Getting Data In

Community Activity

Custom API endpoint returning CSRF error on post? Hello, I am trying to get a custom API endpoint to work, but I am getting CSRF errors when posting any data to it: 4... by zackurben Engager in Getting Data In 10-19-2022 1 2	1	2
How to encrypt traffic between universal forwarder and indexer (getting error on server splunkd.log)? I am trying to just set up a basic encryption between the Universal Forwarder and indexer using the certs that come w... by snix Communicator in Getting Data In 10-19-2022 0 2	0	2
Problems with sourcetypes on syslog collectors-How can I set a sourcetype using REGEX? Hi,I have multiple syslog collectors (practically a heavy forwarder that picks up logs from disk).I am struggling to ... by Fonzie2k Path Finder in Getting Data In 10-19-2022 0 3	0	3
How to extract a specific work from Splunk logs? I would like to extract status value (i.e. 201) highlighted below using RegEx in the following link. However, it didn... by Manth Explorer in Getting Data In 10-18-2022 0 5	0	5
How to extract nth word in a string with a hyphen delimiter? I wanted to extract nth word in string with a hyphen delimiter from the following strings that are 3rd and 6th words ... by Manth Explorer in Getting Data In 10-18-2022 0 2	0	2
Is it possible to pull data from a REST API to Splunk trial? Hi all, I am trying to configure a REST API (OAuth) into a Splunk cloud trial environment. I'm running into issues an... by mpatterson New Member in Getting Data In 10-18-2022 0 1	0	1
How do I remove user email? Hi Guys, Is there anybody here knows how to remove user email from any Splunk alert and add new user email in his pla... by majilan1 Path Finder in Getting Data In 10-18-2022 0 6	0	6
Need monitoring for PAM- Is it possible without a third party app? Hi Everyone,We need a PAM server logs without installing any third-party app in Pam server.Is it possible to do the m... by jackin Path Finder in Getting Data In 10-18-2022 0 0	0	0
How to test data integrity? Hello there, Here is the context, I have a Splunk test environment, one indexer one search head and one forwarder. I'... by aatik5u Path Finder in Getting Data In 10-18-2022 0 3	0	3
How to add eval command to props.conf? Hello Splunk Community, I am trying to add the following command to the props.conf file to make the following search ... by btaxacher Observer in Getting Data In 10-18-2022 0 4	0	4
How to edit Splunk HEC token value? I want to configure two HEC tokens as the same because I want to load balance traffic between them. I followed the do... by kristen Explorer in Getting Data In 10-17-2022 0 1	0	1
Why is Splunk add-on for okta identity cloud is not able to pull logs from Okta cloud? Hi All, We are currently in-progress of onboarding the okta identity cloud logs, we are using Splunk built add-on for... by bhsakarchourasi Path Finder in Getting Data In 10-17-2022 0 0	0	0
What would you say is the recommended method for handling CSV files? Hi All- What would you say is the recommended method for handling CSV files? Ingesting it into an index or using it ... by aquinol Explorer in Getting Data In 10-17-2022 0 3	0	3
How to extract json from event with = separated values? Hello, I have the following type of event, and I would like to extract the `tags` field into its respective fields.... by zachsisinst Explorer in Getting Data In 10-17-2022 0 1	0	1
UF StreamForwarder 8.1.0 issue Soo I have been able to setup and create the different monitors for my universal forwarder. Im working in a test envi... by socks Loves-to-Learn Lots in Getting Data In 10-17-2022 0 0	0	0
Very long log events coming over syslog 514/udp are cut- How would I resolve this? HelloSomeone will have happened that the logs come with a length of 1000 characters at most, and these are indexed in... by jrodriguezap Contributor in Getting Data In 10-17-2022 0 10	0	10
Why am I receiving a certificate error when trying to oneshot? Hi All, I'm getting the below splunk add oneshot ./kaseya.txt -index main -sourcetype asset‌☁️‌kaseya-edge:agent ER... by jwhughes58 Contributor in Getting Data In 10-17-2022 0 1	0	1
How to monitor a windows service, send an alert and restart the service? hai all How to monitor a windows service, send an alert and restart the service?what was the required configuration. by sekhar463 Path Finder in Getting Data In 10-17-2022 0 5	0	5
Any known method to alter polling interval for file monitoring? There is a log file I want want monitor with splunk universal forwarder (on windows) which receives line writes only ... by dstaulcu Builder in Getting Data In 10-17-2022 0 7	0	7
Logs are not forwarding from the particular directory? I have forwarding the logs from the below directory. Below is the inputs.conf file [monitor:///u01/app/oracle/scripts... by yuvasree Explorer in Getting Data In 10-15-2022 0 7	0	7
How to index big zip files? I have few zip file (after extend is thound of csv files) in a folder, each zip file size is over 1GB. I use monitor ... by dillencehsu Path Finder in Getting Data In 10-14-2022 0 7	0	7
Operation type for event 5058 {Solution} Hello everyone, Have you ever wondered why microsoft does not documented Operation types with Unicode + meaning? You ... by Hons Engager in Getting Data In 10-14-2022 2 2	2	2
How can I create search and alert if port was down or not listing? i have events for port listening on 443 how can i create search and alert if port was down or not liseting below are... by sekhar463 Path Finder in Getting Data In 10-14-2022 0 9	0	9
Splunk Time_format and Timestamp prefix option? I have the data has "1111\|xxx, xxx y\|000000\|111111\|firstname, lastname\|10/13/22 02:12:09\|" I used TIME_FORMAT = %m/%d... by poojithavasanth Explorer in Getting Data In 10-14-2022 0 10	0	10
Filter AWS Cloudtrail AwsApiCall events? Does anybody know a good way to filter out AWS Cloudtrail events? I'd like to send to null queue events that contains... by martaBenedetti Path Finder in Getting Data In 10-13-2022 0 0	0	0