Getting Data In

Community Activity

	ERROR: Tor IP are not updating in lookup If you download https://splunkbase.splunk.com/app/7208 Full Tor Node List Lookup App, it comes already with a csv fil... by chetan_patidar Engager in Getting Data In 03-13-2025 0 0	0	0
	Save Output from Scripted Input in KV Store Hello,I have written a Python script that performs an API query from a system. This script is to be executed as scrip... by MrLR_02 Explorer in Getting Data In 03-13-2025 0 9	0	9
	Is it Possible to Configure a cronjob with Scripted Input Hello, I have a bash script that basically creates a cronjob. Not sure if this is allowed or not but I am able to exe... by JoshuaJJ Path Finder in Getting Data In 03-12-2025 0 4	0	4
	How to forward events from Splunk Indexer to CyberArk PTA? Q: Need to forward the data from all the indexes (Windows, Linux, etc...) to CyberArk PTA via Syslog or any other fro... by potnuru Path Finder in Getting Data In 03-12-2025 0 11	0	11
	How to Drop All Logs Under a Specific Directory and Its Subdirectories Using props.conf & transforms.conf on a Heavy For Description:I am using a Splunk Heavy Forwarder (HF) to forward logs to an indexer cluster. I need to configure props... by ParsaIsHash Loves-to-Learn Lots in Getting Data In 03-12-2025 0 13	0	13
	Windows 11 ARM Chip Support As the computer laptop field continues to grow the use of ARM based chips for Windows 11, is there an ETA on a Splunk... by clightburn1 Engager in Getting Data In 03-11-2025 0 1	0	1
	Can I ingest JSON file into an index Hi,I have a python modular input that populates an index (index_name). This ran into some gateway error issues causin... by cherrypick Path Finder in Getting Data In 03-11-2025 0 1	0	1
	Data not getting ingested into Splunk for multiple sources I have configured an app and added 7 different source files in a single inputs.conf with the same index name and sour... by sureshkumaar Path Finder in Getting Data In 03-08-2025 0 6	0	6
	Index created in Cluster Master not showing in Heavy Forwarder Hi, We have configured a data input in HF and there is an option to select index there. I have created new index in C... by Karthikeya Communicator in Getting Data In 03-08-2025 0 35	0	35
	Detailed logs from Cortex XDR I'm trying to extract endpoint data from Cortex XDR, but I don't want to see just alerts in Splunk—I need all the end... by securepoint Engager in Getting Data In 03-08-2025 0 3	0	3
	Logs to Metric Custom Format I am having difficulty converting event logs to metric data pointshttps://docs.splunk.com/Documentation/Splunk/9.4.0/... by rrossetti Splunk Employee in Getting Data In 03-07-2025 0 1	0	1
	Send the data to nullqueue except matching event I want to send the all the event to nullqueue except having match "EventType": 5000. {"EventID": 2154635, "EventType"... by RSS_STT Explorer in Getting Data In 03-07-2025 0 5	0	5
	Update Splunk Add-on for Salesforce Streaming API for cloud compatibility The current version is not available for the cloud.According to conversations with Splunk Support, the update address... by rjastrze Explorer in Getting Data In 03-06-2025 0 3	0	3
	Forwarding indexed data from an old indexer to a new indexer (not clustered) Hello,I am attempting to forward data from an older indexer to a new indexer so that I can decommission the server th... by awilly162 New Member in Getting Data In 03-06-2025 0 4	0	4
	Splunk for SAP CPQ Hi All,Is it possible to use Splunk for tracking logs from SAP CPQ, CPI, C4C? I couldn't find relevant information re... by splunkcpq1 New Member in Getting Data In 03-05-2025 0 5	0	5
	Splunk Not Collecting bash_history Logs from All Hosts in Real-Time Hello,I am trying to collect bash_history logs in real-time from multiple Linux hosts using Splunk. I have deployed t... by salikovsky Explorer in Getting Data In 03-05-2025 0 6	0	6
	Handle log rolling and index yesterday's log file we have a scenario where we roll logs everyday. we want Splunk to index log file for yesterday only. We don't want to... by shabamichae Path Finder in Getting Data In 03-05-2025 0 5	0	5
	What might be the reason for excessive logs in Windows event? I have around 800 users in my environment and the count of 4624 and 4634 is around 80,000 for the last 15 minutes. Wh... by omprakash9998 Path Finder in Getting Data In 03-05-2025 0 5	0	5
	Using existing Splunkweb certificate to secure an addtional port We have an existing Splunk 9.1.3 Enterprise environment and run Splunkweb at port 8000 using an outside CA signed cer... by ptrsnk Explorer in Getting Data In 03-04-2025 0 8	0	8
	Reindex and create new event for file when modtime changes, regardless of content I have a file I'm monitoring that changes several times a day. It is likely that sometimes the file contents will be ... by whar_garbl Path Finder in Getting Data In 03-04-2025 0 1	0	1
	Pulling data into splunk via API What is the best practice to have a Splunk heavy forwarder call out to a third party API and pull logs into Splunk. M... by dolj Explorer in Getting Data In 03-04-2025 0 2	0	2
	Splunk Add-on for Google Workspace giving 400 Error We are using the Splunk Add-On for GWS Version3.0.3 for Splunk Cloud and receiving this error when attempting to pull... by cbyrd Observer in Getting Data In 03-04-2025 0 1	0	1
	Splunk Forwarder $xmlregex I'm looking for support on my $xmlregex Blacklist. I have checked as many previous tickets as I can and I'm still stu... by ashketchum New Member in Getting Data In 03-04-2025 0 1	0	1
	universal forwarder Dear all, I have the following outputs.conf configuration:[tcpout] defaultGroup = my_indexers [tcpout:my_indexers] s... by hazem Path Finder in Getting Data In 03-04-2025 0 3	0	3
	Re: What happens when the forwarder is configured to send data to a non-existent index? Hi All I get this message but the indexes does exist, not permanent , it happens at 01:00 in the morning some days Se... by JTS911 Explorer in Getting Data In 03-04-2025 0 1	0	1