Getting Data In

Community Activity

	How to parse this kind of log I have this kind of log:Mar 18 02:32:19 MachineName python3[948]: DEBUG:root:... Dispatching: {'id': '<id>', 'type': ... by Na_Kang_Lim Path Finder in Getting Data In 03-28-2025 0 8	0	8
	Why can't I download from OpenCTI Stream Feed into Splunk? Hi,I just want to input OpenCTI feed from OpenCTI to Splunk.I followed installation instruction.https://splunkbase.sp... by goji Path Finder in Getting Data In 03-28-2025 0 3	0	3
	SSL/TLS Configuration on Splunk Forwarder (Windows) Hello,I’ve been reviewing the documentation for configuring SSL/TLS on a Splunk forwarder, but I couldn’t find the sp... by BRFZ Communicator in Getting Data In 03-28-2025 0 9	0	9
	import vendor security advisories for comparison with inventory Hello,Can Security Essentials import security advisories from vendors like Broadcom or Microsoft?I would like to comp... by Andre_ Path Finder in Getting Data In 03-27-2025 0 2	0	2
	CyberArk Audit for Splunk Is there any documentation on creating an input for this app? (https://splunkbase.splunk.com/app/6608)I installed the... by vh Explorer in Getting Data In 03-27-2025 0 6	0	6
	How to combine multiple data input into one with different polling interval Hi Team,How to combine multiple data input into one, basically I am having 5 different data inputs where I am taking ... by KJ10 Loves-to-Learn Lots in Getting Data In 03-27-2025 0 3	0	3
	Issue with file csv monitoring Dear Splunkers!!I am facing an issue with Splunk file monitoring configuration. When I define the complete absolute p... by uagraw01 Motivator in Getting Data In 03-27-2025 0 8	0	8
	LINE_BREAKER is being ignored Hi Community,I have a JSON data source that I am trying to get into Splunk via a heavy Forwarder using a custom built... by dolj Explorer in Getting Data In 03-27-2025 0 6	0	6
	Index searchable retentions questions Hi team,i have a index with 4 sourcetype. index has searchable retention of 4 months.is there any way we can keep sa... by cbiraris Path Finder in Getting Data In 03-27-2025 0 5	0	5
	Splunk Add on for MS Azure - not reciving the appliedConditionalAccessPolicies from Azure AD Signin Logs? We had a problem with our Microsoft Azure plugin since July. The field appliedConditionalAccessPolicies: [ [ - ] ] mi... by mkhasan New Member in Getting Data In 03-26-2025 0 1	0	1
	transforms.conf not working as expected I have below configurations in transforms and props config files to change the source name of my events from upd:9514... by Avantika Explorer in Getting Data In 03-25-2025 0 9	0	9
	How to resolve "SSL23_GET_CLIENT_HELLO:unknown protocol" error on our indexer? I'm setting up a Splunk Indexer (Splunk Enterprise 6.4.1) on CentOS 6.8 64-bit. I do have the Splunk Add-on for Micr... by kermitshort Explorer in Getting Data In 03-25-2025 0 14	0	14
	traffic events not getting routed to nw_fortigate and non-traffic events not getting routed to os_linux traffic events not getting routed to nw_fortigate and non-traffic events not getting routed to os_linuxCan someone he... by sureshkumaar Path Finder in Getting Data In 03-24-2025 0 7	0	7
	splunk alert triggering multiple incidents instead of single incident Hi All,I have a splunk alert that is having this search query:index="dcn_b2b_use_case_analytics" sourcetype=lime_proc... by avi123 Explorer in Getting Data In 03-24-2025 0 5	0	5
	Configuring Logstash to send files to Splunk Hello all,So I'm very new to Splunk, like I've been playing around with it for less than 3 months. I have been taske... by Fr3nchee Engager in Getting Data In 03-24-2025 0 4	0	4
	Sending Appdyanmics CPU, Memory and Disk metrics to Splunk Hi All,We have requirement to onboard the Infrastructure metrics (CPU, Memory and Disk ) monitored using Appdyanics t... by SplunkSN Loves-to-Learn Everything in Getting Data In 03-21-2025 0 1	0	1
	splunk alert raising multiple SNOW tickets that are not stopping until I disable the alert when I run this search query in splunk search and reporting apps my output looks like this as mentioned below Search... by avi123 Explorer in Getting Data In 03-20-2025 0 2	0	2
	How to configure the load balancer to handle HEC data? We are in a transition from sending the data through HFs to sending the data directly to the indexers and we wonder h... by danielbb Motivator in Getting Data In 03-18-2025 0 3	0	3
	Do we need to run an indexer rolling restart when getting new HEC data stream? We are transitioning from getting the HEC data through HFs to getting it directly to the indexers and we are wonderin... by danielbb Motivator in Getting Data In 03-18-2025 0 4	0	4
	New source type with regex not working correctly I've created a new source type with a regex. It was working but I found an edge case where it was broken. I rewrote t... by tchamp Explorer in Getting Data In 03-17-2025 0 3	0	3
	Creating a new sourcetype and performing transforms on it in the same TA If I have a transforms.conf like the below:[ORIGIN2]REGEX = (?:"id":"32605")FORMAT = sourcetype::test-2DEST_KEY = Met... by ra__22 Explorer in Getting Data In 03-17-2025 0 5	0	5
	AIX UF extract checksum error When I try to install the UF for AIX, it fails to extract to with a checksum errorAIXSERVER:/nim/media/SOFTWARE/splun... by BookerRick New Member in Getting Data In 03-17-2025 0 2	0	2
	Line breaking source types I am trying to fix the issue of my zeek logs not being broken into separate events. These logs are in json format and... by mstodola New Member in Getting Data In 03-15-2025 0 4	0	4
	Change a sourcetype at the indexer Hello,I'm to try changing the sourcetype at the indexer level based on the source. First question is that possible o... by ITSplunk117 Path Finder in Getting Data In 03-14-2025 0 6	0	6
	ERROR: Tor IP are not updating in lookup If you download https://splunkbase.splunk.com/app/7208 Full Tor Node List Lookup App, it comes already with a csv fil... by chetan_patidar Engager in Getting Data In 03-13-2025 0 0	0	0