Getting Data In

Community Activity

udp input json to metrics - The metric event is not properly structured Hi, I am ingesting json data using log2metrics_json source type into a metrics index. Everything is working fine w... by imrago Contributor in Getting Data In 10-03-2021 3 0	3	0
Json key value mapping I have my splunk Jason in below format { [-] delete_me: True vendor: Dbruzy name: Rahul date: [ [-] 10-jan-2022 30-de... by vivekkumarkk Explorer in Getting Data In 10-02-2021 0 4	0	4
Forwarding data into indexer Hi,I have set up a Splunk Enterprise instance (version 8.2.1) and a Universal Forwarder instance on Docker on the sam... by wu_weidong Path Finder in Getting Data In 10-01-2021 0 1	0	1
Bringing Snowflake query history into Splunk Hi all, I'm interested in bringing Snowflake query history into Splunk and there are posts on how to do it with DBCon... by sdintino_splunk Splunk Employee in Getting Data In 10-01-2021 0 0	0	0
Windows events and %%something entries Hi.I'm using TA for Windows and everything is mostly working OK. But.In some events I'm receiving values likeReadOper... by PickleRick SplunkTrust in Getting Data In 10-01-2021 0 0	0	0
Wildcard ... not working in my stanza Hello All: I have problems with my application where I am configuring the following stanza in the inputs.config file ... by daymar_23 Explorer in Getting Data In 10-01-2021 0 1	0	1
Is it possible to use modular regular expressions defined in transforms.conf, in saved field extractions? I was trying to extract an ip address field. During a search, using\|rex "[[ipv4]]"works fine and creates an ip field.... by Xandervzyl Engager in Getting Data In 10-01-2021 0 1	0	1
Windows Performance counters inputs config question Hi, I have probably and easy question for the ones that have done this before. I have set up an universal forwarder t... by hethu Path Finder in Getting Data In 10-01-2021 0 2	0	2
data ingest size from a server how to identify data ingest size from a server per day... looking to find sizes of data ingested from each server fo... by jiaqya Builder in Getting Data In 09-30-2021 0 5	0	5
Does Windows Protected Event Logging work with Splunk? My company wants to set up Windows 10 Protected Event Logging for sensitive fields (currently this is only done for P... by MonkeyK Builder in Getting Data In 09-30-2021 1 3	1	3
How to extract fields from CSV I have a CSV file for ingestion like this. This needs to be monitored via inputs. I dont want to use INDEXED_EXTRACTI... by Naga Engager in Getting Data In 09-30-2021 0 3	0	3
_time need to be pick from log middle entry Hello All,Can any one help me on this event injection in Splunk. sample data122.0.0.2 NOT_AVAILABLE abc Agent= 2021-0... by snehal8 Path Finder in Getting Data In 09-30-2021 0 6	0	6
is it possible to send logs using opentelemetry to enterprise splunk Hi Team, i am doing set of poc to expolre splunk features, while doing so i am able to send data to splunk observabil... by vinothn Path Finder in Getting Data In 09-29-2021 0 0	0	0
Getting strange error in terminal - Raspberry PI OS - 32bit - universal forwarder Hi,I have setup the forwarder, however I get the following when I try to run commands:What am I missing and what woul... by Christians86 Explorer in Getting Data In 09-29-2021 0 1	0	1
Splunk Translation issues Good morning all, I am still new to Splunk configuration and was lucky enough to inherit a mostly functional setup. R... by Twagner79 Explorer in Getting Data In 09-29-2021 0 2	0	2
Syslog forwarding/routing with Heavy Forwarder is sending more logs than excepted Dear Splunkers, I am trying to forward a specific sourcetype (let's call it "mySourcetype") to a third party software... by davietch Path Finder in Getting Data In 09-29-2021 1 1	1	1
Can we enable WORM on SmartStore S3 buckets ? Does Splunk support enabling WORM on SmartStore S3 buckets ? by dm1 Contributor in Getting Data In 09-28-2021 0 2	0	2
Any way to send events to two indexes (on the same indexer cluster) simultaneously ? Hi -I briefly need to ensure that events from one UF (multiple sources) are duplicated in two indexes on one index cl... by robgarner Path Finder in Getting Data In 09-28-2021 0 2	0	2
Ingesting Logs from Cisco Routing and Switching Gear Hi,I've been asked to add inputs to my organization's Splunk Enterprise from Cisco Routing and Switching Gear. I reme... by 603_Dan New Member in Getting Data In 09-28-2021 0 2	0	2
Cannot find bundles for search peer Hi, I'm deployed a single-site cluster with Master Node, Search Head and two Indexer. The architecture works fine, b... by p_vitale Explorer in Getting Data In 09-28-2021 0 4	0	4
Detect inactive index (Not Logging) Hi,Is there a way to determine if an index has stopped logging/has gone inactive? I have tried looking through the do... by tigawi Engager in Getting Data In 09-28-2021 0 6	0	6
How to use source file modification time instead of guessed date in events? Hello guys,how to use the source file modification date instead of "guessed" or extracted timestamp from csv file?I'm... by splunkreal Influencer in Getting Data In 09-28-2021 0 0	0	0
Made by Splunk Google Workspace Add-on was in beta now missing? Hi all,I was previously tracking a new Add-on that Splunk were developing for ingesting Google Workspace "audit" data... by Stu-eonnext New Member in Getting Data In 09-28-2021 0 1	0	1
Filtering WMI events on heavy forwarder Yes, I know that filtering was discussed many times here but my case is slightly different.I have a UF pulling events... by PickleRick SplunkTrust in Getting Data In 09-28-2021 0 2	0	2
how can i add some description at all input log (metric, syslog, snmp, etc...) how can i add some descriptions at all input log (metric, syslog, snmp, etc...) i tried, add "_meta = description::t... by melonking Observer in Getting Data In 09-27-2021 0 1	0	1