Getting Data In

Community Activity

	How do I write props.cof for below log structure? Actual log:- [{area: "CU", subid: "M", slgdattim: "2022022109515500", slgproc: "1362100032D2", slgmand: "200", sid: "... by sathiyasun Explorer in Getting Data In 03-10-2022 0 1	0	1
	How to add data from the Linux machines to Splunk? hi all, I'm completely new to Splunk and have some problems understanding the dataflow and what to configure where.i ... by pbnl Path Finder in Getting Data In 03-10-2022 0 2	0	2
	Why is there an error in pushing AWS cloudwatch logs using log group? Hi Team I am trying to push AWS cloudwatch logs to splunk using the log stream in splunk add for AWS, but could not a... by rajivsplunk New Member in Getting Data In 03-10-2022 0 1	0	1
	How to separate different log entries from a single source? I'm getting logs from a dockerized in-house developed application and ingesting them into Splunk. There are 3 types o... by rubenmuradyan Explorer in Getting Data In 03-10-2022 0 4	0	4
	Is is possible to index a small CSV file with only 1 column (both with monitoring and manually)? I am trying to index a small CSV file with only 1 column (both with monitoring and manually ) is it impossible ? w... by rayar Contributor in Getting Data In 03-10-2022 0 12	0	12
	What is the recommended way to index massage trace logs? Hi what is the recommended way to index massage trace logs ? currently we are using Microsoft Office 365 Reporting... by rayar Contributor in Getting Data In 03-10-2022 0 0	0	0
	Error on Configure application receivers for monitoring » Nagios "found unknown escape character" Nagios — Splunk Observability Cloud documentation Please assist as I not able to start OTEL service due to the error ... by fongpen Path Finder in Getting Data In 03-09-2022 0 3	0	3
	How to completely remove/not select the directory path if it "remote" in its folder structure? How to completely remove/not select the directory path if it "remote" in its folder structure my regex --- specific... by DataOrg Builder in Getting Data In 03-09-2022 0 6	0	6
	Why are there field extraction issues when indexing Barracuda Web Security Gateway via syslog? We've been indexing logs from our Barracuda Web Security Gateway via our syslog server with a default sourcetype of s... by pl2345 Path Finder in Getting Data In 03-09-2022 0 0	0	0
	Scripted input with bash script is not generating any results I have a bash script that queries audit.log using ausearch for events that I have configured in audit.rules to have a... by ricotries Communicator in Getting Data In 03-09-2022 0 4	0	4
	Wildcard magic in monitor stanzas- Need help with inputs.conf Hi, we have a directory with daily log files I want to read into Splunk 8.1.5: /dir1/dir2/dir3/dir4/file-20220309.log... by vgrote Path Finder in Getting Data In 03-09-2022 0 2	0	2
	I am unable to upgrade Splunk universal forwarder 7.3.3 -> 8.1.3 Hi everyone, I have an issue with upgrade splunk universal forwarder 7.3.3 to 8.1.3 (windows platform).During our inv... by marcinss Loves-to-Learn in Getting Data In 03-09-2022 0 9	0	9
	How to monitor specify window service using telegraf/win_services? Hi, I found the following telegraf service monitoring, is that anyway to specify service name (e.g Print Spooler serv... by fongpen Path Finder in Getting Data In 03-09-2022 0 1	0	1
	Why are my Splunk UF events being sent to main index, even with a customized inputs.conf file? [Contents deleted per request] by JMondares Explorer in Getting Data In 03-08-2022 0 11	0	11
	Splunk Datamodel Endpoint Processes.process_name: How do we fix the regex to only show process name? We are having issues with our Splunk datamodel Endpoint Processes.process_name. The current value for Process.process... by SplunkUserD Engager in Getting Data In 03-08-2022 0 0	0	0
	Is it possible to write Splunk results to a CSV file using Splunk Custom Command? Any examples? Thank you! by nbtlearn Loves-to-Learn in Getting Data In 03-08-2022 0 1	0	1
	What is the latest reliable way to index email data from inbox folder in Splunk? As the title suggests, I want to index data from Splunk user email account's inbox folder. Splunk version - 8.2.4 Hav... by dm1 Contributor in Getting Data In 03-08-2022 0 1	0	1
	How to pick only non comma (",") related events and show in table? Hi have a results from my mail index say log look like below sender=abc recipient=xyz@sample.com,ghi@nonsample.com co... by akshayinnamuri Loves-to-Learn Lots in Getting Data In 03-08-2022 0 4	0	4
	Normalizing imported .evtx files with Splunk Windows Add-on Greetings all,I'm in a situation where I would like do "offline" Windows event logs analysis, and I need to be able t... by Erad New Member in Getting Data In 03-08-2022 0 1	0	1
	Can I forward logs from a Heavy Forwarder in JSON format to another data capture device? I wanted to ask if it was easy or possible to forward logs if some may be in text format from a HF to another device ... by robnewman666 Path Finder in Getting Data In 03-07-2022 0 2	0	2
	How to create a table with the names of the users deleted? I want to have a table of deleted accounts with the attributes time, adminstrator, user, message but the administrato... by hichem_khalfi Path Finder in Getting Data In 03-07-2022 0 1	0	1
	How to create a search that shows how much old data is used past 30 days? Hi, I have smartstore cluster in AWS with frozenTimePeriodInSecs =(7 years) and In DMC I see there are lots of down... by bsrikanthreddy5 Path Finder in Getting Data In 03-07-2022 0 1	0	1
	Is there another way to achieve more an a 100 results without changing the limits.conf file? So i'm familiar with multiple ways to pull out a list of the indexes - except my challenge is I'm stuck to only recei... by xneogenz Loves-to-Learn in Getting Data In 03-05-2022 0 2	0	2
	Global Tokens in Searches I'm an occasional Splunk Enterprise user so forgive me if this is a noob question or has been answred before:We use Q... by shocko Contributor in Getting Data In 03-04-2022 0 4	0	4
	How to ingest Windows process Command Line arguments? We are about to start ingesting Windows process command line arguments. Within the Microsoft article, it states that ... by SplunkUserD Engager in Getting Data In 03-03-2022 0 4	0	4

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

Getting Data In

How do I write props.cof for below log structure?

How to add data from the Linux machines to Splunk?

Why is there an error in pushing AWS cloudwatch logs using log group?

How to separate different log entries from a single source?

Is is possible to index a small CSV file with only 1 column (both with monitoring and manually)?

What is the recommended way to index massage trace logs?

Error on Configure application receivers for monitoring » Nagios "found unknown escape character"

How to completely remove/not select the directory path if it "remote" in its folder structure?

Why are there field extraction issues when indexing Barracuda Web Security Gateway via syslog?

Scripted input with bash script is not generating any results

Wildcard magic in monitor stanzas- Need help with inputs.conf

I am unable to upgrade Splunk universal forwarder 7.3.3 -> 8.1.3

How to monitor specify window service using telegraf/win_services?

Why are my Splunk UF events being sent to main index, even with a customized inputs.conf file?

Splunk Datamodel Endpoint Processes.process_name: How do we fix the regex to only show process name?

Is it possible to write Splunk results to a CSV file using Splunk Custom Command? Any examples?

What is the latest reliable way to index email data from inbox folder in Splunk?

How to pick only non comma (",") related events and show in table?

Normalizing imported .evtx files with Splunk Windows Add-on

Can I forward logs from a Heavy Forwarder in JSON format to another data capture device?

How to create a table with the names of the users deleted?

How to create a search that shows how much old data is used past 30 days?

Is there another way to achieve more an a 100 results without changing the limits.conf file?

Global Tokens in Searches

How to ingest Windows process Command Line arguments?

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

SC4S postfilter not dropping Fortigate east-west t...

PCAP Data contains media and audio file, Is it pos...

TA_Guardium API Add-on for Splunk

Transilience AI threat intel feed integration

I have question about Metrics

Getting Data In

Join the Conversation