Getting Data In

Community Activity

Installing a universal forwarder in low privilege mode, why am I getting error "Deployment Server not available on a dedicated forwarder"? Our admin created me a regular domain user to test low P and assigned it these privileges: • Permission to log on as... by lycollicott Motivator in Getting Data In 11-28-2022 0 20	0	20
Why do our Heavy Forwarders randomly shut down one of its parallel pipelines? Hi, We've recently tested out a new path for data to flow into our Splunk environment from Universal Forwarders.We ha... by mortenklow Explorer in Getting Data In 11-28-2022 1 21	1	21
How can I extrac fields depending on the type of event? Hi,if I had logs as such wirn different type data in the same sourcetype:"<134>Nov 23 21:23:17 NSX-edge-7-0 loadbalan... by evinasco08 Explorer in Getting Data In 11-27-2022 0 7	0	7
What special capabilities (permissions) are required to run the REST API? Hi, What special capabilities (permissions) are required to run the REST API? A colleague and I are both running one ... by rmorschel Explorer in Getting Data In 11-26-2022 0 8	0	8
Receiving an error while using the mvexpand command (does not exist in the data) Hi everyone,currently, i am trying to expand one of the multiple field values but i am getting the result with the be... by super_saiyan Communicator in Getting Data In 11-25-2022 0 6	0	6
How to route the logs from certain host to index=abc_secure? Hi Team, [host::1.(xx\|xx).xx.xx(x\|y)]TRANSFORMS-change_index_abc_secure = change_index_abc_secure [change_index_abc... by VijaySrrie Builder in Getting Data In 11-25-2022 0 7	0	7
Splunk TA For MSCS - Event Hubs input issues We are using the Event Hubs modular input from the SPlunk TA for Microsoft Cloud Services.In our system, we have conf... by rbaudish Loves-to-Learn Everything in Getting Data In 11-24-2022 0 0	0	0
How to distribute big data(logs) in different times of the day. Hi folks,I have an issue with a HF, I'm getting some spikes reaching the 100% when sending data to Splunk Cloud. This... by splunk_luis12 Path Finder in Getting Data In 11-24-2022 0 1	0	1
How to create multiple Sourcetype for one source? I have 4 different kind of logs that is coming from one source (sample logs are below). I would like to configure thi... by davemarianne Engager in Getting Data In 11-24-2022 0 3	0	3
Splunk file and directory monitoring- Am I configuring correctly? Hello having some confusing problems with Splunk permissions that I am trying to understand. Little background we upg... by splunktrainingu Communicator in Getting Data In 11-24-2022 0 7	0	7
Heavy forwarder setup - looking at clustering or other HA options Hi all,I'm new to this forum and found quite a few ideas and solutions to issues admins hit.The organisation I work f... by Aiders1 Observer in Getting Data In 11-24-2022 0 7	0	7
Does SPLUNK require K8S clusters to have unique pod and service CIDR's I am setting up a number of Kubernetes clusters in my organisation. We are using SPLUNK for monitoring. I have been t... by soxprox New Member in Getting Data In 11-24-2022 0 0	0	0
Free trial- What is the correct HEC-url? Hi, I have recently created a splunk-cloud free trial. I then wanted to create a HEC-collector. I went to : https:/... by perl New Member in Getting Data In 11-24-2022 0 4	0	4
Why does CURL script fails to output when called by Splunk? Hi Guys, I'm pulling m hair out trying to get my CURL script to run. I've set up a scripted input in my app, it calls... by aweddell New Member in Getting Data In 11-23-2022 0 6	0	6
UDP and the 1472 bytes limit We are receiving syslog data via UDP and we noticed that some data is missing.When running - tcpdump -i eth0 port <ud... by danielbb Motivator in Getting Data In 11-23-2022 0 0	0	0
DB Connect Addon Integration Issue - Microsoft SQL Server 2012 Hello Team,We are trying to integrate one of the SQL data base using the splunk db connect add-on and we are getting ... by kiranpanchavat1 Path Finder in Getting Data In 11-22-2022 1 3	1	3
Why is Windows Event Log Whitelist not working? Running a Windows 2012 R2 DHCP Server with UF 9.0.1 and Splunk Enterprise 8.0.5. My inputs at the UF look like this: ... by shocko Contributor in Getting Data In 11-22-2022 0 3	0	3
SC4S and Palo Alto log sources- Where can I find logs? New install and new to splunk. SC4S issue. Professional Service left earlier in the week. Firewall and panorama lo... by retreif Engager in Getting Data In 11-22-2022 1 1	1	1
How do you monitor IBM VIOS ? Hello,We have IBM VIOS servers running AIX and we need to monitor them, mainly in term of Security.Is there anyone ha... by edoardo_vicendo Builder in Getting Data In 11-21-2022 1 4	1	4
What is the best way to reload Windows event log data? I want to reload Windows event log data from the beginning of time for all hosts and remove all event log data that i... by jamesvz84 Communicator in Getting Data In 11-21-2022 0 2	0	2
Debugging perfmon input? Hello there. I tried to set up perfmon inputs to capture state of my windows 10 test box. Aaaaand. It's not working. ... by PickleRick SplunkTrust in Getting Data In 11-21-2022 0 1	0	1
DROP and GET events by pattern filters? Hi.I'm trying to apply a rule for dropping and, meanwhile, get only some events in Indexers. Here we are, props.conf ... by verbal_666 Builder in Getting Data In 11-21-2022 0 0	0	0
How to blacklist using props.conf and transforms.conf? I need to reject or not index the logs that have the word "notice" inside the log I understand that it is done using ... by splunkcol Builder in Getting Data In 11-21-2022 0 4	0	4
Why is UDP/TCP data inputting data incorrectly? I've integrations made with UDP/TCP data inputs that index data correctly but after a while they stopped working.In S... by macapretorian Engager in Getting Data In 11-21-2022 2 8	2	8
What is the cause and solution to Http Client Connection Error? what is the cause and solution for the following error? ERROR HttpClientRequest - HTTP client error=Connection closed... by Sithima Explorer in Getting Data In 11-21-2022 0 0	0	0