Getting Data In

Community Activity

Why am I receiving a certificate error when trying to oneshot? Hi All, I'm getting the below splunk add oneshot ./kaseya.txt -index main -sourcetype asset‌☁️‌kaseya-edge:agent ER... by jwhughes58 Contributor in Getting Data In 10-17-2022 0 1	0	1
How to monitor a windows service, send an alert and restart the service? hai all How to monitor a windows service, send an alert and restart the service?what was the required configuration. by sekhar463 Path Finder in Getting Data In 10-17-2022 0 5	0	5
Any known method to alter polling interval for file monitoring? There is a log file I want want monitor with splunk universal forwarder (on windows) which receives line writes only ... by dstaulcu Builder in Getting Data In 10-17-2022 0 7	0	7
Logs are not forwarding from the particular directory? I have forwarding the logs from the below directory. Below is the inputs.conf file [monitor:///u01/app/oracle/scripts... by yuvasree Explorer in Getting Data In 10-15-2022 0 7	0	7
How to index big zip files? I have few zip file (after extend is thound of csv files) in a folder, each zip file size is over 1GB. I use monitor ... by dillencehsu Path Finder in Getting Data In 10-14-2022 0 7	0	7
Operation type for event 5058 {Solution} Hello everyone, Have you ever wondered why microsoft does not documented Operation types with Unicode + meaning? You ... by Hons Engager in Getting Data In 10-14-2022 2 2	2	2
How can I create search and alert if port was down or not listing? i have events for port listening on 443 how can i create search and alert if port was down or not liseting below are... by sekhar463 Path Finder in Getting Data In 10-14-2022 0 9	0	9
Splunk Time_format and Timestamp prefix option? I have the data has "1111\|xxx, xxx y\|000000\|111111\|firstname, lastname\|10/13/22 02:12:09\|" I used TIME_FORMAT = %m/%d... by poojithavasanth Explorer in Getting Data In 10-14-2022 0 10	0	10
Filter AWS Cloudtrail AwsApiCall events? Does anybody know a good way to filter out AWS Cloudtrail events? I'd like to send to null queue events that contains... by martaBenedetti Path Finder in Getting Data In 10-13-2022 0 0	0	0
How can I have the query show just Year-Month-Day and remove the rest of what is showing above? I am creating a dashboard for reporting and one of the values of my search is called 'start date' when I check the co... by queryboy Explorer in Getting Data In 10-13-2022 0 1	0	1
Universal Forwarder on Windows not picking up log files? I've been able to deploy universal forwarders to dozens of Windows servers that run IIS logs. I have created a dedica... by Dmikos1271 Explorer in Getting Data In 10-13-2022 0 0	0	0
Looking for a search to see my splunk users that havent logged into splunk in x days? I'm looking for a query to see my splunk users that havent logged into splunk in x days. Currently looking at this q... by smithke Explorer in Getting Data In 10-13-2022 0 5	0	5
SC4S and Docker for Windows- Have you run into any Docker for Windows roadblocks? For those of you who have installed SC4S in a Docker for Windows environment, what differences were there in the inst... by paulgo Explorer in Getting Data In 10-12-2022 0 0	0	0
Outputlookup creating csv with columns that are alphabetical? I have a search that gathers a bunch of data from various sources and appends to 1 big stats that I have reporting in... by maxsteel Explorer in Getting Data In 10-12-2022 0 5	0	5
How can I determine if the UF is seeing anything on a port? I'm trying to get our syslogs forwarded via UF to Splunk Cloud. I've got the UF listening on port 514 and added [ud... by paulgo Explorer in Getting Data In 10-12-2022 0 4	0	4
Any splunk best practices for field extraction and line breaking? Hi Splunkers, Any Best practices for field extraction and line breaking. i want to know something like , if we all th... by restinlinux Explorer in Getting Data In 10-12-2022 0 1	0	1
"INFO WatchedFile - Resetting fd to re-extract header"? I have the csv file which has the below lines. ========================= METRIC_NAME,METRIC_UNIT,BEGIN_TIME,END_TIME,... by yuvasree Explorer in Getting Data In 10-12-2022 0 2	0	2
Kv store status showing failed not able to start? Getting errors as Failed to start KV Store process. See mongod.log and splunkd.log for details. tried few steps by rm... by sekhar463 Path Finder in Getting Data In 10-12-2022 0 0	0	0
Granular AWS CT Account Logging using Log Prefix within Splunk TA for AWS Hello, I realize this is a rather specific request so I'll keep it short and simple to see if anyone has had previous... by cfloquet Path Finder in Getting Data In 10-11-2022 0 0	0	0
Update slpunkclouduf.spl app on Windows Universal Forwarder- What is the syntax we should use to force the update? Hi, Got a message from Splunk that our universal forwarder certificate package will be expiring soon and trying to up... by cpkg Engager in Getting Data In 10-11-2022 0 2	0	2
How do we get duplicate time values from file? Hello All, I have a file that is created/appended via a bash script (varialbe >> file.txt) It puts the newest data at... by eholz1 Builder in Getting Data In 10-11-2022 0 5	0	5
Why am I receiving a "Server is busy" error after configuring the HTTP Event Collector? Dear all, I have configured the HTTP Event Collector but can't successfully send events. My configuration in inputs.c... by ecoquelin Explorer in Getting Data In 10-10-2022 1 7	1	7
Two types of data over the same port? I'm trying to get both JSON and syslog information from our firewall into Splunk Cloud using universal forwarder. So... by paulgo Explorer in Getting Data In 10-10-2022 0 1	0	1
How to ingest bloomberg application data into splunk? hai all, can you suggest is there anyway to ingest blookberg application data into splunk by sekhar463 Path Finder in Getting Data In 10-10-2022 0 1	0	1
How do I extract these events between two date ranges? Hello!, First time posting here. Just started learning Splunk and I am trying to extract events between two date rang... by Saikarankot Engager in Getting Data In 10-08-2022 0 3	0	3