Getting Data In

Community Activity

Configure BREAK_ONLY_BEFORE I just want to configure BREAK_ONLY_BEFORE. When I save the source type, it automatically adds LINE_BREAKER. I do not... by Azwaliyana Path Finder in Getting Data In 11-09-2021 0 2	0	2
Active User count in the application not working I want to know the active user count of an application, the following is the query i created, however its not giving ... by praneethlekkala Path Finder in Getting Data In 11-09-2021 0 2	0	2
SMB server logs not coming in into splunk Hi All,We have configures below stanza on SMB server(UF) and splunk forwarder to collect SMB logs,[WinEventLog://Micr... by sharada Loves-to-Learn Everything in Getting Data In 11-09-2021 0 0	0	0
Heavy forwarder not sending syslog to indexer Previously, my heavy forwarder is working fine. Able to search from latest logs in my searchhead. But upon testing an... by johnlzy0408 Loves-to-Learn Everything in Getting Data In 11-09-2021 0 2	0	2
I am trying to bring in windows logs from a clients server, but nothing is showing. I created a new application. This is the inputs from the app I created for the windows logs:[WinEventLog://Application]index = replicate3disabled ... by nls7010 Path Finder in Getting Data In 11-09-2021 0 0	0	0
How to monitor and index .bz2 files in Splunk? Hi, All. How to index compressed files in .bz2 format using Universal Forwarder installed on a Windows server?In UF:i... by James_ACN Loves-to-Learn Everything in Getting Data In 11-09-2021 0 2	0	2
How to extract new fields from a JSON array? Hi All!How to extract and create different fields by transforms when there is an array (JSON) with several fields wit... by James_ACN Loves-to-Learn Everything in Getting Data In 11-09-2021 0 2	0	2
UF+Indexer+nullQueue/Route = Zero Hi, I need some help  scheme: 3 Universal Forwarders -> collecting/forwarding -> Indexer uf: Changed every UF hos... by badland Explorer in Getting Data In 11-09-2021 0 9	0	9
Large JSON events not showing field in "Interesting fields" Good morning all! I have a datasource that is valid JSON (I verified with python and jq). The entire event gets inges... by brent_weaver Builder in Getting Data In 11-09-2021 0 8	0	8
SSL Error Splunk DB connect add-on Hello SPLUNKERS,We are seeing this error while integrating the SQL DB using DB connect add-on . Kindly let me know wh... by kiranpanchavat1 Path Finder in Getting Data In 11-08-2021 1 6	1	6
Nested logs are not parsed correctly I have nested events that look like this in Splunk:container_id: 13243d84e63d8d5b56c5container_name: /ecs-stg-compute... by TKelly Explorer in Getting Data In 11-08-2021 0 1	0	1
Splunk DB Connect Error:Unable to initialize modular input "server" Hello,We are seeing the below error after our linux upgrade, Could someone please help us fix this issue?Unable to in... by Roy_9 Motivator in Getting Data In 11-08-2021 0 1	0	1
HTTP data input I'm trying to post REST data via HTTP to splunk. This works when using a pre-generated token to an HEC:POST /service... by kpwaterson Explorer in Getting Data In 11-08-2021 0 2	0	2
Log files with different timezones (UTC) I apologize since similar questions have been asked numerous times in the past. I have read several of them on this s... by sonomauser Explorer in Getting Data In 11-08-2021 0 4	0	4
In a trellis layout, how come the "split by" field is only showing "Aggregations"? I have some data which I have arranged in a table format, the names and [types] of which are as follows: error_type ... by jrico8 Engager in Getting Data In 11-05-2021 1 9	1	9
zScaler LSS Log Ingestion I have a set up a single-node test instance of Splunk to try and ingest zScaler LSS (not NSS) logs via a TCP input. H... by omranb Engager in Getting Data In 11-05-2021 0 0	0	0
serverclass.conf whitelist from pathname not working Hello,I've got a 100% Windows environment with a deployment server and I'm trying to configure server classes so we c... by justincoon New Member in Getting Data In 11-05-2021 0 1	0	1
help on custom sourcetype for log parsing Hello,I would like to reach out for some help in creating a custom sourcetype (cloned from _json), I'm calling it "ib... by freza Explorer in Getting Data In 11-05-2021 0 9	0	9
Universal Forwarder sending two sets of Windows Security Logs to two different indexer I need the Universal Forwarders to send Windows Security Logs to two different indexers but the data I want to send h... by minliang Loves-to-Learn Lots in Getting Data In 11-05-2021 0 5	0	5
Monitored txt file keeps re-indexing events PLEASE HELP!This has been driving me mad for days! Every time an event is added, its re-reading the text file from th... by ALXWBR Path Finder in Getting Data In 11-05-2021 0 2	0	2
SEDCMD Assistance Please Howdy All,I am looking for some assistance with a SEDCMD. I am trying to clean up some XmlWineventlog:security event... by pirsa Explorer in Getting Data In 11-05-2021 0 1	0	1
Do we need Universal Forwarder on Splunk server? Hi all,Maybe a dummy question, do I need to setup Universal Forwarder on Splunk server to monitor and index data? (so... by Cbr1sg Path Finder in Getting Data In 11-05-2021 0 4	0	4
How to reload changed configs at Heavy forwarder? Hi All,When I change some configs on HF, It seems that I need to restart HF according to the doc below.https://docs.s... by brandy81 Path Finder in Getting Data In 11-05-2021 0 5	0	5
Is there app for perforce log analysis ? HI I'm trying to use splunk for perforce log analysis. Is there any APP or existing custom app for the same ? by nagubandipavan New Member in Getting Data In 11-04-2021 0 3	0	3
Splunk Cloud Http Collector with Log4j2 Reviewing some docs to use Splunk Cloud (trial version) with a Java App with log4j2 I need to configure a Http Event ... by JPZamoraa New Member in Getting Data In 11-04-2021 0 1	0	1