Getting Data In

Community Activity

KVStore Failed 9.4.3 Hi,I upgraded Splunk Enterprise from 9.2.3 to 9.4.3, and the KVSotre status is failed.It was migrated successfully to... by tech_g706 Path Finder in Getting Data In 08-01-2025 0 5	0	5
SC4S parser Hello, I need to send all syslog data from opnsense to a specific index. As this is not a known vender source what is... by L_Petch Path Finder in Getting Data In 07-31-2025 0 2	0	2
Can't find "local event logs" option in splunk Hey, I installed splunk enterprise free trial on ubuntu server and this is the first time I am using splunk so I am f... by obuobu Engager in Getting Data In 07-30-2025 1 4	1	4
Splunk access to RHEL audit.log Running Splunk 9.3.5 on RHEL 8. STIG hardened environment. The non-Splunk RHEL instances running a Universal Forward... by ewok Explorer in Getting Data In 07-30-2025 0 4	0	4
Using Splunk UF to send data to ELK Hi, as the question suggest, I am trying to send 2 streams of logs.From the document Forward data to third-party syst... by Na_Kang_Lim Path Finder in Getting Data In 07-30-2025 0 1	0	1
Index time field extraction problem with space Hi all,I want to extract fields from a custom log format. Here's my transforms.conf:REGEX = ^\w+\s+\d+\s+\d+:\d+:\d+\... by sigma Path Finder in Getting Data In 07-29-2025 0 2	0	2
Splunk add on AWS connection pool is full HelloI'm collecting cloudtrail logs by installing Splunk add on AWS in the Splunk heavy forwarder.The following logs ... by KwonTaeHoon Path Finder in Getting Data In 07-28-2025 0 1	0	1
Issue with Searching by Sourcetypes in Splunk Hi all,I'm collecting iLO logs in Splunk and have set up configurations on a Heavy Forwarder (HF). Logs are correctly... by sigma Path Finder in Getting Data In 07-28-2025 0 5	0	5
s3 - Multiple directories data to be ingested into Splunk Cloud Hi Community,I'm exploring ways to ingest data into Splunk Cloud from a Amazon s3 Bucket which has multiple directori... by shoaibalimir Path Finder in Getting Data In 07-28-2025 0 2	0	2
Windows Security some EventIDs not showing in Splunk Hi All I've been tasked with setting up logging for Windows Certification Services and getting this into Splunk.Have ... by n_hoh Observer in Getting Data In 07-28-2025 0 6	0	6
Indexer stops sending back ACK Hi.During the day, some on my Indexers completely stops sending back the ACK, so many agents keep data in queue until... by verbal_666 Builder in Getting Data In 07-26-2025 0 6	0	6
Recent logs are not available in splunk even if recent internal logs are missing. How to fix the issue? I onboarded one production logs to splunk but after restarting the UF I am not able to see the recent logs also I am ... by isahu Observer in Getting Data In 07-26-2025 0 3	0	3
Some Windows UF not sending Security logs I’ve inherited a fleet of about 150 Windows Servers, all configured identically — same Deployment Server, TAs, inputs... by samalchow Observer in Getting Data In 07-25-2025 0 6	0	6
Splunk HEC receive data from Logstash http output Hi,Does anyone have a good example from Logstash to Splunk HEC?I only get "services/collector/raw" working with logst... by jbanAtSplunk Communicator in Getting Data In 07-24-2025 0 18	0	18
How to Optimize Search Performance for Large-Scale Data in Splunk? Hi Splunk Community,I'm new to Splunk and working on a deployment where we index large volumes of data (approximately... by zaks191 New Member in Getting Data In 07-24-2025 0 5	0	5
Exchange Message Tracking Hi,Could you help me retrieve message-tracking logs from our on-premises Exchange server? I added the following lines... by nopera Explorer in Getting Data In 07-22-2025 0 11	0	11
Excluding events from Juniper SRX logs Hi all,I'm having some issues excluding events from our Juniper SRX logs. These events are ingested directly on our W... by dsgoody Engager in Getting Data In 07-22-2025 0 2	0	2
parallelIngestionPipelines Hello.I'm actually using aparallelIngestionPipelines = 2feature on my Indexers. Works.Servers (Linux) are professiona... by verbal_666 Builder in Getting Data In 07-22-2025 0 5	0	5
Unable to display Event count when including only certain interesting fields criteria Hello, maybe I don't have the vocabulary to find the answer when Googling. I only submit this question after many... by LS1 Loves-to-Learn Lots in Getting Data In 07-21-2025 0 12	0	12
http event data is not received at index http event data is not received at index though in the log it says HttpInputDataHandler - handled token name=xyz How ... by palyogit New Member in Getting Data In 07-20-2025 0 5	0	5
Ingest DNS Analytical Logs Hi Splunkers,I'm having issues ingesting Windows DNS Server Analytical logs. What's strange is that I am able to pull... by vulnfree Explorer in Getting Data In 07-18-2025 0 1	0	1
Configure heavy forwarder to forward data to specific index on indexer cluster. Good morning All,I have been trying to figure out how can I create a data input on a heavy forwarder to forward data ... by BoscoBaracus Engager in Getting Data In 07-18-2025 0 12	0	12
Support for Custom Data Model I would greatly appreciate support for customer model as a correlation search option in the VT4splunk app. by ez-secops-awn Engager in Getting Data In 07-17-2025 0 5	0	5
Sending data to an index using an script Hi everyone!Quick question. I would like to know how can I send data to an index using a python script.We need to ing... by MatheoCaneva1 Engager in Getting Data In 07-17-2025 0 6	0	6
Which addon to install to onboard Cisco Catalyst 8500-12x router logs into Splunk ? I need to onboard Cisco Catalyst 8500 router logs into Splunk. When I was looking for addons, I found the below addon... by dm1 Contributor in Getting Data In 07-16-2025 0 1	0	1