Getting Data In

Community Activity

Windows Security some EventIDs not showing in Splunk Hi All I've been tasked with setting up logging for Windows Certification Services and getting this into Splunk.Have ... by n_hoh Observer in Getting Data In 07-28-2025 0 6	0	6
Indexer stops sending back ACK Hi.During the day, some on my Indexers completely stops sending back the ACK, so many agents keep data in queue until... by verbal_666 Builder in Getting Data In 07-26-2025 0 6	0	6
Recent logs are not available in splunk even if recent internal logs are missing. How to fix the issue? I onboarded one production logs to splunk but after restarting the UF I am not able to see the recent logs also I am ... by isahu Observer in Getting Data In 07-26-2025 0 3	0	3
Some Windows UF not sending Security logs I’ve inherited a fleet of about 150 Windows Servers, all configured identically — same Deployment Server, TAs, inputs... by samalchow Observer in Getting Data In 07-25-2025 0 6	0	6
Splunk HEC receive data from Logstash http output Hi,Does anyone have a good example from Logstash to Splunk HEC?I only get "services/collector/raw" working with logst... by jbanAtSplunk Communicator in Getting Data In 07-24-2025 0 18	0	18
How to Optimize Search Performance for Large-Scale Data in Splunk? Hi Splunk Community,I'm new to Splunk and working on a deployment where we index large volumes of data (approximately... by zaks191 New Member in Getting Data In 07-24-2025 0 5	0	5
Exchange Message Tracking Hi,Could you help me retrieve message-tracking logs from our on-premises Exchange server? I added the following lines... by nopera Explorer in Getting Data In 07-22-2025 0 11	0	11
Excluding events from Juniper SRX logs Hi all,I'm having some issues excluding events from our Juniper SRX logs. These events are ingested directly on our W... by dsgoody Engager in Getting Data In 07-22-2025 0 2	0	2
parallelIngestionPipelines Hello.I'm actually using aparallelIngestionPipelines = 2feature on my Indexers. Works.Servers (Linux) are professiona... by verbal_666 Builder in Getting Data In 07-22-2025 0 5	0	5
Unable to display Event count when including only certain interesting fields criteria Hello, maybe I don't have the vocabulary to find the answer when Googling. I only submit this question after many... by LS1 Loves-to-Learn Lots in Getting Data In 07-21-2025 0 12	0	12
http event data is not received at index http event data is not received at index though in the log it says HttpInputDataHandler - handled token name=xyz How ... by palyogit New Member in Getting Data In 07-20-2025 0 5	0	5
Ingest DNS Analytical Logs Hi Splunkers,I'm having issues ingesting Windows DNS Server Analytical logs. What's strange is that I am able to pull... by vulnfree Explorer in Getting Data In 07-18-2025 0 1	0	1
Configure heavy forwarder to forward data to specific index on indexer cluster. Good morning All,I have been trying to figure out how can I create a data input on a heavy forwarder to forward data ... by BoscoBaracus Engager in Getting Data In 07-18-2025 0 12	0	12
Support for Custom Data Model I would greatly appreciate support for customer model as a correlation search option in the VT4splunk app. by ez-secops-awn Engager in Getting Data In 07-17-2025 0 5	0	5
Sending data to an index using an script Hi everyone!Quick question. I would like to know how can I send data to an index using a python script.We need to ing... by MatheoCaneva1 Engager in Getting Data In 07-17-2025 0 6	0	6
Which addon to install to onboard Cisco Catalyst 8500-12x router logs into Splunk ? I need to onboard Cisco Catalyst 8500 router logs into Splunk. When I was looking for addons, I found the below addon... by dm1 Contributor in Getting Data In 07-16-2025 0 1	0	1
Input.Conf with Version numbers [monitor://\\njros1bva0597\d$\LogFiles\warcraft-9.0.71\logs\*] disabled = false host = NJROS1BVA0621 alwaysOpenFile =... by Cheng2Ready Communicator in Getting Data In 07-16-2025 0 6	0	6
Splunk Ingest Actions Trying to filter out all perfmon data using ingest actions. so, i try and see the samples and i get this error I chec... by tbarn005 Engager in Getting Data In 07-16-2025 0 7	0	7
Receiving HTTP 303 When Using Token-Based Authentication with Splunk Cloud REST API Hi Splunk Gurus, I’m working on a script to programmatically check if logs from a specific host are available in Splu... by asah Engager in Getting Data In 07-16-2025 0 2	0	2
how can I keep the original meta when cloning the event. I'm cloning the event and before cloning extracting sourcetype to use later.transforms.conf [copy_original_sourcety... by sudha_krish Explorer in Getting Data In 07-16-2025 0 5	0	5
Splunkstream disable specified protocol Currently I have setup Splunkstream, but there is a condition where I want to disable some data sources from certain ... by elend Communicator in Getting Data In 07-15-2025 0 4	0	4
Internal Log Forwarding Configuring Internal Log Forwarding 1- 1sh 2 indx 2 if and 4 uf 1 mc2- I can see only idx internal logs though I have... by Mirza_Jaffar1 Explorer in Getting Data In 07-14-2025 0 4	0	4
Standard User – UI File Upload – What Capabilities are required? I want to provide a standard Splunk user the ability to upload files via the web UI.Specifically, so that members of ... by nickhills Ultra Champion in Getting Data In 07-14-2025 0 1	0	1
How to add 2 separate filters to a single _raw splunk data in edge processor I have created a pipeline for filtering data coming into the sourcetype = fortigate_traffic.I would like to further a... by Rani2 Loves-to-Learn in Getting Data In 07-14-2025 0 1	0	1
btool cheat sheet Does anyone have a cheat sheet for btool to help newbies?Here is my version of btool cheat sheet: splunk btool <conf_... by youngsuh Contributor in Getting Data In 07-14-2025 1 8	1	8