Getting Data In

Community Activity

HEC Configuration Certificate required? We have a commercial appliance that requires a HEC configuration in Splunk to ingest data. I have configuration the ... by agallegos Engager in Getting Data In 01-07-2022 0 4	0	4
About specification of "initCrcLength" option and "crcSalt" option. About initCrcLength I know that changing initCrcLength option cause reindex and ignoreOlderThan option is workaround... by yutaka1005 Builder in Getting Data In 01-07-2022 0 4	0	4
Splunk windows logs to Snare central Hi Am trying to collect the windows logs from DCs and send them to both Splunk indexer and Third party System (Snare... by rajeshmetso Engager in Getting Data In 01-07-2022 0 0	0	0
Organizing Logs I'm new and a novice to Splunk although i have installed, setup and played with searches in Splunk in a lab.My questi... by NeoJim New Member in Getting Data In 01-07-2022 0 3	0	3
Splunk Add-on Builder REST data input pagination Hi,I've recently started working with the Splunk Add-on Builder to quickly query and index data from a REST API of on... by yotamcp Engager in Getting Data In 01-06-2022 1 2	1	2
Windows universal forwarder with a static config for Sysmon logs I was hoping if someone can help me. We are looking into deploying Sysmon and the Universal forwarder remotely in ver... by ng87 Path Finder in Getting Data In 01-06-2022 0 4	0	4
ServiceNow Inputs.conf Filter Data by field value We use the Splunk ServiceNow TA - both on collecting data from ServiceNow and creating incidents via the Splunk alert... by brdr Contributor in Getting Data In 01-06-2022 0 2	0	2
Data capture I need a splunk service for my client buying Bitdefender cyber security but wants a solution to add on to capture HTT... by spino1021 New Member in Getting Data In 01-05-2022 0 1	0	1
Parsing multiline does not working as expected Hello Splunkers,i need help.I have multiline logs looking like: 01/04/22 03:00:00 MONITOR_RAP: blah blah: blah ; bl... by TheEggi98 Path Finder in Getting Data In 01-05-2022 0 2	0	2
Can I delete files after they are indexed? Hi,I'm currently forwarding files from my forwarder to the Indexer. For the purpose of housekeeping, can I safely del... by wu_weidong Path Finder in Getting Data In 01-05-2022 0 1	0	1
Can we avoid Splunk indexing lines from a file that gets overwritten? We have a process that writes log lines to a log file. Every 15 min the entire log file is overwritten. If there are ... by yashgt New Member in Getting Data In 01-04-2022 0 0	0	0
Syncing searches from SIEM Rules Hi,Is anyone syncing detection content (searches) on SIEM Rules (https://www.siemrules.com/) to their Splunk instance... by 0x33kdg New Member in Getting Data In 01-04-2022 0 0	0	0
sslRootCAPath at server.conf SSL is already complex one, this poor documentation adds the fuel to the fire https://docs.splunk.com/Documentation/... by inventsekar SplunkTrust in Getting Data In 01-04-2022 2 4	2	4
"Next year" events on the turn of the year. I have syslog-pushed events which behave... weirdly around the end of the year.As we all know, there might be some de... by PickleRick SplunkTrust in Getting Data In 01-04-2022 0 2	0	2
Splunk - openshift DaemonSet deployment error I was trying to get DaemonSet up and runninggot below errors while getting pods ready[error]: #0 unexpected error err... by ayush-choudhary Explorer in Getting Data In 01-03-2022 1 0	1	0
/services or /servicesNS in REST API Hello !Can someone tell methe difference between /services and /servicesNS when using the Splunk REST API p... by rolyrolex Path Finder in Getting Data In 01-02-2022 1 3	1	3
how to exclude in _MetaData:Index I noticed in our environment, from many uf, the internal logs were indexed under a different index name. After invest... by AllenZhang Explorer in Getting Data In 01-02-2022 0 2	0	2
schedule csv output for report Hello Splunkers, I am trying to find a way to e-mail a report I have already setup to e-mail a .csv of the report. Cu... by lbogle Contributor in Getting Data In 12-30-2021 0 3	0	3
universal forwarder for domain machines Hi all,Is it possible to configure universal forwarder in one machine that collect logs from all other domain machine... by engrimranzakir Explorer in Getting Data In 12-30-2021 0 3	0	3
Monitoring Latest File Only I am looking to monitor a folder audit that contains list of files which gets generated everyday automatically, below... by ashvinpandey Contributor in Getting Data In 12-30-2021 0 6	0	6
Collect data from WEC to which other machines send logs Hello. I have windows№1 who sending logs to my windows№2 (WEC) on which i have UF (windows_TA) who collecting data an... by test_qweqwe Builder in Getting Data In 12-30-2021 0 5	0	5
UF in a lab VM Hi all, I am using Splunk Cloud and would like to configure a universal forwarder in a VM on a non-domain joined lap... by armindorod New Member in Getting Data In 12-29-2021 0 2	0	2
Cisco Switch Data Hello,We have multiple Cisco Switches that are configured to send logs to Splunk. When comparing the logs on the swi... by mcrist3 Explorer in Getting Data In 12-29-2021 0 4	0	4
Queries for an API user getting queued We have a Splunk cluster that is shared by multiple users/teams. We've set up an API user that makes calls to Splunk... by boazr Explorer in Getting Data In 12-29-2021 1 1	1	1
JSON events duplicate extractions I've got a log file that I am monitoring and where I am using a props.conf on the UF to monitor. I'm using the follow... by dtow1 Path Finder in Getting Data In 12-28-2021 0 0	0	0