunk Cloud, where I am doing POC on sending the API logs to the SPlunk dashobard. So,... by sid_sinha New Member in Getting Data In 01-19-2023 0 0	0	0
How to change sourcetype for HEC data input? In my Splunk Cloud instance, I am ingesting WAF security events from a SaaS service via HEC. The events are in JSON f... by jwalzerpitt Influencer in Getting Data In 01-19-2023 0 2	0	2
Data from a particular source is extracted in duplicate when searched from "Searching and reporting"? This is a single server Splunk deployment. I am indexing Duo MFA logs using the official splunk app. In the "Searchin... by joemiller Path Finder in Getting Data In 01-18-2023 0 3	0	3
Can the Splunk Add-on for Sysmon work with a file input on a Heavy Forwarder ? I would like to be able to configure the Splunk Add-on for Sysmon to ingest logs from a file instead of the Windows E... by whardy New Member in Getting Data In 01-18-2023 0 3	0	3
Active sessions overview: How to figure out if a user have an active session based on session id and user name? I've been struggeling for a while and hopefully someone here can help me. Need to figure out if a user have an active... by HaakonRuud Explorer in Getting Data In 01-18-2023 0 1	0	1
How to change Date format from 12/21/2023 to 2023-21-12? Hi , I want to change the date format from7/30/2023 12:00:00 AM to 2023-07-30 I am using following command but seems ... by sambita_gt Engager in Getting Data In 01-18-2023 0 1	0	1
How do I correctly index github enterprise logs? All, I am looking GitHub Enterprise logs as captured by my Syslog-ng server on prem. The logs being sent are JSON ...... by dpwtheitguy Loves-to-Learn Lots in Getting Data In 01-17-2023 0 0	0	0
Best method for pulling Microsoft DNS logs with Splunk? What is the best method for pulling Windows DNS Logs with Splunk. I am looking at the following methods: Send direct... by tgow Splunk Employee in Getting Data In 01-17-2023 4 13	4	13
How to route data with props and transforms over multiple HF? Hi Community, how to route data with props and transforms over multiple HF?Source A to Data Collector > IDX Cluster A... by CMEOGNAD Engager in Getting Data In 01-17-2023 0 4	0	4
How to filter dataset within a log index to a metrics index? Hello, I have an existing high volume index and have discovered a chunk of event logs within the index that would be ... by johnward4 Communicator in Getting Data In 01-17-2023 0 3	0	3
Can I loop through URL and http_referrer to find original request? Hi everyone, I'd like to see the flow from a given final URL, back to original URL the user typed. In my Web Proxy Lo... by bababou Explorer in Getting Data In 01-17-2023 0 8	0	8
How to plot timechart on elapsed time from json array object? Hi, I have an application(test.app) which invokes multiple downstream application apis(profile, payments etc) and w... by hungrykakarot Explorer in Getting Data In 01-17-2023 0 3	0	3