Getting Data In

Community Activity

How to validate all the data from an indexer is uploaded to smart store? What is the best way to validate entire data from an indexer is uploaded to smart store? by gpradeepkumarre Engager in Getting Data In 10-31-2022 0 0	0	0
How to explain a variance in ingest volume? I am trying to understand what would cause a variance in the volume used in our quota vs the log size it is ingesting... by calvinmcelroy Path Finder in Getting Data In 10-31-2022 0 4	0	4
Does anyone have reference material on the inputs.conf for MAC OSs and how to get the events into Splunk? I'm a Windows guy working with Linux trying to get MAC OS events into Splunk. We don't have many MACs where I work, ... by dokaas_2 Communicator in Getting Data In 10-31-2022 0 4	0	4
How to send data to Splunk from Azure Event Hub? Hello there! I've been ingesting data from Azure Storage Explorer via the Splunk Add-On for Microsoft Cloud Services ... by pcontreras Explorer in Getting Data In 10-31-2022 1 1	1	1
Which version of splunk Universal forwarder supports for AIX 6.1 version OS Which version of splunk Universal forwarder supports for AIX 6.1 version OS by anilkumar_s01 New Member in Getting Data In 10-31-2022 0 0	0	0
How to verify that log sources are adhering to CIM model? Hi,I just wanted to ask if there are specific ways or cli commands to check if my log sources adhere to CIM?I've chec... by mohdmikhael Explorer in Getting Data In 10-30-2022 0 1	0	1
Create alert for delayed files every hour? hi , I have the below query. Index=Config source =“Java/path/ log.csv” inbound Csv files are supposed to be delivere... by Chinni611 Loves-to-Learn Lots in Getting Data In 10-30-2022 0 7	0	7
Question About SPL for SplunkD Shutdown Hi all, I am new to Splunk and am trying to look for logs that indicate that the SplunkD service shutdown. I am tryin... by McMac84 Engager in Getting Data In 10-28-2022 0 2	0	2
outputs.conf question about duplicates caused by referencing indexers by IP vs FQDN? I have suspicious that my outputs.conf configuration files are causing some unwanted data cloning in my forwarders. I... by calvinmcelroy Path Finder in Getting Data In 10-28-2022 0 3	0	3
Why does regex extract fields differently in props than same regex used in SPL REX command? Hi Splunkers. I'm trying to extract fields from Windows DNS debug logs but running into extraction issues for some ev... by torowa Path Finder in Getting Data In 10-28-2022 0 1	0	1
How to set Splunk as CSP Policy report collector? I am trying to set up Content-Security-Policy, and I need a way to collect violation reports. I was hoping to use Spl... by cbarthel Engager in Getting Data In 10-27-2022 1 2	1	2
Eventgen - Splunk adding additional double quotes when I export the data as csv causing issues used as sample file? Hi , Splunk adding additional double quotes when I export the data as csv . When I use the exported file as event... by vksplunk1 Explorer in Getting Data In 10-27-2022 0 3	0	3
How to generate data using JSON format sample file? Hi , We have an add-on which will JSON format for data input. I can export the data as JSON format. Could you pleas... by vksplunk1 Explorer in Getting Data In 10-27-2022 1 0	1	0
Is it possible to dynamically change sourcetype based upon host? Hi, I have a logfile that contains lots of hosts (coming in from syslog). I want to dynamically change the sourcetype... by a212830 Champion in Getting Data In 10-27-2022 0 8	0	8
Is there any documentation on Splunk app migration from python 2 to 3? Hi, We upgraded Splunk from 8.2.6 to 9.0.1 recently and have one big internal app ( dashboard, views, field extracti... by rashiagrawal Loves-to-Learn Lots in Getting Data In 10-27-2022 0 1	0	1
Receiving error while trying to extracting fields using regex Hi Splunkers I'm trying to extract some fields using the opting under the log "Extract Fields" using the regix metho... by muradgh Path Finder in Getting Data In 10-26-2022 0 2	0	2
Can I delete the DB data files in the search head or are there some steps that I need to follow beforehand? Hi Community, We have a cluster setup for our Splunk install where all the data are indexed at the data layer (data... by _pravin Contributor in Getting Data In 10-26-2022 0 9	0	9
Can we get some clarification / consolidation for the add-ons available to ingest O365/Azure security data? Figuring out the best add-on(s) to ingest security data related to O365/Azure is an exercise in insanity... Can we ge... by splunkUser00 Engager in Getting Data In 10-26-2022 2 0	2	0
Why is Splunk ingest is being doubled? Hello - I am trying to troubleshoot an issue and have not had much success in determining a root cause. I was wonderi... by calvinmcelroy Path Finder in Getting Data In 10-26-2022 0 7	0	7
How to exclude or filter 0% window process from hostmetrics - process? Hi Guru, How do we exclude 0% process usage from Hostmetrics? We would like to capture those process have >0% usage ... by fongpen Path Finder in Getting Data In 10-26-2022 0 6	0	6
Is there a way I can input data into splunk manually for offline events? I want to input into splunk the "events" of my fire alarms of all the branch offices.Is there a way I can manually cr... by dritjon Path Finder in Getting Data In 10-25-2022 0 1	0	1
How to search to get list of URLs/domains in my logs in a particular period? I am new to Splunk and I need help to get a query that lists all the domains that are in my logs (that were accessed ... by waJesu Path Finder in Getting Data In 10-25-2022 0 2	0	2
How to redact the description field from the Service WinHostMon? I'm trying to redact the description field from the Service WinHostMon to have something like that: Before: Typ... by JChris_ Path Finder in Getting Data In 10-25-2022 0 1	0	1
Why did Imap stop indexing in Splunk? We are receiving logs from imap before but it suddenly stops indexing data. No recent changes was made on our end. Ou... by Essa New Member in Getting Data In 10-25-2022 0 0	0	0
How to achieve a field extraction in custom sourcetype? Hello All, we have a default database:internal sourcetype for a application using DBConnect to send data to Splunk a... by im_bharath Path Finder in Getting Data In 10-25-2022 0 3	0	3

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

Getting Data In

How to validate all the data from an indexer is uploaded to smart store?

How to explain a variance in ingest volume?

Does anyone have reference material on the inputs.conf for MAC OSs and how to get the events into Splunk?

How to send data to Splunk from Azure Event Hub?

Which version of splunk Universal forwarder supports for AIX 6.1 version OS

How to verify that log sources are adhering to CIM model?

Create alert for delayed files every hour?

Question About SPL for SplunkD Shutdown

outputs.conf question about duplicates caused by referencing indexers by IP vs FQDN?

Why does regex extract fields differently in props than same regex used in SPL REX command?

How to set Splunk as CSP Policy report collector?

Eventgen - Splunk adding additional double quotes when I export the data as csv causing issues used as sample file?

How to generate data using JSON format sample file?

Is it possible to dynamically change sourcetype based upon host?

Is there any documentation on Splunk app migration from python 2 to 3?

Receiving error while trying to extracting fields using regex

Can I delete the DB data files in the search head or are there some steps that I need to follow beforehand?

Can we get some clarification / consolidation for the add-ons available to ingest O365/Azure security data?

Why is Splunk ingest is being doubled?

How to exclude or filter 0% window process from hostmetrics - process?

Is there a way I can input data into splunk manually for offline events?

How to search to get list of URLs/domains in my logs in a particular period?

How to redact the description field from the Service WinHostMon?

Why did Imap stop indexing in Splunk?

How to achieve a field extraction in custom sourcetype?

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

SC4S postfilter not dropping Fortigate east-west t...

PCAP Data contains media and audio file, Is it pos...

TA_Guardium API Add-on for Splunk

Transilience AI threat intel feed integration

I have question about Metrics

Getting Data In

Join the Conversation