Getting Data In

Discussions

Thread Info

black list regex files starting with a period (.)

I have seen a few regex examples on this and I have used the regex tools online to test my regex to blacklist files t...

by Explorer in

Field alias on extracted fields not working on all fields

I got an issue with a few field alias on extracted fields from a json log This is done on a search head and done in t...

by Path Finder in

Data input script stop !

I am collecting logs every 5 seconds using a script.However, script execution is suddenly stopped.Why does the script...

by Loves-to-Learn in

Ingesting logs from rsyslog

Im furious............ 2 hosts ( physical ) :: both Ubuntu Server. Read about Splunk and how dibi **bleep**s GHA ( ...

by Observer in

Need to install Jira module in python splunk .

Need to install Jira module in python splunk . But it is not getting installed . How to install any custom modul...

by Loves-to-Learn Lots in

How do you create saved search using REST API call?

Works in curl: curl -k -u admin:changeme http://localhost:8089/servicesNS/admin/search/saved/searches -d name=MySa...

by New Member in

Problem anonymizing data in Splunk

We want to anonymize the usernames in the following event using sed script. Raw event: {"externalId": null, "stat...

by Explorer in

Dropdown

Hi, if input is add then show all data, if input is delete show only the added data to delete in splunk Add ...

by Path Finder in

Splunk enterprise not receive any data from Universal Forwarder

Hi, I'm a trial user for Splunk. I have a setup in Azure: One Azure VM running Splunk Enterprise and four Azure ...

by Loves-to-Learn in

Can splunk recognize Chinese character timestamp

1.How can I extract timestamp to correct time as following ?2020/12/29 下午 02:39:45 "下午" means PM ==> 2020/12/29...

by Loves-to-Learn Lots in

What is the CPU & memory utilization of Splunk Forwarder?

Hi Friends, I want to know 2 things as mentioned below: What is the typical CPU & Memory consumption of Splunk ...

by New Member in

Splunk Add-on for Microsoft Office 365 - M365 Enterprise Mobility + Security E3 Subscription

Hi,I have a question related to the subscription of M365 services. Will the Splunk Add-on for Microsoft Office 365 ca...

by New Member in

Log ingestion Via HEC - Huge log volume

Hi All, We are ingesting huge volume of logs from fluentd to splunk via HEC method. Will there be any loss as huge ...

by Contributor in

configuring a receiver - cluster master

hi, we have following setup 1 cluster master, 3 indexers, 1 deployement server, 3 search heads, 1 Heavy forwarder...

by Path Finder in

find absence of data in splunk - iis

Hello; We ingest IIS logs. Recently some of our iis calls lately haven't included the required username, causi...

by Explorer in

Regex field extracting more than one field with same name and different value

I got to extract some fields of a JSON log. Log buildup eksample:{"name":"cookie","Value":"Foo"}{"name":"cookie","Val...

by Path Finder in

Understanding how to use snowincident for servicenow/splunk integration

Hello, I am really confused on how to use the snow commands such as the ones listed here: https://docs.splunk.com/...

by New Member in

Windows Universal Forwarders no longer performing AD GUID/SID-to-value lookups after upgrade to 8.1

Greetings!We recently upgraded our UFs throughout the environment to 8.1.0, and since the upgrade, none of the Window...

by Explorer in

Routing and filtering syslog

Have Palo Alto logs being sent to syslog-ng server. A UF is on the syslog-ng and forwarding logs to Heavy Forwarder. ...

by Loves-to-Learn Everything in

Don't forward old IIS Logs to Splunk

Hello All! I am configuring Splunk in different servers to send the IIS Logs. I am doing it by adding the IIS Log F...

by Engager in

Getting Data In

Discussions

black list regex files starting with a period (.)

Field alias on extracted fields not working on all fields

Data input script stop !

Ingesting logs from rsyslog

Need to install Jira module in python splunk .

How do you create saved search using REST API call?

Problem anonymizing data in Splunk

Dropdown

Splunk enterprise not receive any data from Universal Forwarder

Can splunk recognize Chinese character timestamp

What is the CPU & memory utilization of Splunk Forwarder?

Splunk Add-on for Microsoft Office 365 - M365 Enterprise Mobility + Security E3 Subscription

Log ingestion Via HEC - Huge log volume

configuring a receiver - cluster master

find absence of data in splunk - iis

Regex field extracting more than one field with same name and different value

Understanding how to use snowincident for servicenow/splunk integration

Windows Universal Forwarders no longer performing AD GUID/SID-to-value lookups after upgrade to 8.1

Routing and filtering syslog

Don't forward old IIS Logs to Splunk

Using Splunk Universal Forwarder and scripted inpu...

why Splunk is not able to index all the data from ...

Monitor Server Transaction Log File (.ldf) on Splu...

Collect Perfmon counters data for ASP.NET & Paging...

Splunk eStreamer for FMC version 4.011 setup page...