Getting Data In

Community Activity

Can Heavy Forwarder write syslog data locally ? I have configured Heavy Forwarder to collect and forward syslog data to our Splunk Indexers. We purposely don't wish ... by dm1 Contributor in Getting Data In 03-03-2022 0 2	0	2
DHCP server log time parsing issue- why is this happening? Hi All, we have onboarded windows DHCP servers on splunk cloud by installing UFs on each server. DHCP server writes l... by bhsakarchourasi Path Finder in Getting Data In 03-03-2022 0 6	0	6
While searching DHCP logs there are huge latency (indextime -time) for few events Hi SMEs, i have quick query here. While searching DHCP logs i could see huge latency (indextime -time) for few events... by pavanbmishra Path Finder in Getting Data In 03-03-2022 0 3	0	3
Why is SC4S UDP data send not working? Hello All, I am working on the installing and getting data In for SC4S(Splunk connect for Syslog). For installation I... by snehalk Communicator in Getting Data In 03-03-2022 0 0	0	0
Is SQL team (2017) compatible with splunk db connect? Hello Guys, We have to integrate one of the SQL server with Splunk and the current version is SQL 2012. We are usin... by kiranpanchavat1 Path Finder in Getting Data In 03-02-2022 0 0	0	0
Why is JSON Event Data Showing Duplicate Values? Hi, I'm trying to ingest json data but it showing data twice for each event field. I used below in props.conf and not... by cchange Path Finder in Getting Data In 03-02-2022 0 4	0	4
How logging from different sources works when there is network outage? Hi Splunkers,I would like to know what happens to logging in below scenarios when there is an outage. I would like to... by akasmika Loves-to-Learn in Getting Data In 03-02-2022 0 1	0	1
How to log Cloudtrail logs from multiple AWS accounts? Hi Splunkers,I have to create an alert when there is a root user login in AWS. For this, I am ingesting cloudtrail lo... by akasmika Loves-to-Learn in Getting Data In 03-02-2022 0 0	0	0
Why am I seeing this message "forwarding data over HTTP is only supported on Universal Forwarders"? Hi All, We just upgraded our HWF to version 8.2.5 and now when we start splunk we get this this message: "ERROR: Dete... by KeithH Communicator in Getting Data In 03-02-2022 0 1	0	1
Why do the indexed files still have the wrong timestamp after editing the props.conf file? Hi,I can't get Splunk to use the content of timestamp_start as _time.This is an example of log:canale=<value>;an=<va... by sara_papa New Member in Getting Data In 03-02-2022 0 2	0	2
How to edit props and transforms to route data to an index based field? Hi, I'm trying to route data to a specific index based on a value in a field. I have a series of data that look like ... by martaBenedetti Path Finder in Getting Data In 03-02-2022 0 4	0	4
Splunk Cloud - How to generate list of deployed apps/TA's on indexers? Using Splunk Cloud and management made the decision to send from UF's straight to Splunk Cloud indexers. As such, ha... by random_event Explorer in Getting Data In 03-02-2022 0 4	0	4
How to use config to get rid of multipath error? Hi Splunkers! I have a problem with props.conf and tranforms.conf I face with this error in Linux Servers. multipat... by m_zandinia Path Finder in Getting Data In 03-02-2022 0 2	0	2
Splunk forwarder How to check inputs.conf file to see the how the log files are being sent to splunk. How to check forwarder is runni... by kajalchopade071 Path Finder in Getting Data In 03-02-2022 0 1	0	1
Why is Syndication input repeating events? Hi all, I'm using the syndication component (latest version), to fetch data from multiple feeds: https://www.cloudfla... by jovelfer Engager in Getting Data In 03-01-2022 0 1	0	1
How to keep original sourcetype in summary index? I have multiple scheduled searches that run on large indexes and save the results to a summary index. There is no agg... by grodaas Explorer in Getting Data In 03-01-2022 0 7	0	7
How to locate Port for o365 add-on Hi, I'm setting up the splunk add-on for o365 and as stated in the Splunk documentation i have to allow the communica... by ojay Path Finder in Getting Data In 03-01-2022 0 3	0	3
How to test powershell scripts with Splunk environment Hi, i am trying to create an add on that runs a powershell script to perform some actions. Since i dont want to hardc... by azun4i Observer in Getting Data In 03-01-2022 0 4	0	4
Help with universal Forwarder not forwarding logs I am operating in an environment with a standalone Splunk Enterprise instance running v8.1.3 on RHEL. In my environm... by mike_k Path Finder in Getting Data In 03-01-2022 0 9	0	9
How to Visualize Performance Metrics using IT essentials Work? Hello, Thank you for taking the time to consider my question. I'm trying to visualize the health of several windows &... by elaborateGecko Explorer in Getting Data In 02-28-2022 0 2	0	2
How to create an alert when a new forwarder is added to deployment server? I'm looking for a way to report/alert anytime a new forwarder is added to my deployment server. I've tried searching ... by merrelr Path Finder in Getting Data In 02-28-2022 1 9	1	9
Why are all events being filter except for EventCode 0 when filtering Windows Events? Hi I'm filtering windows events from the Heavy Forwarder, everything works fine, all events are filtered except for E... by splunkcol Builder in Getting Data In 02-28-2022 0 2	0	2
Has Anyone Integrated DynaTrace Data into Splunk? Are you able to capture client-side events? Has integrating DynaTrace data added more visibility into your operation... by skoelpin SplunkTrust in Getting Data In 02-28-2022 1 6	1	6
Getting Data to Splunk from clients outside our LAN I am trying to setup our Splunk architecture to be able to receive events from clients/workstations outside our local... by mmeredith New Member in Getting Data In 02-28-2022 0 1	0	1
Why am I receiving error when adding tenant to Microsoft O365 add-on for API calls? Hi all, I'm trying to set up the Splunk Ad-On for Microsoft O365 https://docs.splunk.com/Documentation/AddOns/releas... by ojay Path Finder in Getting Data In 02-28-2022 0 0	0	0