Getting Data In

Community Activity

Who to split up $SPLUNK_DB and colddb I have many indexes on my three indexers. I have attached NSF shares for the colddb. All the indexes are at $SPLUNK... by hartfoml Motivator in Getting Data In 11-17-2021 0 11	0	11
Trigger alert when 1 user deletes more than 5 files hi, I want to create an alert that will trigger when 1 user (no specific user name, just one persong from the organiz... by mishmeret Observer in Getting Data In 11-17-2021 0 3	0	3
HF doesn't accept traffic from UF Hi Splunk chaps, I'm facing problem with feeding HF from UF (HF is sending data to the cloud and this works fine). I... by slipinski Path Finder in Getting Data In 11-17-2021 0 33	0	33
How to divide yesterdays data with today's data? Hello Folks ,Need help. Every day new file generates with a FileSizeBytes value, I need to compare the yesterday's Fi... by yesh_9 Engager in Getting Data In 11-17-2021 0 2	0	2
have a need to email a CSV file into Splunk for consumption anyone have a splunkbase app that will perform this function? I wish to email a CSV file (possibly ZIPPED too) into... by mblanchard New Member in Getting Data In 11-17-2021 0 2	0	2
Splunk failed to start with errors I recently had to realign our storage. Specifically, write cold data to one NFS share and hot/warm to another. Prior ... by snyderm_dos Loves-to-Learn Lots in Getting Data In 11-16-2021 0 3	0	3
Create an alert when multiple files are deleted Hi,I am trying to create an alert that triggers when more than 5 files are deleted in less than 3 minutes from the ap... by mishmeret Observer in Getting Data In 11-16-2021 0 5	0	5
Can the Cluster Master Also Do Indexer Discovery in the outputs.conf I've got my universal forwarders and heavy forwarders doing indexer discovery through the cluster master like so ... ... by dstuder Communicator in Getting Data In 11-16-2021 1 5	1	5
Integration with service now Can Splunk be integrated with service now by mokshubajaj New Member in Getting Data In 11-16-2021 0 10	0	10
Splunk_TA_Windows clash with ADFS lookup Hi,MS ADFS will write inside WinEventLog:security and Splunk_TA_windows is watching that log and enriching with looku... by jbanAtSplunk Communicator in Getting Data In 11-16-2021 0 0	0	0
Filtering with props and transforms Hello.I have just enabled powershell logging and am now getting completely spammed with splunk forwarders running pow... by michaelnorup Communicator in Getting Data In 11-16-2021 0 2	0	2
wineventlog:security logs not receiving Few DC servers not showing source=wineventlog:security. Can someone provide the troubleshooting steps to find the wha... by hemantwcp7 Loves-to-Learn Lots in Getting Data In 11-16-2021 0 2	0	2
How to get last 1 week or current logs for inputs.conf Greetings, I have set the following configuration stanza on my inputs.conf but I am getting failures for using ignore... by NightShark Path Finder in Getting Data In 11-16-2021 0 3	0	3
K8 AWS HF Delays / Timeouts Hello, We are wondering if anyone else has experienced issues using a k8 cluster of heavy forwarders, to receive AWS ... by lavster Path Finder in Getting Data In 11-15-2021 0 0	0	0
Configuration to send OTEL format data to Splunk observability cloud We have an OTEL compliant exporter. What are the required definitions in an exporter configuration to send OTEL comp... by baddeacs New Member in Getting Data In 11-15-2021 0 0	0	0
Oracle anonymous PL/SQL block with input and output parameters from Splunk DB Connect Can DB Connect execute an Oracle anonymous PL/SQL block, with input parameters, and get the output parameters (for in... by altink Builder in Getting Data In 11-15-2021 0 5	0	5
Add data to index using REST API Hello Experts,I have recently started exploring on Splunk API's and trying to find a REST API to Add data to a splunk... by nc8668 New Member in Getting Data In 11-15-2021 0 1	0	1
stanza's for props.conf Hi,We are having bunch of HFs in our environment from HFs we have confusion from which HF is getting the data, so to ... by pchintha Engager in Getting Data In 11-15-2021 0 3	0	3
Timezone issue Hello,I have a timezone issue that I don't understand.I have two set of indexed logs in different indexes, indexed by... by gilliers Explorer in Getting Data In 11-15-2021 0 4	0	4
Splunk stopped indexing on index="main" Hello guys,I will first mention that I'm pretty new to Splunk, but I noticed that Splunk has stopped indexing and get... by lana0203 Loves-to-Learn Lots in Getting Data In 11-14-2021 0 1	0	1
Route events to different indexes based on hostname Hi, I want to send data to x index if the host is non prod and host name is like abc-nprd* for /var/logHowever, wou... by Abha111 Loves-to-Learn Lots in Getting Data In 11-14-2021 0 1	0	1
Drop Down based on its filename I have a filename like this-11112021_MOS.csv-12112021_MOS.csv-13112021_MOS.csv I want to create drop down based on th... by Azwaliyana Path Finder in Getting Data In 11-14-2021 0 1	0	1
nullQueue question - Palo Logs Hi Splunk folks, My team is seeing a pesky issue with Palo Alto logs where a small subset are not being sourcetyped i... by danielfurtaw Engager in Getting Data In 11-13-2021 0 1	0	1
Splunk search head docker behind nginx reverse proxy - how to deactivate test basic http on startup? my container starts behind nginx (web ssl deactivated), but then fails and restarts every minute:FAILED - RETRYING: T... by wfskmoney Path Finder in Getting Data In 11-13-2021 0 1	0	1
Redirection to multiple indexes and Null queue not working Hello, We are integrating the json logs via HEC into Splunk Heavy Forwarder.I have tried the below configurations.I a... by bhargavi Path Finder in Getting Data In 11-13-2021 0 1	0	1