Getting Data In

Community Activity

	Can you run multisite clusters with different OS? Hi, I wanted to ask if multisite Splunk clusters can run different Operating systems without any issues.For example, ... by fatemabwesnet New Member in Getting Data In 11-01-2021 0 4	0	4
	Local Windows Event [WinEventLog://Application] Hi! I'm trying to collect the local splunk server Windows Application event logs. I would like them in non_XML form... by steveo2 Engager in Getting Data In 11-01-2021 0 0	0	0
	What are the configurations required to forward specific log messages to Splunk? What are the configurations required to forward specific log messages to Splunk.Every log message that contains "Sca... by ssoftility Loves-to-Learn in Getting Data In 11-01-2021 0 3	0	3
	How to downgrade a Heavy Forwarder to a Universal Forwarder? The Splunk Documentation has steps to upgrade a Universal Forwarder to a Heavy Forwarder. But not any steps on downgr... by Stefanie Builder in Getting Data In 11-01-2021 0 2	0	2
	Not receiving all windows logs from clients Hello,I'm trying to setup Splunk in a lab environment. I've got one windows client which I want to send logs over to ... by izyknows Path Finder in Getting Data In 11-01-2021 0 3	0	3
	Index emails to splunk Hi Guys,We have a requirement where we need to index emails to be ingested into splunk. I know a couple of apps are ... by neeravmathur Path Finder in Getting Data In 11-01-2021 0 4	0	4
	monitor .bash_history and list monitor Hi,we have got a inputs.conf with :[monitor:///home/.../.bash_history]disabled = 0crcSalt = <SOURCE>whitelist = \.bas... by jariw Path Finder in Getting Data In 11-01-2021 0 0	0	0
	WSUS - How to get approved / unapproved windows update logs? Hi, We are able to fetch update logs from our WSUS server using add-on for windows. However, we want to display appro... by priyanka_231019 Explorer in Getting Data In 11-01-2021 0 0	0	0
	Line Breaking without removing field In my props.conf, I have LINE_BREAKER=field1 this breaks the events how I want but it removes field1 from every even... by willcwhite Explorer in Getting Data In 11-01-2021 0 2	0	2
	Escape special characters in DB Connect Pulling database events with Splunk DB Connect I noticed that:1. New (non-existing) fields are created2. text fields ... by altink Builder in Getting Data In 10-29-2021 0 0	0	0
	Getting 401 while connecting with token whereas able to connect with username and password Hi, When i am using Splunk admin username and password, am able to get the indexes via below codeHttpService.setSslSe... by akshgpt25 Explorer in Getting Data In 10-29-2021 0 5	0	5
	Which inputs.conf does "splunk add monitor" modify I've been working with Splunk for many years and have always made changes via the .conf files. However, I recently a... by tsheets13 Communicator in Getting Data In 10-29-2021 0 1	0	1
	Splunk App for Phantom Reporting Hi Team,Splunk App for Phantom ReportingTesting 1 :If HEC token is created in HF, Indexes are created in Indexer,... by VijaySrrie Builder in Getting Data In 10-29-2021 0 0	0	0
	What is the best approach to forward Logpoint syslog to Splunk? Hi,I want to get all syslog data from a large Logpoint implementation to forward to Splunk.Is there a recommended app... by ojay Path Finder in Getting Data In 10-28-2021 0 1	0	1
	Upload failed with WARN : supplied index 'Web' missing I'm working to upload some data sets from the splunk tutorial page in order to learn how to use Splunk and am unable ... by edenglenn33 New Member in Getting Data In 10-27-2021 0 1	0	1
	Field description data input as fschange. HelloLogs are being collected through fschange.Do you know the field description of the fschange log?Particularly cur... by thkwon Explorer in Getting Data In 10-27-2021 0 0	0	0
	Splunk Add-on for Microsoft Office 365 - Inputs configuration Hello,On the HF of this add-on there is an Inputs configuration. On the Content Type drop down, there is a choice of... by njytrde Explorer in Getting Data In 10-27-2021 0 0	0	0
	Incomplete/Missing Data written from F5 Load Balancer to Splunk Syslog HF Client's F5 Load Balancer is writing data to our Splunk Syslog Heavy Forwarder, but when searching in Splunk Search H... by paulalfredlopez New Member in Getting Data In 10-27-2021 0 2	0	2
	Splunk Indexing Question My index shows the latest event section "in an hour", I have never seen that before. What exactly does that mean? by andrew_burnett Path Finder in Getting Data In 10-27-2021 0 1	0	1
	Spool vs OneShot What is the difference between using Spool vs OneShot CLI commands? Unfortunately I'm unable to install UFs or dire... by ebwong Loves-to-Learn in Getting Data In 10-27-2021 0 2	0	2
	Performance Tuning or Other Hints for Windows Event Forwarding We have been using WEF as our collection point for a while. We started out small but have expanded the range of even... by hughkelley Path Finder in Getting Data In 10-27-2021 0 0	0	0
	How to disable logging We are currently running Splunk Enterprise, on-prem on a Linux VM and have a search head, with several forwarders.How... by Jnewman28 Explorer in Getting Data In 10-27-2021 0 12	0	12
	Microsoft web application proxy log format inputs.conf I'm trying to configure my forwarder on a Windows server to send the Web Application Proxy logs. I'm using this form... by tarricop Loves-to-Learn in Getting Data In 10-27-2021 0 1	0	1
	Unable to initialize modular input "checkpoint_opseclea" Hi All, I am getting the below error in our SHC.Unable to initialize modular input "checkpoint_opseclea" defined in t... by meherakash Loves-to-Learn Lots in Getting Data In 10-26-2021 0 0	0	0
	PhantomRemoteSearch/Connecttosinglesplunk Hi,We are integrating phantom with splunk using below dochttps://docs.splunk.com/Documentation/PhantomRemoteSearch/1.... by VijaySrrie Builder in Getting Data In 10-26-2021 0 0	0	0