Getting Data In

Community Activity

Why I'm getting xmlwineventlog? Hello,I'm trying to get windows data from a couple servers. But instead of receiving wineventlogs I'm getting xmlwin... by cjaramilloc Explorer in Getting Data In 02-02-2022 0 1	0	1
Splunk Indexer Parsing Queue Blocking Hello,I just recently restarted my splunk enterprise instance in order to add an app and once it was back up, i notic... by ayeheyis Explorer in Getting Data In 02-02-2022 0 5	0	5
Is this a correct way to measure AWS CloudTrail ingest lag? Using the following search, I'm seeing AWS CloudTrail ingest lag between 4 and 9 hours. index=ibp_aws sourcetype=aws... by esalesap Path Finder in Getting Data In 02-02-2022 1 1	1	1
SC4S onboarding Hello,I am new to Splunk and working on getting SC4S setup correctly. My question is where do I setup the SC4S server... by blbr123 Path Finder in Getting Data In 02-02-2022 0 1	0	1
Data fields in Microsoft Office 365 Reporting Add-on for Splunk Hi,I have created an app in Azure given the permissions to the Office 365 management activity API and also created th... by robar_ismail97 New Member in Getting Data In 02-02-2022 0 0	0	0
Cannot forward one specific index between indexers I'm working on an indexer to try to forward all data ingested with IT Essentials Work + Splunk Add-on for Unix & Linu... by lenrigodoy Explorer in Getting Data In 02-02-2022 0 2	0	2
Tutorial Data upload Ive uploaded the Splunk tutorial data successfully into my Splunk enterprise instance. There is also a prices.csv.zi... by mrussell New Member in Getting Data In 02-01-2022 0 1	0	1
AS400 and Splunk Integration Hi Splunkers,Is it feasible to collect data from a DB2/AS400 server using Splunk?i.e. to collect required data which ... by sarahnazzar Explorer in Getting Data In 02-01-2022 0 4	0	4
wmi WQL query using hostname variable I am trying to get data into Splunk to show the members of the local / builtin windows groups. In particular "Adminis... by WinAdmin456 Engager in Getting Data In 02-01-2022 0 3	0	3
forward index to new index I inherited an old splunk environment where all data was indexed into the main index. I have setup a new environment ... by MasteringIT Explorer in Getting Data In 02-01-2022 0 3	0	3
Troubleshooting a file monitor on Universal Forwarder I currently have a Universal Forwarder running on a linux syslog server with a bunch of file monitors in place such a... by mike_k Path Finder in Getting Data In 02-01-2022 0 10	0	10
Retrieving the "tag" and line "field" in docker logs (http collector / json format) Hi,I am using Splunk 8.2.1 and I have configured the docker daemon to send logs to Splunk via an HTTP collector.I hav... by bvivi57 Observer in Getting Data In 02-01-2022 0 1	0	1
How to add and parse XML data in Splunk? how parsing xml data ? <v8e:Event><v8e:Level>Information</v8e:Level><v8e:Date>2022-01-26T16:20:24</v8e:Date><v8e:App... by gitingua Communicator in Getting Data In 02-01-2022 0 1	0	1
send a subset of logs via syslog to a Third Party and all logs to Indexer Hi at all,I have a problem that is described many times in Splunk docs but I didn't find my Use Case:I have to send a... by gcusello SplunkTrust in Getting Data In 01-31-2022 1 3	1	3
Import registry (regedit) data into Splunk. What i would like to do is to take this form from regedit,and splash it into Splunk.I have exported data from \WMI\Au... by bogdan_nicolesc Communicator in Getting Data In 01-31-2022 0 7	0	7
Monitoring of UF Connectivity on port 9997 to Non Splunk Destinations Hi There, Good day , Is there a SPL based set up to look for UF connectivity on port 9997 to Non Splunk Destinatio... by mel_arce Engager in Getting Data In 01-31-2022 0 4	0	4
HF not receiving logs from UF Hi Splunkers,We have configured 3 new heavy forwarder in our splunk enterprise where 2 HF was already working.Now we ... by anil8 Loves-to-Learn Everything in Getting Data In 01-31-2022 0 22	0	22
Windows_TA input blacklist does not work after windows update Hi all,after the last Windows update (JAN-2022) a windows_TA input blacklist filter for security logevents does not w... by Jil_com New Member in Getting Data In 01-31-2022 0 0	0	0
Extract Time Picker text generated by Splunk Enterprise into a token for use in a report I am trying to set a token ($TimeFrame$) to contain the same text as displayed by the Time Frame filter after having... by drtwite New Member in Getting Data In 01-31-2022 0 3	0	3
Help on an input time token HelloI use an input time token called "timepicker"<earliest>$timepicker.earliest$</earliest> <latest>$timepic... by jip31 Motivator in Getting Data In 01-28-2022 0 6	0	6
syslog messages showing the exact same _time for one network only, regardless when sent in Hi.For about a month, Splunk was receiving syslog messages and indexing the time sent to it into the _time field corr... by loganseth Path Finder in Getting Data In 01-28-2022 0 7	0	7
Is there anything I can do upstream to keep field names with dots? I've made a stupid. I tried to make all of my field names a little more heirarchical and went to a field.subfield.sub... by blurblebot Communicator in Getting Data In 01-28-2022 4 8	4	8
Splunk for Financial Information eXchange (FIX) protocol logs Hi,I can only find old articles on this so apologies if I've missed something...Does anyone use Splunk for FIX.5.0? I... by CStroud Engager in Getting Data In 01-28-2022 0 2	0	2
Not able to export in preferred time zone I'm having an issue on my SHC, running a simple stats count by _time for any particular index, the _time comes throug... by parbo Observer in Getting Data In 01-27-2022 0 0	0	0
Sourcetype Identification Hi,There is some host which is reporting to Splunk with a different sourcetype. We want to filter all the host which ... by Sandy Explorer in Getting Data In 01-27-2022 0 7	0	7