Getting Data In

Community Activity

forward index to new index I inherited an old splunk environment where all data was indexed into the main index. I have setup a new environment ... by MasteringIT Explorer in Getting Data In 02-01-2022 0 3	0	3
Troubleshooting a file monitor on Universal Forwarder I currently have a Universal Forwarder running on a linux syslog server with a bunch of file monitors in place such a... by mike_k Path Finder in Getting Data In 02-01-2022 0 10	0	10
Retrieving the "tag" and line "field" in docker logs (http collector / json format) Hi,I am using Splunk 8.2.1 and I have configured the docker daemon to send logs to Splunk via an HTTP collector.I hav... by bvivi57 Observer in Getting Data In 02-01-2022 0 1	0	1
How to add and parse XML data in Splunk? how parsing xml data ? <v8e:Event><v8e:Level>Information</v8e:Level><v8e:Date>2022-01-26T16:20:24</v8e:Date><v8e:App... by gitingua Communicator in Getting Data In 02-01-2022 0 1	0	1
send a subset of logs via syslog to a Third Party and all logs to Indexer Hi at all,I have a problem that is described many times in Splunk docs but I didn't find my Use Case:I have to send a... by gcusello SplunkTrust in Getting Data In 01-31-2022 1 3	1	3
Import registry (regedit) data into Splunk. What i would like to do is to take this form from regedit,and splash it into Splunk.I have exported data from \WMI\Au... by bogdan_nicolesc Communicator in Getting Data In 01-31-2022 0 7	0	7
Monitoring of UF Connectivity on port 9997 to Non Splunk Destinations Hi There, Good day , Is there a SPL based set up to look for UF connectivity on port 9997 to Non Splunk Destinatio... by mel_arce Engager in Getting Data In 01-31-2022 0 4	0	4
HF not receiving logs from UF Hi Splunkers,We have configured 3 new heavy forwarder in our splunk enterprise where 2 HF was already working.Now we ... by anil8 Loves-to-Learn Everything in Getting Data In 01-31-2022 0 22	0	22
Windows_TA input blacklist does not work after windows update Hi all,after the last Windows update (JAN-2022) a windows_TA input blacklist filter for security logevents does not w... by Jil_com New Member in Getting Data In 01-31-2022 0 0	0	0
Extract Time Picker text generated by Splunk Enterprise into a token for use in a report I am trying to set a token ($TimeFrame$) to contain the same text as displayed by the Time Frame filter after having... by drtwite New Member in Getting Data In 01-31-2022 0 3	0	3
Help on an input time token HelloI use an input time token called "timepicker"<earliest>$timepicker.earliest$</earliest> <latest>$timepic... by jip31 Motivator in Getting Data In 01-28-2022 0 6	0	6
syslog messages showing the exact same _time for one network only, regardless when sent in Hi.For about a month, Splunk was receiving syslog messages and indexing the time sent to it into the _time field corr... by loganseth Path Finder in Getting Data In 01-28-2022 0 7	0	7
Is there anything I can do upstream to keep field names with dots? I've made a stupid. I tried to make all of my field names a little more heirarchical and went to a field.subfield.sub... by blurblebot Communicator in Getting Data In 01-28-2022 4 8	4	8
Splunk for Financial Information eXchange (FIX) protocol logs Hi,I can only find old articles on this so apologies if I've missed something...Does anyone use Splunk for FIX.5.0? I... by CStroud Engager in Getting Data In 01-28-2022 0 2	0	2
Not able to export in preferred time zone I'm having an issue on my SHC, running a simple stats count by _time for any particular index, the _time comes throug... by parbo Observer in Getting Data In 01-27-2022 0 0	0	0
Sourcetype Identification Hi,There is some host which is reporting to Splunk with a different sourcetype. We want to filter all the host which ... by Sandy Explorer in Getting Data In 01-27-2022 0 7	0	7
Need help modifying inputs.conf on several clients how can I pull and modify the inputs.conf file on over 2000+ universal forwarders?Can I do this by running a script ... by tam82 Explorer in Getting Data In 01-27-2022 0 8	0	8
Would like to reformat event at ingestion time to avoid rex/rename in queries Currently the app I'm working on generates log events in the following (simplified/obfuscated) format before they are... by elumpkinTnaa Explorer in Getting Data In 01-27-2022 0 5	0	5
transforms.conf not working I have events like this comin from Heavy forwarder"geo": {"continent": "NA", "country": "UK", "city": "LONDON"}, "hos... by prashant_kumar_ Explorer in Getting Data In 01-27-2022 0 2	0	2
help to display the difference between a search results and a lookup results hiI use a basic search which returns results by site \| stats count(x) as x, count(y) as y by site In a lookup I have... by jip31 Motivator in Getting Data In 01-27-2022 0 14	0	14
Can Splunk forward logs to Azure blob storage ? by dm1 Contributor in Getting Data In 01-27-2022 0 1	0	1
Splunk AWS Blacklist on AccountID - Splunk Cloud Hi, I am currently using the AWS Add-on for Splunk, and am looking to see if I can blacklist based on regex other tha... by SplunkJ1 Loves-to-Learn Lots in Getting Data In 01-27-2022 0 3	0	3
Configuration Validation: Routing and Forwarding I am building a new Splunk environment, and due to the number of clients we have, we are building a simple distribute... by MasteringIT Explorer in Getting Data In 01-27-2022 0 7	0	7
Best CISCO app for Cisco TACACS data? Good Morning Splunk Land,I am looking to ingest an older data set from CISCO known as CISCO TACACS. Does anyone have ... by dmacgill Explorer in Getting Data In 01-27-2022 0 1	0	1
Time format Hi Team, How to write the time format for 2021-07-30T03:22:00.0000000Z, the below one is not working%Y-%m-%dT%H:%M:%S... by VijaySrrie Builder in Getting Data In 01-26-2022 0 1	0	1