Getting Data In

Community Activity

Need help parsing and extracting MongoDB JSON log in Splunk Hi,I need some help.We have been using Splunk for MongoDB alert for a while, now the new MongoDB version we are upgra... by ychoo Observer in Getting Data In 04-22-2022 0 2	0	2
Data Onboarding issue- unable to see the data in splunk Hello All, I have configured the inputs and props but unable to see the data in splunk. I have around 20 monitor stan... by blbr123 Path Finder in Getting Data In 04-22-2022 0 9	0	9
Why is indexes.conf change not reflected in GUI without restart? I use Splunk Enterprise 8.0.4.1 In indexes.conf I have changed maxTotalDataSizeMB value. According to https://docs.sp... by jankowsr Path Finder in Getting Data In 04-21-2022 0 3	0	3
Help with props.conf to detect timestamp Hello Splunkers, I have the following raw event.It was parsing with correct date and time until the daylight saving... by power12 Communicator in Getting Data In 04-21-2022 0 3	0	3
How to monitor path in RHEL 8 but not RHEL 7? Hello I am using the Spunk_TA_nix and a server class to push that out to all nix boxes, but server class is not granu... by token2 Path Finder in Getting Data In 04-21-2022 0 4	0	4
Error: WinRegistryMonitor::configure: Failed to get configuration settings: 'Regex: number too big in {} quantifier' I found many errors from _internal log ERROR ExecProcessor - message from "D:\SplunkUniversalForwarder\bin\splunk-reg... by nareerat_pr Explorer in Getting Data In 04-21-2022 0 3	0	3
Why are none of the Perfmon inputs are sending Data Into Metrics Index and not showing errors? Hello, We're running into an issue with a UF sending data to a new metrics index under an app deployed by our deploym... by Razziq Explorer in Getting Data In 04-20-2022 0 6	0	6
Why is splunk not forwarding on windows? Hello community Trying to figure out what is blocking/affecting UF on Windows Agent was installed using CLI msiexec.e... by fatsug Builder in Getting Data In 04-20-2022 0 17	0	17
Cisco Firepower Estreamer Questions Hello, We want to onboard Cisco firepower devices and we can't decide between estreamer and syslog input. I would b... by sethion Observer in Getting Data In 04-19-2022 0 1	0	1
Why is some data source indexed one hour in the future? Hi, Some data source is indexed one hour in the future (probably since TZ shift => twice a year hour change in France... by emallinger Communicator in Getting Data In 04-19-2022 0 2	0	2
Splunk cannot find my file Hi, I have problem here, i already complete file transferring to Splunk server using cronjob. But unfortunately, all ... by amirulhusni99 Engager in Getting Data In 04-17-2022 0 1	0	1
Insecure Cipher Suites on Splunk Indexer and Deployment Server We have got below vulnerabilities on Splunk servers, please help how to resolve itinsecure cipher suites:* TLS 1.2 ci... by ayush-choudhary Explorer in Getting Data In 04-17-2022 0 0	0	0
What is the hot bucket max time? Hi All I'm very new to Splunk can someone help me after how many days the data will transfer from hot bucket to warm ... by debjit_k Path Finder in Getting Data In 04-14-2022 0 2	0	2
How to Send XML file logs to Splunk with this splunk-connect-for-kubernetes? Splunk connect for-kubernetes and I have been tryingto forward the XML file logs to splunk with this splunk-conne... by Dorai Loves-to-Learn in Getting Data In 04-14-2022 0 0	0	0
How to see the logs of the second forwarders logs? (Using two forwarders and one indexer) Hello there, I am working on VMware, I have two linux machines that I'm using as universal forwarders (ubuntu desktop... by aatik5u Path Finder in Getting Data In 04-14-2022 0 1	0	1
Why is cmd script not running? hi all, i try to run a cmd script on a UF. it's located in %SPLUNK_HOME%\etc\apps\log4jscan\bin\log4jscan.cmd and th... by pbnl Path Finder in Getting Data In 04-13-2022 0 2	0	2
Why is Splunkd not starting after a reboot, wih Systemd enable-boot start? We setup splunkd to autostart using systemd.-> https://docs.splunk.com/Documentation/Splunk/latest/Admin/RunSplunkass... by yannK Splunk Employee in Getting Data In 04-13-2022 0 1	0	1
Splunk indexer service: Why error "RHEL 7.1 systemd[1]: Failed to start SYSV: Splunk indexer service"? My Splunk indexer is not starting as a service on RHEL 7.1 on a fresh install.It's starting ok as splunk user though.... by lraynal Explorer in Getting Data In 04-13-2022 0 6	0	6
How to parse out asterisk delimited format? Hi! I'm having a struggle trying to get Splunk to recognize a file that's in Asterisk Delimited Format. I have the pr... by skirven Communicator in Getting Data In 04-13-2022 0 3	0	3
Why has source stopped indexing? hi, I have 2 source A and B (routers), they are sending the data over udp port 514. all of the sudden, the source B i... by heloma Engager in Getting Data In 04-12-2022 0 2	0	2
Enqueuing a very large file on HF Hi All, My setup is firewall are sending logs to Syslog server and heavy forwarder installed on syslog server itself... by bhsakarchourasi Path Finder in Getting Data In 04-12-2022 0 3	0	3
AWS Aurora Logs sending double-zipped to Splunk via AWS Add-on We're running into an issue using Add-On for AWS + SQS-based S3 inputs to pull Aurora logs from S3 buckets. The .gz d... by adnankhan5133 Communicator in Getting Data In 04-12-2022 0 0	0	0
How to avoid wrong timestamp with MAX_TIMESTAMP_LOOKAHEAD Hello, I have logs from Cisco ESA (emails) and some of them are logged in the futur. For example this log is marked ... by ctaf Contributor in Getting Data In 04-12-2022 1 16	1	16
Why am I unable to download a Universal Forwarder for Windows from splunk.com? I'm going to the page below and selecting Windows OS, I'm then redirected to the download page and it thanks me for d... by skoelpin SplunkTrust in Getting Data In 04-12-2022 0 9	0	9
Why is Microsoft Azure Add-on Not Pulling Logs? We're running Splunk 8.2.2 with the Microsoft Azure Add-on version 3.1.1. We have the add-on installed on a heavy fo... by pkohn117 Explorer in Getting Data In 04-12-2022 0 0	0	0