Getting Data In

Community Activity

Route events to different indexes based on hostname Hi, I want to send data to x index if the host is non prod and host name is like abc-nprd* for /var/logHowever, wou... by Abha111 Loves-to-Learn Lots in Getting Data In 11-14-2021 0 1	0	1
Drop Down based on its filename I have a filename like this-11112021_MOS.csv-12112021_MOS.csv-13112021_MOS.csv I want to create drop down based on th... by Azwaliyana Path Finder in Getting Data In 11-14-2021 0 1	0	1
nullQueue question - Palo Logs Hi Splunk folks, My team is seeing a pesky issue with Palo Alto logs where a small subset are not being sourcetyped i... by danielfurtaw Engager in Getting Data In 11-13-2021 0 1	0	1
Splunk search head docker behind nginx reverse proxy - how to deactivate test basic http on startup? my container starts behind nginx (web ssl deactivated), but then fails and restarts every minute:FAILED - RETRYING: T... by wfskmoney Path Finder in Getting Data In 11-13-2021 0 1	0	1
Redirection to multiple indexes and Null queue not working Hello, We are integrating the json logs via HEC into Splunk Heavy Forwarder.I have tried the below configurations.I a... by bhargavi Path Finder in Getting Data In 11-13-2021 0 1	0	1
Line_Breaker question [operlog] LINE_BREAKER = (?m)(.\d{7}.\d\d:\d\d:\d\d.\d\d) SHOULD_LINEMERGE = false Why do my events have the text ... by PaulEscher Explorer in Getting Data In 11-12-2021 1 11	1	11
Google Data Loss Prevention (DLP) Logs I'm working with an Google Super Admin and I'm trying to get Google DLP Logs into Splunk Cloud. There is a HEC that ... by gb43 Engager in Getting Data In 11-12-2021 0 0	0	0
Filtering Events using nullqueue Real novice here. I am ingesting a sourcetype into Splunk, and want to filter out any events with the word "FAILED" r... by JPrictoe Loves-to-Learn in Getting Data In 11-12-2021 0 13	0	13
Clarify HEC Indexer Acknowledgement The link below provides the following paragraph:"...HEC responds with the status information to the client. The body ... by ro_mc Path Finder in Getting Data In 11-12-2021 0 1	0	1
How to connect Splunk API with Trend Micro Apex One aaS? Hello!I try onboarding several Trend Micro Cloud Applications like Apex One as a Service but it just doesn't work. On... by avoelk Communicator in Getting Data In 11-12-2021 0 0	0	0
How to add network device that doesn't have splunk app or add-ons? Hello experts, So i have extreme network switch VSP 7000 and VSP 8000 that want to send syslog to our splunk. When i... by subnet_warrior New Member in Getting Data In 11-12-2021 0 1	0	1
How to keep specific events and discard the rest in props.conf and transforms.conf? In splunk doc it is mentioned that [[[Note: In this example, the order of the transforms in props.conf matters.... by ankithreddy777 Contributor in Getting Data In 11-12-2021 0 3	0	3
drop events from being indexed I have a request from some users of mine to do the following. I need to drop events from a source and user .. sour... by sreynolds30 Explorer in Getting Data In 11-12-2021 0 10	0	10
Mark values in Diagram Hi,so I have a Bargraph with many values. The enduser who has to use that bargraph needs to see if the values are ove... by Linze99 Explorer in Getting Data In 11-11-2021 0 3	0	3
HTTP Event Collector Indexer Acknowledgment Returns "Invalid data format" "code":6 On a Linux host I am testing our HEC Indexer Acknowledgement setup on our heavy forwarder and following the documenta... by qf Engager in Getting Data In 11-11-2021 1 1	1	1
Unable to delete sourcetype I had setup a forwarder to monitor the directory and didn't specify any source type. Splunk automatically create some... by jangid Builder in Getting Data In 11-11-2021 1 5	1	5
DB Connect Rising Column Keeps inserting the latest row I've set up some tables in DB Connect, using a timestamp (date_modified) as a rising column (there were no other suit... by gregbo Communicator in Getting Data In 11-11-2021 0 1	0	1
Pass tokens from multiselect dropdown to charts Hi all,I have a multiselect dropdown to list all the groups, also i have 2 pie charts for the number of tasks per gr... by anooshac Communicator in Getting Data In 11-11-2021 0 5	0	5
Search time parsing using regex with lookahead Hello,I would like to ask about problem with parsing log using regex with lookahead.I have this log: Oct 10 04:18:31 ... by lukasmecir Path Finder in Getting Data In 11-11-2021 0 3	0	3
Executing python script as an alert action on windows Hi,I have to run python script as an alert action. My Splunk is on windows.I tried my script running like this and it... by AKG1_old1 Builder in Getting Data In 11-11-2021 0 0	0	0
Cisco Firepower app Dashboard I'm looking to have Cisco Firepower App for Splunk populated with Any Connect VPN users. I would like to have the "De... by Okezie1 Explorer in Getting Data In 11-10-2021 0 0	0	0
splunk fsck repair fails with "Process delayed by # seconds..." I recently performed a data migration to correct some mistakes made by the person who built our environment. Afterwar... by snyderm_dos Loves-to-Learn Lots in Getting Data In 11-10-2021 0 0	0	0
Splunk Forwarder - Deployment Apps not being downloaded Hi,The issue is that some servers with universal forwarder agent deployed on them are not being able to successfully ... by ahmadgul21 Explorer in Getting Data In 11-10-2021 0 5	0	5
404 Not Found on Restart SplunkWeb What does the error below mean and how to remediate it? This is after running `splunk restart splunkweb` HTTP/1.1 404... by morethanyell Builder in Getting Data In 11-10-2021 0 0	0	0
using splunk heavyforwarder to forward to syslog only not forwarding to index log sources coming in from UniversalForwarderto Heavyforwarder looking to selectively forward to syslog without index... by dwart New Member in Getting Data In 11-10-2021 0 1	0	1