Getting Data In

Community Activity

Setting WORM in SmartStore Hello, Got a request from a customer who would like to archive and set WORM on the data. They did ask about Splunk S... by bobbyoommen Engager in Getting Data In 09-26-2021 1 1	1	1
Do you have any recommendations for freely available data, real or generated, that can be used to practice I know this is a niche and rookie question, but maybe someone out there can provide some guidance. I'm quite new to S... by Xandervzyl Engager in Getting Data In 09-26-2021 0 1	0	1
Data in SH Hello. I have 3 SH. When I switch the captain to another SHData disappears in it. In its normal state, SH has 20 mill... by gitingua Communicator in Getting Data In 09-24-2021 0 5	0	5
splunk cluster master node replacement Please assist to provide detailed steps to replace cluster master for the indexer cluster. I've tried few things howe... by bhilim Loves-to-Learn Lots in Getting Data In 09-24-2021 0 2	0	2
optimize/limit metrics data sent from forwarders We have a large number of Forwarders and would like to optimize the metrics data sent from them to the internal index... by henryfox Engager in Getting Data In 09-24-2021 0 3	0	3
Splunk Set Source Type format Timestamp strptime field examples Hi all,I'm trying hard to add data into Splunk from a .csv file instead of .json. I managed to convert it from .json ... by bogdan_nicolesc Communicator in Getting Data In 09-24-2021 0 2	0	2
Regex Help Hi,I have the below log entry, can you help with the regex to extract the line in Red. The regex i have is not workin... by SS1 Path Finder in Getting Data In 09-23-2021 0 2	0	2
Why does Splunk universal forwarder have high CPU usage on system? I added an app recently to pull in PowerShell Transcription logs that are output to C:\Logs\YYYYMMDD\YYYYMMDDHHSS.ran... by tkoster8 New Member in Getting Data In 09-23-2021 0 3	0	3
Is it Possible To Ingest Dell EMC Unity Storage logs? Hello Fellow Splunkers,I have been looking for a solution to ingest Dell EMC Unity 500 storage logs and my research h... by astackpole Path Finder in Getting Data In 09-23-2021 0 3	0	3
unique sourcetype appends a -2 Hello, We are using inputs.conf and props.conf to ingest a flat csv file. The issue we are having is the sourcetype n... by lbrhyne Path Finder in Getting Data In 09-23-2021 0 0	0	0
Not all CSV files with identical names are ingesting Hello,We are attempting to ingest csv files from two different applications where the file name and structure are ide... by lbrhyne Path Finder in Getting Data In 09-23-2021 0 2	0	2
Download dashboard in PNG using CLI Hi There,I need to download the dashboard in PNG file using CLI, is there any way to do this? Splunk Version: 8.2, Da... by bhupalbobbadi Path Finder in Getting Data In 09-23-2021 0 0	0	0
Reroute host to different index I am trying to figure out how to reroute a specific host to a different index.For example, search results of host=123... by troy44112 Explorer in Getting Data In 09-23-2021 0 2	0	2
WMI input and whitelisting Hello there.I finally managed to set up WMI-based event log monitoring and it seems to work The problem is that it's... by PickleRick SplunkTrust in Getting Data In 09-23-2021 0 0	0	0
Splunk Connect For Syslog - no data indexed Hi,I followed the official instructions and deployed syslog connect in Ubuntu using docker.https://splunk.github.io/s... by corti77 Contributor in Getting Data In 09-23-2021 0 1	0	1
Non DS deployed Apps Hello Fellow Splunkers ,Is there a way that I can get a list of Input apps on a UF host that are not distributed by t... by psamuel23 Loves-to-Learn in Getting Data In 09-23-2021 0 1	0	1
Epoch time returning wrong date far in the future Hi folks, Instead of using the _time to convert the Epoch time into something more readable. I want to use deviceCus... by jravida Communicator in Getting Data In 09-23-2021 0 3	0	3
Syslog and UDP (Data Input) I had a EC2 syslog client and a MacOS which installed the Splunk Enterprise. I want my Splunk Enterprise to be my sys... by zhangru Engager in Getting Data In 09-22-2021 0 1	0	1
How to unzip and parse json.gz files I am using Splunk Add-on for Amazon Web Services to ingest json.gz files from an s3 bucket to Splunk. However Splunk ... by bagumas New Member in Getting Data In 09-22-2021 0 0	0	0
Firehose through HTTP Event Collector generates duplicate log records Hello everyone,I am streaming CloudWatch logs to SPLUNK through Firehose, and I faced the following issue:Some json r... by mmkt Loves-to-Learn in Getting Data In 09-22-2021 0 0	0	0
Does the indexer acknowledgement queue/list persist across Splunk restarts? I'd like to user indexer acknowledgement in my HA setup when forwarding from a primary indexer which receives events ... by Glenn Builder in Getting Data In 09-22-2021 0 8	0	8
How apply SEDCMD after TRANSFORMS? Hello All, My issue is:We are receiving files from Source1, where are more types of logs. We want to split them and s... by Jakub Explorer in Getting Data In 09-22-2021 0 1	0	1
Where do I change the maximum Message body length? I'm trying to get a large text file ingested using the HEC. In my searches for the data, I see events that say "Mess... by gregbo Communicator in Getting Data In 09-22-2021 0 3	0	3
Props.conf wild card help Hi,I have the below source, values in Red will keep changingsource="/Application/logs/b80be40606aa7860f7de0c7ffa6b9d7... by SS1 Path Finder in Getting Data In 09-22-2021 0 4	0	4
Splunk Add-On for Linux Compatability I am using the Splunk Add-On for Linux on my deployment server (which is a windows server) and trying to use this to ... by pc1 Path Finder in Getting Data In 09-22-2021 0 6	0	6