Getting Data In

Community Activity

Heavy Forwarder based Transforms - splitting events to send to different sourcetypes without losing data? Hey everyone!I have what I would consider a complex problem, and I was hoping to get some guidance on the best way to... by AHBrook Path Finder in Getting Data In 12-09-2021 0 2	0	2
Replication factor calculation Hi,I have 2 sites2 Indexer cluster master2 deployers30 Indexers30 Search HeadsWhat is the Replication factor and sear... by VijaySrrie Builder in Getting Data In 12-09-2021 0 2	0	2
Splunk_TA_Windows 8.2.0 - User DN incorrect extraction Edit: After working with Splunk support, this issue is fixed in TA version 8.5.0. I recently upgraded our Windows TA ... by pizzor Path Finder in Getting Data In 12-09-2021 0 0	0	0
How to route to index by Source Hi All,Having an issue trying to route events to an index by source, posting as a new question as I've not found anyt... by danielrichards Explorer in Getting Data In 12-09-2021 0 4	0	4
Any service to use GetMetricsData API from cloudwatch Hey team, we have integrated Splunk in our app, and we are using it for the last few days. And we wanted to know that... by ModernLogik New Member in Getting Data In 12-08-2021 0 0	0	0
McAfee ePO Splunk Cloud Hello!We want to integrate McAfee ePO into a Splunk Cloud, but we only found tutorials on syslogging data. I've been ... by N3Char New Member in Getting Data In 12-08-2021 0 2	0	2
How do I delete from the 'main' index I have a standalone instance of Splunk Enterprise. I uploaded a few XML files to perform some testing and now I want ... by lstewart_splunk Splunk Employee in Getting Data In 12-08-2021 2 6	2	6
Index-time extraction and non-indexed field Hi there.I was wondering...All the docs and howtos regarding index-time extractions say that you need to set field to... by PickleRick SplunkTrust in Getting Data In 12-08-2021 0 5	0	5
Tail/Batch readers confusion I'm having more strange situations with my UF ingesting many big files.OK, I managed to make the UF read the current ... by PickleRick SplunkTrust in Getting Data In 12-08-2021 0 8	0	8
spunk perfmon.exe counters not found error in splunk internal index After windows UF upgrade from 7.1.10 to 8.2.0, we are getting the spunk perfmon.exe counters not found error in splun... by P2kumari Loves-to-Learn Lots in Getting Data In 12-08-2021 0 2	0	2
MCAS Salesforce Hi,How to ingest MCAS Salesforce logs into splunk. by VijaySrrie Builder in Getting Data In 12-07-2021 0 4	0	4
How to overcome CSV max results to email? Hello. We have a user who wants to receive some rather large reports daily. In one particular case, the search ret... by mfrost8 Builder in Getting Data In 12-07-2021 0 16	0	16
How to handle huge payloads in splunk Hello,We have a usecase where the Json payloads are more than 1 million bytes, our current truncation limit is set to... by Roy_9 Motivator in Getting Data In 12-07-2021 0 0	0	0
Custom itsi_im_metrics / what is itsi_im_metrics_indexes for? Hello,I am planning to setup some custom metrics indexes using this guide: https://docs.splunk.com/Documentation/ITSI... by jackjack Path Finder in Getting Data In 12-07-2021 0 0	0	0
Clone events to 2 indexers Hello everyone,Here's the situation :indexer1, deployment server roleindexer 2fowarder 1. I distributed via the deplo... by emallinger Communicator in Getting Data In 12-07-2021 0 14	0	14
How to Watch Multiple Log Files with Similar Names with Universal Forwarder Hi, I'm setting up Splunk Universal Forwarder to watch logs generated from an application I have in AWS Elastic Beans... by yourknightmares Explorer in Getting Data In 12-07-2021 0 2	0	2
What is meant by Splunk integration? Hi, what do you mean by integrating and application with Splunk and what are the steps? by Mohsin123 Path Finder in Getting Data In 12-07-2021 0 2	0	2
How to extract ingested data and display in interesting fields ? Example: MyNameisKumar I want name=kumar from this ingested Data . Please help me with the solution by Kumar2 Loves-to-Learn Lots in Getting Data In 12-07-2021 0 2	0	2
Multiple regex conditions in transforms.conf Hi , I have a transforms to send logs from prod hosts to one index and from non prod to other. Transforms:[prod]DEST_... by Abha11 Explorer in Getting Data In 12-07-2021 0 1	0	1
Log events are missing Hello everyone,When I was trying to search source type=... Xxx and checked from date from 3 /09/2021 to 6 /07/2021 it... by anil1432 Explorer in Getting Data In 12-06-2021 0 9	0	9
Can I change TRUNCATE and MAX_EVENTS to unlimited ? I have large logs, with more than 10000 chars per line, and multiline events as large as whole XML file. They are alw... by mataharry Communicator in Getting Data In 12-06-2021 4 7	4	7
Exporting results from api search Hello, I am trying to export the results from an api search, currently I am using the curl command: curl -k -u user:p... by jmadsen1 Explorer in Getting Data In 12-06-2021 0 7	0	7
WMI and timestamp problems I'm pulling events from remote computers using WMI as described in the splunk docs. Everything seems to be going quit... by PickleRick SplunkTrust in Getting Data In 12-06-2021 0 0	0	0
How to discard extra text from a single line in events? Example: Mynameissachintendulkar .Except sachin I need to remove remaining all text .please help me with the query. T... by Kumar2 Loves-to-Learn Lots in Getting Data In 12-06-2021 0 5	0	5
Monitoring many files over CIFS At the beginning I want to say that I did search the forums and I saw the most typical responses like "use logrotate"... by PickleRick SplunkTrust in Getting Data In 12-06-2021 0 4	0	4