Getting Data In

Community Activity

	How to Ensure Proper Load Balancing Across Multiple Heavy Forwarders? Hi,We’re currently facing a load imbalance issue in our Splunk deployment and would appreciate any advice or best pra... by mcfabrero_acn Explorer in Getting Data In 07-14-2025 0 3	0	3
	Issues Indexing SAP System Log (SM21) Dear splunk community,After successfully implementing the input from @afx :"How to Splunk the SAP Security Audit Log"... by SPLAUR Engager in Getting Data In 07-11-2025 0 6	0	6
	Writing regex for specific /var/log/*.log files The Splunk app for Linux already provided a stanza for collecting all the .log files in the /var/log folder ([monitor... by Na_Kang_Lim Path Finder in Getting Data In 07-11-2025 0 4	0	4
	Splunk Deployment App Filtering SharePoint Logs Hi Splunk Community,I’m trying to reduce disk space usage on my Splunk Universal Forwarder by filtering out unnecess... by tbarn005 Engager in Getting Data In 07-10-2025 0 6	0	6
	Sourcetype for JSON data fails to extract the timestamp I feed data to Splunk using the HTTP Event Collector, sample event:{<!-- -->"event":{<!-- -->"event_id": "58512040","event_name": "Ac... by mmaaxx Explorer in Getting Data In 07-09-2025 0 5	0	5
	Prisma Cloud Integration Guys i have Splunk Cloud , i created Http Event Collector & in prisma i gave url /service/collector but logs are not ... by XOR Loves-to-Learn in Getting Data In 07-09-2025 0 3	0	3
	Adaptive filtering/Stateful cross-event logic to filter unwanted events When collecting Linux logs using a Universal Forwarder we are collecting a lot of unnecessary audit log from cronjobs... by fatsug Builder in Getting Data In 07-09-2025 0 5	0	5
	CITRIX onboard via SC4S - no events in splunk Hi,I am running splunk standalone 8.4.1 with Citrix add-on installed 8.2.3. Also, I have SC4S running version 3.31.0... by corti77 Contributor in Getting Data In 07-07-2025 0 4	0	4
	Why am I Getting Duplicated Data Using HEC Ingestion Method I'm getting duplicated data when using lambda function to send events from cloudwatch to splunk through HTTP Event Co... by wsmworkhard Explorer in Getting Data In 07-03-2025 0 3	0	3
	Does Splunk Add-on For M365 app work in GCC HIGH tenants? We are getting the following error when trying to ingest EXO mail logs into splunk using the add-in.line 151, in __ca... by TestAdminHorst New Member in Getting Data In 07-03-2025 0 2	0	2
	Cisco Security Cloud Add_on vs. Splunk Add-On for Cisco ASA Onboarding Cisco FTD firewalls presents the choice of which Add-On to use. Apparently Cisco FTD firewalls run both AS... by kfsplunk Loves-to-Learn in Getting Data In 07-02-2025 0 2	0	2
	Export search results to a folder outside splunk Hello EveryoneI need to export the search results to a folder outside the Splunk. To do this job we've exportresults ... by DineshElumalai Explorer in Getting Data In 07-02-2025 0 3	0	3
	I unable to initialize modular input "TA-Akamai_SIEM" defined inside the app "Splunk_TA_siem_connector"? I am getting the below error. Unable to initialize modular input "TA-Akamai_SIEM" defined inside the app "Splunk_TA_... by kaushik3g Engager in Getting Data In 07-01-2025 0 4	0	4
	Duplicate and Missing Logs After Splunk Universal Forwarder Pod Restart in EKS We are experiencing consistent log duplication and data loss when the Splunk Universal Forwarder (UF) running as a He... by Ravi1 Loves-to-Learn in Getting Data In 06-30-2025 0 1	0	1
	Citrix NetScaler sourcetype for HEC The current Netscaler guidance is that logs should be exported via HEC. However, it seems like the app doesn't have a... by _joe Contributor in Getting Data In 06-30-2025 0 1	0	1
	Modify Security Events for EventCode 4624) Hello! I have logs from Domain Controller Active Directory in Splunk and try to configure monitoring of user logons ... by Kosyay Explorer in Getting Data In 06-30-2025 0 12	0	12
	error on dbx connect : DBX Server is not available, please make sure it is started and listening on 9998 port or consult Hello,im facing a problem on my Dbx connect : Cannot communicate with task server, please check your settings. DBX Se... by hv64 Explorer in Getting Data In 06-30-2025 0 4	0	4
	About Upload File Hi guys,I am new here and I want to explore some things in splunk. I have a txt file, I uploaded it and I want to get... by tanjiro_rengo New Member in Getting Data In 06-30-2025 0 4	0	4
	Need help receiving and parsing IPFIX data in Splunk using Splunk Stream Hello everyone,I have a network monitoring system that exports data via IPFIX using Forwarding Targets.I am trying to... by kn450 Explorer in Getting Data In 06-29-2025 0 1	0	1
	Cannot parse linux logs My linux logs cannot parsed in dashboard. My renderxml is setted to false by meg Observer in Getting Data In 06-27-2025 0 3	0	3
	Data not reaching Splunk Cloud after Migrating to new Universal Forwarders Hello,I am having issues getting data into Splunk Cloud with two new Universal forwarders.I have two existing Univers... by Pete_ Explorer in Getting Data In 06-26-2025 0 7	0	7
	How to forward csv data files from sharepoint online to splunk cloud I don't mean SharePoint activity, admin or audit logs. I mean actual data files (that will be converted later to look... by untieshoe Path Finder in Getting Data In 06-26-2025 0 3	0	3
	Log formatting not as expected Jun 26 13:46:12 128.23.84.166 [local0.err] <131>Jun 26 13:46:12 GBSDFA1AD011HMA.systems.uk.fed ASM:f5_asm=PROD vs_na... by splunklearner Communicator in Getting Data In 06-26-2025 0 6	0	6
	Why for f5 data we use [UDP://9514] instead of using syslog? I came across in our repo a monitoring stanza for f5, which is [UDP://9514]. I wonder if there is any reason not to u... by danielbb Motivator in Getting Data In 06-26-2025 0 3	0	3
	Splunk HEC/kafka raw logs parsing / addons Hello, is it possible in Splunk HEC from Kafka to receive raw events on HF in order to parse fields with addons?It se... by splunkreal Influencer in Getting Data In 06-26-2025 0 4	0	4