Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
umesh

Index at Heavy forwarder- Do I need to create index =os_windows on Heavy forwarder?

Hi , I am forwarding logs from UF -----> HF -----------> Indexer------->Search Head i am forwarding Windows Event Log...
by umesh Path Finder in Getting Data In 11-06-2022
0 2
0
2
rob-engle

httpEventCollectorToken required for HEC?

I am trying configure Universal Forwarder to output to an HTTP Event Collector endpoint in Cribl. This Cribl endpoint...
by rob-engle New Member in Getting Data In 11-04-2022
0 0
0
0
SumanPalisetty

Is there a video or documentation for onboarding data from a server (not the UI)?

Hi, Can anyone help me with a video or documentation where it shows onboarding the data via server and not from UI. R...
by SumanPalisetty Path Finder in Getting Data In 11-04-2022
0 2
0
2
woodlandrelic

Can someone explain these TcpoutAutoLB-O & TailReader-O Errors?

Good morning This was on one of my search heads. Can anyone help or point me in the right direction for this. Som...
by woodlandrelic Path Finder in Getting Data In 11-04-2022
0 1
0
1
gcusello

parsingQueue setting isn't accepted- Help with configuring Heavy Forwarder?

Hi at all, I configured for my Heavy Forwarder the following values of queues:   [queue=typingQueue] maxSize = 100MB ...
by SplunkTrust SplunkTrust in Getting Data In 11-04-2022
0 0
0
0
FelixLeh

How can I make the index from the cluster visible on the heavy forwarder so I can select it in the script?

Hello Community, I'm currently trying to configure the Splunk Add-on for Microsoft Azure.The Addon is installed on th...
by FelixLeh Contributor in Getting Data In 11-04-2022
0 2
0
2
balcv

How to exclude a specific file?

I'm trying to exclude a specific file called catalina.out in /var/log/tomcat9/ from being processed by Splunk.  The f...
by balcv Contributor in Getting Data In 11-04-2022
0 3
0
3
dkeck

Is there a way to get the automatically assigned, with a token or extracted from the default fields?

HI,I try to figure out a way to create a new field on a heavy forwarder. I want to add the field "splunk_parser" to e...
by dkeck Influencer in Getting Data In 11-04-2022
0 6
0
6
freddy_Guo

Why are events indexing with the wrong time stamp?

Hi,We have a custom TA to collect some logs from a Windows Server.This morning I just noticed that the Splunk is actu...
by freddy_Guo Path Finder in Getting Data In 11-04-2022
0 8
0
8
chris_barrett

Why are events ingested using the journald modular input truncated at 4088 bytes?

I'm pulling in events from the journal of a number of Linux hosts using the journald modular input. I'm seeing trunca...
by SplunkTrust SplunkTrust in Getting Data In 11-03-2022
0 0
0
0
Roy_9

Looking to collect latency info from Cisco devices?

Hello, Can anyone pls help me with the cisco add-on for splunk that collects latency info from cisco devices.I am see...
by Roy_9 Motivator in Getting Data In 11-03-2022
0 0
0
0
woodcock

Cisco/OpenDNS Umbrella/Investigate: so many apps, so many options ... What is best?

Here is what is on Splunkbase (maybe others, too):Umbrella Add-on for Splunk Enterprise: https://apps.splunk.com/app/...
by Esteemed Legend in Getting Data In 11-03-2022
2 1
2
1
balu1211

How to change the time field value /date(1548574937484) to human readable format ?

by balu1211 Path Finder in Getting Data In 11-03-2022
0 5
0
5
dtccsundar

Changing date format and find date difference in days?

Hi , I want to change the date format and find difference in days from current day . Date format i  have now is , Tim...
by dtccsundar Path Finder in Getting Data In 11-03-2022
0 2
0
2
Harish

Not able to upload a file to splunk, getting oneshotwriter error?

Hi Team,I am not able to upload a local log file to my local Splunk getting below error in splunkd.logOneShotWriter f...
by Harish Observer in Getting Data In 11-03-2022
0 3
0
3
vgrote

How do I convert "2022-11-01T23:56:07UTC" into MET in datetime.xml?

Hi,I searched a lot and found no answer.I have data with the above timestamp and I want to convert it into local time...
by vgrote Path Finder in Getting Data In 11-03-2022
0 2
0
2
johnansett

Two unique sourcetypes in directory with hundreds of logs

Hello!  I am pulling in logs from a server, there are about 500 logs in the directory.  We want to bring in all 498 o...
by johnansett Communicator in Getting Data In 11-02-2022
0 2
0
2
SplunkExplorer

What is the best way to send Mulesoft logs to Splunk?

Hi Splunkers, I'm searching about the best way to send Mulesoft logs and events.Here on community I found What is the...
by SplunkExplorer Contributor in Getting Data In 11-02-2022
1 1
1
1
Mel-at-CHC

Installing of Splunk Universal Forward ver 9.0.0 on AIX 7.1 and 7.2 - The splunkd daemon dies seconds after startup

I have been experiencing issues with getting the Splunk Universal Forwarder agent installed on AIX 7.1 and 7.2 server...
by Mel-at-CHC New Member in Getting Data In 11-02-2022
0 1
0
1
manish_singh_77

What is the best way to find log patterns in Splunk consuming more bandwidth?

Hi All, I am looking for the best way to find log patterns in splunk consuming more bandwidth so that we can reduce t...
by manish_singh_77 Builder in Getting Data In 11-02-2022
0 5
0
5
ServiceNow_SecO

Why are logs are not generating?

I am working on an app by using the splunk python SDK and trying to generate logs using logging library. I used all l...
by ServiceNow_SecO Observer in Getting Data In 11-02-2022
0 0
0
0
Brainizer

forwarding baked HEC traffic between two Splunk Entreprise Instances

Hello,I would like to forward data between two splunk instances in clear text. For that I use HEC. This is my outputs...
by Brainizer Explorer in Getting Data In 11-02-2022
0 0
0
0
DanAlexander

Azure Event Hub not seeing logs in Splunk SH?

Hi all, We have successfully registered and connected a new Azure Event Hub namespace via the 'Splunk Add-on for Micr...
by DanAlexander Communicator in Getting Data In 11-02-2022
0 0
0
0
sboogaar

How can I force a transforms.conf to also run on data onboarded with collect?

I'm trying to make a test with data that I onboarded with the collect command. What I see is that when I insert an ev...
by sboogaar Path Finder in Getting Data In 11-01-2022
0 1
0
1
ynag

Why I'm unable to add new DCN to Splunk Scheduler?

Hi, I'm trying to get logs from a vCenter server using the DCN. On the Collection Configuration page, I'm trying to a...
by ynag Explorer in Getting Data In 11-01-2022
0 3
0
3
Get Updates on the Splunk Community!

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...
Top Solution Authors
View All