Getting Data In

Discussions

Thread Info

Splunk ITSI Splunk Monitoring Pack Issue

Hello dear community, I am new to splunk and I wanted to monitor my splunk architecture via ITSI and the correspondin...

by New Member in

Splunk duplicates events from a custom-made JSON event file

What I'm doing is: I am doing stuff by my own an then parsing all the information as a JSON in order to append it to ...

by Explorer in

Scripted Input - "persistent" script

Just want to confirm this behavior for a scripted input: The script I want to call, actually runs perpetually... it...

by Communicator in

Calling Python script from Front End

Hi Everyone, My business user has a requirement, he needs to run a python script from the SPLUNK web portal, the sc...

by Loves-to-Learn in

Windows perfmon stats

Does anyone have a sample stanza for inputs.conf for capturing Windows perfmon stats such as CPU utilization, memory ...

by Path Finder in

How to prevent data duplication on a csv file ?

I have a scheduled search that outputs the results every 5 minutes using the outputcsv command to local disk. The fil...

by Contributor in

Splunk python API returning limited data

I am currently using a python API call to retrieve data from Splunk. I am getting approximately 1 day of data when th...

by New Member in

Accessing Splunk reports in PDF via REST API or HEC

Hi, I have a dashboard where some user needs access to fetch the details as a report (.pdf) f...

by New Member in

Sample Windows Data for Input.conf

Does anyone have a sample inputs.conf for capturing Windows data such as CPU utilization, memory utilization and disk...

by Path Finder in

Rename sourcetype not working

I want all syslog data to come in as a general sourcetype. If it matches a transforms, it should be changed. Splunk i...

by Builder in

Why does INGEST_EVAL duplicate my events if I assign a value to _raw?

When I configure INGEST_EVAL to replace _raw with something else, it duplicates the event. Splunk Enterprise Versi...

by Communicator in

unable to ingest data from module 4 on fundamentals 1 training

HI there I added the tested data as admin user and then logged out to sign in as poweruser. but i cant see the data...

by New Member in

Correct Input Stanza for Windows 2003

Hi all, I usually onboard Windows Server 2008 and newer but 2003 it is not working with below Stanza # Windows p...

by Path Finder in

Log Source volume calculator

Hi everyone, I am looking for any document which can help to calculate log source volume. I have 10 different typ...

by Path Finder in

Splunk JSON timestamp in KV_MODE

Hi All, I have Event timestamp with miliseconds: _time with Unix epoch seconds: and during search...

by Explorer in

Regex extraction and then concatenation of multiple capture groups

Hi, I have a log that has the following: dn=site,dn=com,dn=au I would like to extract and concatenate all these f...

by Communicator in

Is it possible to have a period in a regex capture group name for field extractions? e.g. requesterDN.ou

Hi, I'm doing some custom regex extractions for various fields and often they'll be under a bigger field for exampl...

by Communicator in

slave-apps doesn't like my app

Hi, I built a simple app with the add-on builder (using the python script inputs) and then copied it in the "maste...

by Path Finder in

How can I see the search peer that a forwarder is connected to when using indexer discovery?

Apart from seeing data coming from the forwarders arriving in an index, is there any way I can see which indexer a fo...

by Motivator in

Where can I find a list of parameters for the PDFgen endpoint?

Hi everyone, In my script, I am using the /services/pdfgen/render/ endpoint to export the views I want. However, I...

by Path Finder in

using curl to query Splunk internal data from the outside

Hello everyone I have a question about using curl to query Splunk internal data from the outside, such as Send index ...

by Explorer in

DBconnect cron schedule behavior

I used DBconnect to pull data from the database in every 1min *(cron: * /1 * * * *). I would like to ask if this sche...

by Explorer in

How to make my regex more efficient?

Hi, I've exceeded my configured match_limit in limits.conf with this regex: "log":\s"(?<log_source>.*?)\s(?<ISO8601...

by Communicator in

Forwarding Search Results on a schedule

I have a requirement to forward search results of a query to an indexer of an external organization. The volume of th...

by Contributor in

Regex to extract for fqdn

Hi - Was looking for some assistance in extracting the FQDNs from the paths below: /var/log/remote/ldap.inftech.net...

by Engager in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Splunk ITSI Splunk Monitoring Pack Issue

Splunk duplicates events from a custom-made JSON event file

Scripted Input - "persistent" script

Calling Python script from Front End

Windows perfmon stats

How to prevent data duplication on a csv file ?

Splunk python API returning limited data

Accessing Splunk reports in PDF via REST API or HEC

Sample Windows Data for Input.conf

Rename sourcetype not working

Why does INGEST_EVAL duplicate my events if I assign a value to _raw?

unable to ingest data from module 4 on fundamentals 1 training

Correct Input Stanza for Windows 2003

Log Source volume calculator

Splunk JSON timestamp in KV_MODE

Regex extraction and then concatenation of multiple capture groups

Is it possible to have a period in a regex capture group name for field extractions? e.g. requesterDN.ou

slave-apps doesn't like my app

How can I see the search peer that a forwarder is connected to when using indexer discovery?

Where can I find a list of parameters for the PDFgen endpoint?

using curl to query Splunk internal data from the outside

DBconnect cron schedule behavior

How to make my regex more efficient?

Forwarding Search Results on a schedule

Regex to extract for fqdn

CX Day is Coming!

Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!

Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025

Edge Processor Destination not showing up in Pipel...

Getting Data In

Are you a member of the Splunk Community?

Discussions