Getting Data In

Discussions

Thread Info

Epoch time returning wrong date far in the future

Hi folks, Instead of using the _time to convert the Epoch time into something more readable. I want to use deviceC...

by Communicator in

Syslog and UDP (Data Input)

I had a EC2 syslog client and a MacOS which installed the Splunk Enterprise. I want my Splunk Enterprise to be my sys...

by Engager in

How to unzip and parse json.gz files

I am using Splunk Add-on for Amazon Web Services to ingest json.gz files from an s3 bucket to Splunk. However Splunk ...

by New Member in

Firehose through HTTP Event Collector generates duplicate log records

Hello everyone, I am streaming CloudWatch logs to SPLUNK through Firehose, and I faced the following issue: Some ...

by Loves-to-Learn in

Does the indexer acknowledgement queue/list persist across Splunk restarts?

I'd like to user indexer acknowledgement in my HA setup when forwarding from a primary indexer which receives events ...

by Builder in

How apply SEDCMD after TRANSFORMS?

Hello All, My issue is: We are receiving files from Source1, where are more types of logs. We want to split them...

by Explorer in

Where do I change the maximum Message body length?

I'm trying to get a large text file ingested using the HEC. In my searches for the data, I see events that say "Mess...

by Communicator in

Props.conf wild card help

Hi, I have the below source, values in Red will keep changing source="/Application/logs/b80be40606aa7860f7de0c7ff...

by Path Finder in

Splunk Add-On for Linux Compatability

I am using the Splunk Add-On for Linux on my deployment server (which is a windows server) and trying to use this to ...

by Path Finder in

/bin/false as loginshell for splunkforwarder

Hi, is it possible to use /bin/false as a loginshell for the user running splunkforwarder? The splunkforwarder...

by Path Finder in

Monitoring Netbackup using Splunk

What integrations are available (TA, REST, Syslog etc.) to monitor netbackup from Splunk

by Explorer in

WMI - non-standard event log

I managed to set up my WMI event-polling setup and it mostly works. Mostly, because it doesn't pull events from non...

by SplunkTrust in

How to connect Oracle Access Manager to Splunk?

Hello everybody, i need to connect an instance of Oracle OAM to Splunk. Do you have any suggestion on how to achi...

by Engager in

Windows server 2012 registry error display in Dashboard

Hello everyone, How to get/tag the registry services from windows server and display in dashboard showcasing as fau...

by New Member in

How to exclude certain logs from indexing

is there a way to exclude all logs being indexed for a certain field for eg : sourcetype=azs container_name=moss-...

by Observer in

WMI input error

Ehhh, I'm trying to set up polling for remote events using WMI (yes, I know it's easier to install UF on the destinat...

by SplunkTrust in

Ingestion of CSV files via monitoring stanza

Good day. I have a CSV File like this. I wanted to do this ingestion via monitoring in inputs. And we should not use ...

by Engager in

Extracting JSON keys as values

Hi all.Background is I have recently acquired a JSON feed via Kafka but the schema was developed with other uses in m...

by Explorer in

Time Conversion of Cisco FTD Logs

I have several Cisco FTD devices (managed by Cisco FMC) that are sending syslog messages to splunk. Here is the forma...

by Engager in

F5 BIG-IP linebreaking

Hi Splunkers! I have a problem with line breaking in Splunk add-on F5-bigip. I've tried some regex to break the lin...

by Path Finder in

Splunk Log4J2 Appender in Spring Boot with Maven

I have a simple Maven configuration where I know the following is on the classpath (I can verify it at runtime before...

by Explorer in

Ingesting XML and Classic WinEventLogs issue (renderXml=false)

I've recently updated the Splunk_TA_windows from version 4.1.8 to version 8.12. As I went through the documentation I...

by Engager in

How to index Kubernetes STDOUT data in Splunk?

Need your help, Can you please tell us, how to receive Kubernetes STDOUT data in Splunk Enterprise? Kubernetes is ...

by Builder in

Salesforce AsyncApexJob only ingests once

I feel like this is a known issue & I feel like it's been around for a while, reaching out to see if anyone has worke...

by Explorer in

Syslog-NG: Two Destinations but different syslog messages

I am trying to control ingest rate into Splunk Cloud. I have some firewalls that are very chatty. The firewalls thems...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Epoch time returning wrong date far in the future

Syslog and UDP (Data Input)

How to unzip and parse json.gz files

Firehose through HTTP Event Collector generates duplicate log records

Does the indexer acknowledgement queue/list persist across Splunk restarts?

How apply SEDCMD after TRANSFORMS?

Where do I change the maximum Message body length?

Props.conf wild card help

Splunk Add-On for Linux Compatability

/bin/false as loginshell for splunkforwarder

Monitoring Netbackup using Splunk

WMI - non-standard event log

How to connect Oracle Access Manager to Splunk?

Windows server 2012 registry error display in Dashboard

How to exclude certain logs from indexing

WMI input error

Ingestion of CSV files via monitoring stanza

Extracting JSON keys as values

Time Conversion of Cisco FTD Logs

F5 BIG-IP linebreaking

Splunk Log4J2 Appender in Spring Boot with Maven

Ingesting XML and Classic WinEventLogs issue (renderXml=false)

How to index Kubernetes STDOUT data in Splunk?

Salesforce AsyncApexJob only ingests once

Syslog-NG: Two Destinations but different syslog messages

Best Strategies to Optimize Observability Costs

Fueling your curiosity with new Splunk ILT and eLearning courses

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Unable to send events through log4j in Spark to S...

Edge Processor Destination not showing up in Pipel...

Palo alto Strata logging service logs

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...