Getting Data In

Discussions

Thread Info

WebLogic add-on is not parsing UTC time zone correctly but does correct with GMT

I've discovered issue with WebLogic add-on (1.0.0) for Splunk and I am having hard time figuring out how to fix props...

by Path Finder in

How do I fix this Windows monitor stanza error: crcSalt change, now files are not mentioned in splunkd.log

So I've read the docs on how to properly format a monitor stanza in Windows.. and am trying to monitor a dir full of ...

by Explorer in

Splunk ingesting duplicate data from Azure File Share monitored file - Checksum for seekptr didn't match, will re-read e

I have an issue where I have set up a Universal Forwarder on a Windows Azure server to monitor data stored on an Azur...

by Explorer in

How to escape ":" character from json string sent to splunk through uf?

Hi, I have a python script with json string which is sent to splunk cloud through Universal Forwarder. Since I hav...

by Explorer in

How can I set _time for a json payload that has to first be restructured with SEDCMD?

Hello! I realize that the question is a bit particular, so I will try to explain through an example. I am indexing...

by Builder in

How would I monitor file content history change?

Hi I have two config files that need to monitor them, to answer these questions: Who?what?when? Change that file. Nee...

by Motivator in

Forwarder Stops sending Data and starts sending once restart is done?

Hi, multiple Forwarders stops sending data for no reason for every 20 days , but when a restart is done, all starts s...

by Explorer in

How to reindex data to get new data with chance being made?

Hello, I have a DBInput that have a database with a list of user with email and phone number, and people can make ...

by Communicator in

Why is logging on splunk cloud lagging behind logging on splunk enterprise on prem instance for few minutes?

Initially we were using splunk enterprise to log our real time logs. But few days before we have moved onto splunk cl...

by New Member in

Why does Splunk UF stop sending data a few minutes after the start?

Hi, in a Linux server, a UF is configured to monitor a log directory, and it stops sending data to the indexer after ...

by Path Finder in

How to list indexes which have data that is received by HEC and owners of indexes?

I am working in clustered environment and getting data from HEC. I want to list out indexes which are receiving HEC ...

by Engager in

How do I emulate a tcp stream to test data ingestion?

Hello, I have a stream of call data records in xml form coming into splunk and i would like to add some ingestion...

by Explorer in

File Monitroring issue- Why did csv file stop getting ingested into splunk after few hours?

facing this issue second time, and tried almost every possible way out in last 2 months, so here is the csv file we'r...

by Explorer in

How to properly include info that wasn't included in the final result?

Hello! I'm relatively new to Splunk but I've worked with databases over the years so I felt lik...

by Engager in

Why to use syslog or tcp output?

Hello Splunkers,I have a small question, what is the best practice (or for what reasons) should I use Syslog or TCP c...

by Path Finder in

Why is the knowledge bundle directory filling up after 6.5.1 upgrade?

I am having an issue with the knowledge bundle directory not deleting old bundles. This started after upgrading from ...

by Communicator in

How to know and verify if my syntax I write for input.conf in deployment apps work or not?

Hello, So I have a forwarder installed on a server and it show up on Clients in Forwarder Management. Then I cr...

by Communicator in

Monitor cisco router interfaces- Is syslog enough or do I have to use snmp?

I'm looking for a way to monitor several router and several interfaces (physical, tunnel...).I need to extract status...

by Path Finder in

Splunk Forwarder on DC 2022 unable to receive data?

So today i installed the forwarder on a DC that is hosted on a VM but i cant seem to get any logs from this machine ...

by Path Finder in

How to change '_time'? _time is by default picking first alphabetical date column (Assigned) and doing +05:30

Hello Experts, I have different date column in a csv file and which I have uploaded manually and extracted the fie...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

WebLogic add-on is not parsing UTC time zone correctly but does correct with GMT

How do I fix this Windows monitor stanza error: crcSalt change, now files are not mentioned in splunkd.log

Splunk ingesting duplicate data from Azure File Share monitored file - Checksum for seekptr didn't match, will re-read e

How to escape ":" character from json string sent to splunk through uf?

How can I set _time for a json payload that has to first be restructured with SEDCMD?

How would I monitor file content history change?

Forwarder Stops sending Data and starts sending once restart is done?

How to reindex data to get new data with chance being made?

Why is logging on splunk cloud lagging behind logging on splunk enterprise on prem instance for few minutes?

Why does Splunk UF stop sending data a few minutes after the start?

How to list indexes which have data that is received by HEC and owners of indexes?

How do I emulate a tcp stream to test data ingestion?

File Monitroring issue- Why did csv file stop getting ingested into splunk after few hours?

How to properly include info that wasn't included in the final result?

Why to use syslog or tcp output?

Why is the knowledge bundle directory filling up after 6.5.1 upgrade?

How to know and verify if my syntax I write for input.conf in deployment apps work or not?

Monitor cisco router interfaces- Is syslog enough or do I have to use snmp?

Splunk Forwarder on DC 2022 unable to receive data?

How to change '_time'? _time is by default picking first alphabetical date column (Assigned) and doing +05:30

How I Instrumented a Rust Application Without Knowing Rust

Splunk Community Platform Survey

Observability Highlights | November 2022 Newsletter

May I have sample code to query Splunk data using ...

How to add metadata to UF config files?

Splunk Add-on for Citrix Netscaler - IPFIX/AppFlow

AWS S3 Input- Ingest .csv files that are not actua...

Increased CPU on Universal Forwarder since v9