Getting Data In

Community Activity

Filtering with props and transforms Hello.I have just enabled powershell logging and am now getting completely spammed with splunk forwarders running pow... by michaelnorup Communicator in Getting Data In 11-16-2021 0 2	0	2
wineventlog:security logs not receiving Few DC servers not showing source=wineventlog:security. Can someone provide the troubleshooting steps to find the wha... by hemantwcp7 Loves-to-Learn Lots in Getting Data In 11-16-2021 0 2	0	2
How to get last 1 week or current logs for inputs.conf Greetings, I have set the following configuration stanza on my inputs.conf but I am getting failures for using ignore... by NightShark Path Finder in Getting Data In 11-16-2021 0 3	0	3
K8 AWS HF Delays / Timeouts Hello, We are wondering if anyone else has experienced issues using a k8 cluster of heavy forwarders, to receive AWS ... by lavster Path Finder in Getting Data In 11-15-2021 0 0	0	0
Configuration to send OTEL format data to Splunk observability cloud We have an OTEL compliant exporter. What are the required definitions in an exporter configuration to send OTEL comp... by baddeacs New Member in Getting Data In 11-15-2021 0 0	0	0
Oracle anonymous PL/SQL block with input and output parameters from Splunk DB Connect Can DB Connect execute an Oracle anonymous PL/SQL block, with input parameters, and get the output parameters (for in... by altink Builder in Getting Data In 11-15-2021 0 5	0	5
Add data to index using REST API Hello Experts,I have recently started exploring on Splunk API's and trying to find a REST API to Add data to a splunk... by nc8668 New Member in Getting Data In 11-15-2021 0 1	0	1
stanza's for props.conf Hi,We are having bunch of HFs in our environment from HFs we have confusion from which HF is getting the data, so to ... by pchintha Engager in Getting Data In 11-15-2021 0 3	0	3
Timezone issue Hello,I have a timezone issue that I don't understand.I have two set of indexed logs in different indexes, indexed by... by gilliers Explorer in Getting Data In 11-15-2021 0 4	0	4
Splunk stopped indexing on index="main" Hello guys,I will first mention that I'm pretty new to Splunk, but I noticed that Splunk has stopped indexing and get... by lana0203 Loves-to-Learn Lots in Getting Data In 11-14-2021 0 1	0	1
Route events to different indexes based on hostname Hi, I want to send data to x index if the host is non prod and host name is like abc-nprd* for /var/logHowever, wou... by Abha111 Loves-to-Learn Lots in Getting Data In 11-14-2021 0 1	0	1
Drop Down based on its filename I have a filename like this-11112021_MOS.csv-12112021_MOS.csv-13112021_MOS.csv I want to create drop down based on th... by Azwaliyana Path Finder in Getting Data In 11-14-2021 0 1	0	1
nullQueue question - Palo Logs Hi Splunk folks, My team is seeing a pesky issue with Palo Alto logs where a small subset are not being sourcetyped i... by danielfurtaw Engager in Getting Data In 11-13-2021 0 1	0	1
Splunk search head docker behind nginx reverse proxy - how to deactivate test basic http on startup? my container starts behind nginx (web ssl deactivated), but then fails and restarts every minute:FAILED - RETRYING: T... by wfskmoney Path Finder in Getting Data In 11-13-2021 0 1	0	1
Redirection to multiple indexes and Null queue not working Hello, We are integrating the json logs via HEC into Splunk Heavy Forwarder.I have tried the below configurations.I a... by bhargavi Path Finder in Getting Data In 11-13-2021 0 1	0	1
Line_Breaker question [operlog] LINE_BREAKER = (?m)(.\d{7}.\d\d:\d\d:\d\d.\d\d) SHOULD_LINEMERGE = false Why do my events have the text ... by PaulEscher Explorer in Getting Data In 11-12-2021 1 11	1	11
Google Data Loss Prevention (DLP) Logs I'm working with an Google Super Admin and I'm trying to get Google DLP Logs into Splunk Cloud. There is a HEC that ... by gb43 Engager in Getting Data In 11-12-2021 0 0	0	0
Filtering Events using nullqueue Real novice here. I am ingesting a sourcetype into Splunk, and want to filter out any events with the word "FAILED" r... by JPrictoe Loves-to-Learn in Getting Data In 11-12-2021 0 13	0	13
Clarify HEC Indexer Acknowledgement The link below provides the following paragraph:"...HEC responds with the status information to the client. The body ... by ro_mc Path Finder in Getting Data In 11-12-2021 0 1	0	1
How to connect Splunk API with Trend Micro Apex One aaS? Hello!I try onboarding several Trend Micro Cloud Applications like Apex One as a Service but it just doesn't work. On... by avoelk Communicator in Getting Data In 11-12-2021 0 0	0	0
How to add network device that doesn't have splunk app or add-ons? Hello experts, So i have extreme network switch VSP 7000 and VSP 8000 that want to send syslog to our splunk. When i... by subnet_warrior New Member in Getting Data In 11-12-2021 0 1	0	1
How to keep specific events and discard the rest in props.conf and transforms.conf? In splunk doc it is mentioned that [[[Note: In this example, the order of the transforms in props.conf matters.... by ankithreddy777 Contributor in Getting Data In 11-12-2021 0 3	0	3
drop events from being indexed I have a request from some users of mine to do the following. I need to drop events from a source and user .. sour... by sreynolds30 Explorer in Getting Data In 11-12-2021 0 10	0	10
Mark values in Diagram Hi,so I have a Bargraph with many values. The enduser who has to use that bargraph needs to see if the values are ove... by Linze99 Explorer in Getting Data In 11-11-2021 0 3	0	3
HTTP Event Collector Indexer Acknowledgment Returns "Invalid data format" "code":6 On a Linux host I am testing our HEC Indexer Acknowledgement setup on our heavy forwarder and following the documenta... by qf Engager in Getting Data In 11-11-2021 1 1	1	1