Getting Data In

Community Activity

Need to monitor only 4 hosts - data on boarding Hello Team, Splunk UF has been installed in all our 1000+ windows servers and we are monitoring those logs. Now the s... by kiranpanchavat1 Path Finder in Getting Data In 12-26-2021 0 1	0	1
Calculate duration of two different events I have logs which shows the job status ( Running, succeeded and failed) and all jobs have unique job id , now I want ... by rishabhpatel20 Explorer in Getting Data In 12-25-2021 0 2	0	2
Timerange as an argument I am working on using the same time range as an argument used in the Time range picker. how do I do that?\|metadata i... by Raghul_S Engager in Getting Data In 12-24-2021 0 2	0	2
Lines in log file not indexed if line has time stamp from the past Hello all,One of our home grown apps copies logs to a directory monitored by Splunk once a day around midnight. Splun... by loligator New Member in Getting Data In 12-23-2021 0 4	0	4
SC4S and Universal Forwarders Hello,I am new to Splunk and working on getting our environment setup correctly. I have a SC4S server setup and wor... by njusticesnb Engager in Getting Data In 12-23-2021 0 1	0	1
Heavy Forwarder config I need to Forward All Windows Security/Application/system logs to 2 Separate Splunk instances with different Index na... by tam82 Explorer in Getting Data In 12-23-2021 0 0	0	0
What is the best way to re-run a summary index to collect missed events after an outage? Hi - Let's say you have a scheduled query / report that runs daily (at mid-night) looking over a time range of Last 2... by Glasses Builder in Getting Data In 12-23-2021 0 2	0	2
Remove first part of string before creating a JSON source type HI I have used the below answer to get me 95% to a full solution, but i just cant get the last bit. https://answers.... by robertlynch2020 Influencer in Getting Data In 12-23-2021 1 7	1	7
Splunk server uptime - missing Splunk server details Hi all, I am running the below query, I get responses from some of my Splunk servers but not all ? \| rest /services... by pbrinkman Path Finder in Getting Data In 12-22-2021 0 6	0	6
How to limit the use of resources like memory and CPU by Universal Forwarder? I'm monitoring AD and DNS Server logs on Windows 2019 servers and Universal Forwarder has been the resource utilizati... by jfeitosa_real Path Finder in Getting Data In 12-22-2021 0 1	0	1
How to resolve "Problem replicating config (bundle) to search peer 'xxxxx.yyyy.com:8089', got http response code 400 HTTP/1.1 400 Unparsable URI-encoded request data."? Have 1 indexer and 1 search head. Separate VM's. When trying to view indexed data from search head UI we receive the ... by ksoucy Path Finder in Getting Data In 12-22-2021 1 7	1	7
How to monitor HAproxy logs of server in Splunk Hi @gcusello ,Could you please help me to monitor HA proxy logs of server in Splunk. What should be the steps that ne... by rahul2gupta Path Finder in Getting Data In 12-22-2021 0 3	0	3
HTTP Event collector Hi @gcusello ,I am curious to know why I am able to see HTTP Event collector under the Data Inputs on my Indexer wh... by rahul2gupta Path Finder in Getting Data In 12-22-2021 0 2	0	2
filtering cisco devices with syslog-ng.conf to avoid catchall Hello- I'm trying to filter cisco logs so that all data shows up in it's own folder in syslog-ng. However only some ... by agw Path Finder in Getting Data In 12-21-2021 0 2	0	2
Splunk Docker - Which is the right folder for props.conf (and other config files) Hi,I have found several locations with a props.conf in my Docker splunk:8.2 image: ./opt/splunk/etc/apps/legacy/defau... by pmcl77 Loves-to-Learn Lots in Getting Data In 12-21-2021 0 3	0	3
Performance in Virtual versus Hardware Indexers for large and growing Enterprise Splunk instantiations We have an Enterprise Splunk instantiation that has clustered virtual indexers. We have been advised that we need re... by swagner1965 Path Finder in Getting Data In 12-21-2021 0 2	0	2
TAXII 2.1 Inputs (Without Splunk Enterprise Security) Hi all!I know ES ships with a TAXII client to ingest threat intel over TAXII.Does anything exist for users who do not... by himynamesdave Contributor in Getting Data In 12-21-2021 0 2	0	2
Splunk Hi, I would like to know to the commands and procedures for failures happen for splunk1. What if deployment server fa... by Atchyuth_P Path Finder in Getting Data In 12-21-2021 0 1	0	1
avoid some events Hi Team,We are collecting data from Alibaba cloud through a heavy forwarder (using Alibaba add-ons) and pushing the d... by roopeshetty Path Finder in Getting Data In 12-21-2021 0 2	0	2
Indexes are randomly removed from roles Hi everyone,Currently we're dealing with an odd one on the Enterprise search head (we're using 8.2.3). We have multip... by DariusCrisan New Member in Getting Data In 12-20-2021 0 1	0	1
Filter splunk data to reduce ingestion size We are transferring log using log drains and using token created using HTTP event collector. We need to filter data ... by splunk2xconnect Observer in Getting Data In 12-20-2021 0 2	0	2
Role of Heavy Forwarder between UF and Indexer Hi,Indexer can do Parsing and Indexing then why do we use HF between UF and Indexer? by VijaySrrie Builder in Getting Data In 12-18-2021 0 4	0	4
Intermediate Forwarder in Splunk cloud Hi,Why do we use IF in Splunk cloud.I know HF can work as IF, then why don't we call it as HF itself??What will happe... by VijaySrrie Builder in Getting Data In 12-18-2021 0 1	0	1
Props.conf not picking up linemerge Lines in my sourcetype are not being picked up correctly at all. Each event is being split into dozens of lines. Al... by markhvesta Path Finder in Getting Data In 12-18-2021 0 6	0	6
How to reset Splunk UF to re-monitor a single directory, not all directories? Hi -I have a Splunk UF monitoring many directories on a rsyslog (receiver) server.One of the directories populated wi... by Glasses Builder in Getting Data In 12-17-2021 0 1	0	1