Getting Data In

Community Activity

Is it possible to configure a redundant Splunk server in outputs.conf? Hi all,Currently have setup multiple Splunk servers configured in outputs.conf for the universal forwarders but I am ... by derezzed Engager in Getting Data In 10-07-2021 0 3	0	3
Failed to add the same UDP port udp7511 syslog transmission was set up on three firewalls.The same port is not registered on the splank web.I used th... by noott211 Path Finder in Getting Data In 10-07-2021 0 1	0	1
Would Multiple Enterprise Security Splunk Instances Affect Indexing? Currently working on a project where instead of dedicating only a single instance of Splunk only for ES they actually... by NightShark Path Finder in Getting Data In 10-07-2021 0 5	0	5
UF data going to wrong index I have a UF on an rsyslog server. The UF is forwarding logs to the indexer successfully, but one of my two input flow... by whar_garbl Path Finder in Getting Data In 10-06-2021 0 1	0	1
Updated: Help in event break for json file Hi,Updated:I am trying to break events which is in nested json. Each events start with { "links": I have almost got ... by AKG1_old1 Builder in Getting Data In 10-06-2021 0 3	0	3
HEC Events not indexing I'm learning how to use the HTTP Event collector, but no events ever show up in search. I have the inputs enabled and... by bsheppard8 Loves-to-Learn Lots in Getting Data In 10-06-2021 0 14	0	14
Append data to logs matching regex Hi i'm looking to use a heavy forwarder to append a string to specific log messages. Im following the guide here http... by jazzijeff New Member in Getting Data In 10-06-2021 0 1	0	1
Extract fields from CSV log file without header Hello,I have a CSV file in this form : 2021-08-30 15:45:32;MOZILLA;j.dupont;FR6741557ERF;1.1.1.1;CONNEXION;; 2021-08-... by kvnpichon Path Finder in Getting Data In 10-06-2021 0 3	0	3
splunk index logs from network drive i wish to index all the log files in the network drive Y but i am getting the error msg - In handler'monitor':Paramet... by leiniao Explorer in Getting Data In 10-05-2021 0 5	0	5
Searchtime extractions Hey, We have cisco:esa:cef coming in and whilst we are getting the extractions we need from the main part of the log... by joshuasolman Loves-to-Learn Everything in Getting Data In 10-05-2021 0 0	0	0
Updating Forwarder Credentials Hi all. We received a bulletin that our UF certificates were expiring. I downloaded the credentials package and ins... by sbgoldberg13 Explorer in Getting Data In 10-05-2021 0 2	0	2
How to execute searches with auth token, using the Webtools Add-on Hi @jkat54, thank you for creating this wonderful app. I have a use case that requires executing remote searches fro... by splunker686 Explorer in Getting Data In 10-05-2021 0 4	0	4
How to view status of indexing of evtx files in a folder I am using Splunk to review logs from disconnected systems. We have the users export the evtx files and send them to... by rockb Explorer in Getting Data In 10-05-2021 0 3	0	3
Output and deployment client configs constantly overwritten I have a single-instance Splunk setup with a handful of Universal Forwarders sending in data. There was previously a ... by whar_garbl Path Finder in Getting Data In 10-05-2021 0 3	0	3
Json datas selection and meta removal Hye.The situation : an instance of Splunk standalone (test platform), and an UF.The data : JSON Stream with multi le... by pck_npluyaud Explorer in Getting Data In 10-05-2021 0 3	0	3
How to parse logs with a mix of JSON and non-JSON Hi. I have log source that has a mix of various field types and then a larger nested JSON payload. I can't quite wr... by khenson Engager in Getting Data In 10-04-2021 0 4	0	4
path or logfiles location for 1500 servers Hey,We have some 1500 servers where splunk forwarders installed. we need the path to find location of data or logs co... by Mukunda7 Explorer in Getting Data In 10-04-2021 0 6	0	6
Impact of polling Dblogs from splunk every minute Hi,We use splunk Db connect to pull the DB logs.What will be the impact if we poll the DB every minute from splunk? I... by VijaySrrie Builder in Getting Data In 10-03-2021 0 0	0	0
udp input json to metrics - The metric event is not properly structured Hi, I am ingesting json data using log2metrics_json source type into a metrics index. Everything is working fine w... by imrago Contributor in Getting Data In 10-03-2021 3 0	3	0
Json key value mapping I have my splunk Jason in below format { [-] delete_me: True vendor: Dbruzy name: Rahul date: [ [-] 10-jan-2022 30-de... by vivekkumarkk Explorer in Getting Data In 10-02-2021 0 4	0	4
Forwarding data into indexer Hi,I have set up a Splunk Enterprise instance (version 8.2.1) and a Universal Forwarder instance on Docker on the sam... by wu_weidong Path Finder in Getting Data In 10-01-2021 0 1	0	1
Bringing Snowflake query history into Splunk Hi all, I'm interested in bringing Snowflake query history into Splunk and there are posts on how to do it with DBCon... by sdintino_splunk Splunk Employee in Getting Data In 10-01-2021 0 0	0	0
Windows events and %%something entries Hi.I'm using TA for Windows and everything is mostly working OK. But.In some events I'm receiving values likeReadOper... by PickleRick SplunkTrust in Getting Data In 10-01-2021 0 0	0	0
Wildcard ... not working in my stanza Hello All: I have problems with my application where I am configuring the following stanza in the inputs.config file ... by daymar_23 Explorer in Getting Data In 10-01-2021 0 1	0	1
Is it possible to use modular regular expressions defined in transforms.conf, in saved field extractions? I was trying to extract an ip address field. During a search, using\|rex "[[ipv4]]"works fine and creates an ip field.... by Xandervzyl Engager in Getting Data In 10-01-2021 0 1	0	1