Getting Data In

Discussions

Thread Info

Syslog (Snare) WinEvent and Heavy Forwarder without UF on syslog

So I'm trying to get to a HEC/syslog type environment. Please don't tell me that sending WinEvents via syslog is dumb...

by Explorer in

DBConnect

Hi, i have connected DBConnect with SQL Servers and successfully configuring the SQL server connection on DBConnect...

by Loves-to-Learn Lots in

Splunk ignores date time range after a few queries

I've been having this weird problem where Splunk suddenly starts to ignore the date-time ranges I enter after executi...

by New Member in

disk usage from the monitoring console does NOT match the reality

hi fellas I am experiencing an unexpected behavior when trying to monitor disk usage. Hopefully you can explain wh...

by Builder in

Microsoft Azure Add on for Splunk Inputs config page not loading

I am trying to upgrade to the latest version of this app but the inputs setup page is Loading forever.Microsoft Azure...

by Builder in

"ghost" sourcetype during sourcetype override

We are using HEC to ingest logs from a cloud platform. Environment details : HEC running on a windows instance of ...

by Communicator in

Splunk forwarder unable to fetch file starting with <?xml version='1.1' encoding='UTF-8'?>

I have set my forwarder to fetch data from jenkins jobs folder, It fetches all the files excpt build.xml which has...

by Loves-to-Learn Lots in

how to configure statsd to send metric data to Splunk

What is process of configuring the statsd to pull airflow application metrics to splunk. Followed the below links ...

by Loves-to-Learn Lots in

TA-Sysmon-deploy: Issue with deploy.bat

I am attempting to use the "TA-Sysmon-deploy" Splunkbase app to deploy and maintain Sysmon on our endpoints. I've not...

by Path Finder in

Free trial forwarder problems

Hi, I am using a free trial of splunk and I am facing two mean problem when using forwarders (heavy and universal)....

by Loves-to-Learn in

Trigger time is Populate different in incident review tab

We have created two use cases and set up correlation search, Trigger time is every 10 minutes. When notable event g...

by Loves-to-Learn in

Get "Apache-airflow" metrics into Splunk by using statsd

Hello, I need help in integrating the Apache-airflow metrics with Splunk.The configuration is done at airflow serve...

by Loves-to-Learn Lots in

Instrumenting metrics in a C++ application

Hi, I'm brand new to Splunk coming from a background using Prometheus metrics. I've been reading through Splunk doc...

by Engager in

Universal Forwarder Agent sends NO data on Windows disks shortly after they become full (100%)

We have correctly reporting Universal Forwarder agents running (Windows in this case) but whenever a local disk of th...

by Explorer in

Configuring Splunk DB Connect in Splunk Cloud

I have not been able to find much information on configuring DB Connect in Splunk Cloud. I've seen that people have i...

by Explorer in

Steps to restor Frozen Data

Hi, (My Splunk Apps are installed on Linux Servers) I would like to restore logs from frozen data and read them S...

by Explorer in

Need help on breaking my json data to several events

I'm really stucked right now on my configuration for my json data below. I'm currently building a data c...

by Engager in

Has anyone Splunked Trello data?

Hey, has anyone ever investigated Splunking Trello data (i.e., card changes, # of cards archived. etc.)? It seems ...

by Splunk Employee in

Index data from a file and send to differents indexes

Hi everyone, I am trying to index data from a single log file to different indexes but i can't do it, i have this d...

by Explorer in

Log Flow Monitoring Solution (to detect broken/faulty feeds)

Has anyone had success in creating monitoring in Splunk to detect broken data feeds. We have hundreds of feeds - so...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Syslog (Snare) WinEvent and Heavy Forwarder without UF on syslog

DBConnect

Splunk ignores date time range after a few queries

disk usage from the monitoring console does NOT match the reality

Microsoft Azure Add on for Splunk Inputs config page not loading

"ghost" sourcetype during sourcetype override

Splunk forwarder unable to fetch file starting with <?xml version='1.1' encoding='UTF-8'?>

how to configure statsd to send metric data to Splunk

TA-Sysmon-deploy: Issue with deploy.bat

Free trial forwarder problems

Trigger time is Populate different in incident review tab

Get "Apache-airflow" metrics into Splunk by using statsd

Instrumenting metrics in a C++ application

Universal Forwarder Agent sends NO data on Windows disks shortly after they become full (100%)

Configuring Splunk DB Connect in Splunk Cloud

Steps to restor Frozen Data

Need help on breaking my json data to several events

Has anyone Splunked Trello data?

Index data from a file and send to differents indexes

Log Flow Monitoring Solution (to detect broken/faulty feeds)

Welcome to the Future of Data Search & Exploration

What’s new on Splunk Lantern in August

This Week's Community Digest - Splunk Community Happenings [8.3.22]

How to calculate Percentage and Percent difference...

Ignoring path="x" due to: Bug: tried to check/conf...

eStreamer is sending about 12 logs per minute and ...

Are there any good/recent guides on setting up Son...

Which endpoint can be used to retrieve splunk inst...