Getting Data In

Community Activity

Need monitoring for PAM- Is it possible without a third party app? Hi Everyone,We need a PAM server logs without installing any third-party app in Pam server.Is it possible to do the m... by jackin Path Finder in Getting Data In 10-18-2022 0 0	0	0
How to test data integrity? Hello there, Here is the context, I have a Splunk test environment, one indexer one search head and one forwarder. I'... by aatik5u Path Finder in Getting Data In 10-18-2022 0 3	0	3
How to add eval command to props.conf? Hello Splunk Community, I am trying to add the following command to the props.conf file to make the following search ... by btaxacher Observer in Getting Data In 10-18-2022 0 4	0	4
How to edit Splunk HEC token value? I want to configure two HEC tokens as the same because I want to load balance traffic between them. I followed the do... by kristen Explorer in Getting Data In 10-17-2022 0 1	0	1
Why is Splunk add-on for okta identity cloud is not able to pull logs from Okta cloud? Hi All, We are currently in-progress of onboarding the okta identity cloud logs, we are using Splunk built add-on for... by bhsakarchourasi Path Finder in Getting Data In 10-17-2022 0 0	0	0
What would you say is the recommended method for handling CSV files? Hi All- What would you say is the recommended method for handling CSV files? Ingesting it into an index or using it ... by aquinol Explorer in Getting Data In 10-17-2022 0 3	0	3
How to extract json from event with = separated values? Hello, I have the following type of event, and I would like to extract the `tags` field into its respective fields.... by zachsisinst Explorer in Getting Data In 10-17-2022 0 1	0	1
UF StreamForwarder 8.1.0 issue Soo I have been able to setup and create the different monitors for my universal forwarder. Im working in a test envi... by socks Loves-to-Learn Lots in Getting Data In 10-17-2022 0 0	0	0
Very long log events coming over syslog 514/udp are cut- How would I resolve this? HelloSomeone will have happened that the logs come with a length of 1000 characters at most, and these are indexed in... by jrodriguezap Contributor in Getting Data In 10-17-2022 0 10	0	10
Why am I receiving a certificate error when trying to oneshot? Hi All, I'm getting the below splunk add oneshot ./kaseya.txt -index main -sourcetype asset‌☁️‌kaseya-edge:agent ER... by jwhughes58 Contributor in Getting Data In 10-17-2022 0 1	0	1
How to monitor a windows service, send an alert and restart the service? hai all How to monitor a windows service, send an alert and restart the service?what was the required configuration. by sekhar463 Path Finder in Getting Data In 10-17-2022 0 5	0	5
Any known method to alter polling interval for file monitoring? There is a log file I want want monitor with splunk universal forwarder (on windows) which receives line writes only ... by dstaulcu Builder in Getting Data In 10-17-2022 0 7	0	7
Logs are not forwarding from the particular directory? I have forwarding the logs from the below directory. Below is the inputs.conf file [monitor:///u01/app/oracle/scripts... by yuvasree Explorer in Getting Data In 10-15-2022 0 7	0	7
How to index big zip files? I have few zip file (after extend is thound of csv files) in a folder, each zip file size is over 1GB. I use monitor ... by dillencehsu Path Finder in Getting Data In 10-14-2022 0 7	0	7
Operation type for event 5058 {Solution} Hello everyone, Have you ever wondered why microsoft does not documented Operation types with Unicode + meaning? You ... by Hons Engager in Getting Data In 10-14-2022 2 2	2	2
How can I create search and alert if port was down or not listing? i have events for port listening on 443 how can i create search and alert if port was down or not liseting below are... by sekhar463 Path Finder in Getting Data In 10-14-2022 0 9	0	9
Splunk Time_format and Timestamp prefix option? I have the data has "1111\|xxx, xxx y\|000000\|111111\|firstname, lastname\|10/13/22 02:12:09\|" I used TIME_FORMAT = %m/%d... by poojithavasanth Explorer in Getting Data In 10-14-2022 0 10	0	10
Filter AWS Cloudtrail AwsApiCall events? Does anybody know a good way to filter out AWS Cloudtrail events? I'd like to send to null queue events that contains... by martaBenedetti Path Finder in Getting Data In 10-13-2022 0 0	0	0
How can I have the query show just Year-Month-Day and remove the rest of what is showing above? I am creating a dashboard for reporting and one of the values of my search is called 'start date' when I check the co... by queryboy Explorer in Getting Data In 10-13-2022 0 1	0	1
Universal Forwarder on Windows not picking up log files? I've been able to deploy universal forwarders to dozens of Windows servers that run IIS logs. I have created a dedica... by Dmikos1271 Explorer in Getting Data In 10-13-2022 0 0	0	0
Looking for a search to see my splunk users that havent logged into splunk in x days? I'm looking for a query to see my splunk users that havent logged into splunk in x days. Currently looking at this q... by smithke Explorer in Getting Data In 10-13-2022 0 5	0	5
SC4S and Docker for Windows- Have you run into any Docker for Windows roadblocks? For those of you who have installed SC4S in a Docker for Windows environment, what differences were there in the inst... by paulgo Explorer in Getting Data In 10-12-2022 0 0	0	0
Outputlookup creating csv with columns that are alphabetical? I have a search that gathers a bunch of data from various sources and appends to 1 big stats that I have reporting in... by maxsteel Explorer in Getting Data In 10-12-2022 0 5	0	5
How can I determine if the UF is seeing anything on a port? I'm trying to get our syslogs forwarded via UF to Splunk Cloud. I've got the UF listening on port 514 and added [ud... by paulgo Explorer in Getting Data In 10-12-2022 0 4	0	4
Any splunk best practices for field extraction and line breaking? Hi Splunkers, Any Best practices for field extraction and line breaking. i want to know something like , if we all th... by restinlinux Explorer in Getting Data In 10-12-2022 0 1	0	1