Getting Data In

Community Activity

	AWS logging to our Splunk AWS logs to SplunkWe need to onboard AWS cloud watch logs (from Kinesis) to our Splunk. We have all our Splunk instan... by splunklearner Communicator in Getting Data In 04-09-2025 0 10	0	10
	Regex for multiline events where skipping lines is required. I have multiline events where it is required to capture the error messages.The events are separated by "FAILED".I nee... by TheJagoff Communicator in Getting Data In 04-09-2025 0 5	0	5
	Splunk Data Retention we got a requirement to on-board new platform logs to Splunk. They will have 1.8 TB/day data to be ingested. As of no... by Karthikeya Communicator in Getting Data In 04-08-2025 0 18	0	18
	Splunk data retention I was newly aligned into a project and didn't have proper KT from the left ones. I have queries regarding my current ... by Karthikeya Communicator in Getting Data In 04-07-2025 0 5	0	5
	Integration document for Cisco Cyber Vision with Splunk I am looking for a document to integrate Cisco cyber vision integration with Splunk. by doli Splunk Employee in Getting Data In 04-07-2025 0 4	0	4
	Change index based on source and index from different environments Hello,we have Windows servers from two environments, we want WinEventLog source (Windows Events logs) to go in "windo... by splunkreal Motivator in Getting Data In 04-07-2025 0 5	0	5
	Can I bring the logs to see if a user on Azure has MFA enabled? HI everyone,I need to check my logs to see if a user has MFA enabled or not. I've already configured Microsoft Azure ... by toporagno Explorer in Getting Data In 04-06-2025 0 1	0	1
	Splunk UF version 9.4.1 install issue OS Version: Server 2019I'm trying to install Splunk UF in my test lab. Using the GUI install, I put all the necessary... by christal654 Observer in Getting Data In 04-05-2025 0 5	0	5
	Syslog-ng error Hi,I setup the syslog-ng to receive syslog from devices and splunk HF on the same server will read those logs files.H... by tech_g706 Path Finder in Getting Data In 04-05-2025 0 3	0	3
	Having multiple Forwarders sharing the same Instance GUID As the title suggests, I am having multiple Universal Forwarders sharing the same Instance GUID due to the mistake of... by Na_Kang_Lim Path Finder in Getting Data In 04-04-2025 0 9	0	9
	Change initial date then stop ingestion I have disabled input (generic S3) of aws add-on for a year. After I enable it, it ingests old data so I disable it a... by karn Path Finder in Getting Data In 04-03-2025 0 2	0	2
	Ingesting application logs from Docker container into Splunk Cloud Hi everyone,I'm seeking advice on the best way to send application logs from our client's Docker containers into a Sp... by tawm_12 Engager in Getting Data In 04-02-2025 0 2	0	2
	How to solve duplicate GUIDs of Forwarders? As the title suggests, I am having multiple Universal Forwarders sharing the same Instance GUID due to the mistake of... by Na_Kang_Lim Path Finder in Getting Data In 04-02-2025 0 1	0	1
	How to convert "data" Field to "event" in Splunk HTTP Event Collector (HEC)? I'm ingesting data into Splunk via the HTTP Event Collector (HEC), but the data is wrapped inside a "data" key instea... by bhavesh0124 Explorer in Getting Data In 04-02-2025 0 5	0	5
	Akamai WAF integration with Splunk I have installed akamai add on for splunk in our HF. https://splunkbase.splunk.com/app/4310 I followed the documentat... by jitbahan New Member in Getting Data In 04-02-2025 0 7	0	7
	Windows splunk_wmi.exe Hi,Windows UF stopped sending events. I saw this event in _internal index'message from ""C:\Program Files\SplunkUnive... by zafar Engager in Getting Data In 04-02-2025 0 3	0	3
	Very long log events coming over syslog 514/udp are cut HelloHas anyone encountered the situation of incomplete log transmission using UDP 514? Would changing to TCP be usef... by Zoe_ Observer in Getting Data In 04-01-2025 0 2	0	2
	Universal Forwarders stopped sending data to Heavy Forwarders over HTTP after upgrading Heavy Forwarders to 9.3.x Hi,We recently upgraded the Heavy Forwarders (HF) of our Splunk Enterprise. After the upgrade the Universal Forwarder... by ArtieZ Loves-to-Learn Everything in Getting Data In 03-31-2025 0 8	0	8
	DB Connect SQL Procedures I've been using dbxquery connection=my_connection procedure=my_procedure to build reports and a few that my DBAs have... by Kyles Observer in Getting Data In 03-31-2025 0 1	0	1
	Issue with props.conf and transforms.conf – Port-Based Filtering Not Working Dear Splunk Support,I am encountering an issue while configuring Splunk to filter logs based on specific ports (21, 2... by Namchin_Bar New Member in Getting Data In 03-31-2025 0 2	0	2
	Akamai data input throwing error Hi all, I am trying to pull Akamai logs to Splunk. Hence installed this app in HF - https://splunkbase.splunk.com/ap... by Karthikeya Communicator in Getting Data In 03-31-2025 0 21	0	21
	The events associated with this job have no sourcetype information I want to route dataI want to split one sourcetype into two.When I click Extract New Fields... by bedrocho Explorer in Getting Data In 03-30-2025 0 4	0	4
	TA deployment question I'm looking for training that would cover at when deploying a TA if it would have to go to the indexer level rather t... by SplunkStudent2 Engager in Getting Data In 03-30-2025 0 3	0	3
	Modular input issue We are installing modular input (akamai add-on) to get akamai logs to Splunk.In our environment, we have kept modular... by Karthikeya Communicator in Getting Data In 03-30-2025 0 8	0	8
	Do I need to use INDEXED_EXTRACTIONS when using FIELD_DELIMITER & FIELD_NAMES on UF? I've noticed an issue with one of my syslog indexes. I have a syslog server centralizing and forwarding syslogs for 6... by StephenD1 Path Finder in Getting Data In 03-28-2025 0 1	0	1