Getting Data In

Community Activity

AlgoSec Security Management Suite (ASMS) Integration via API Hi,I'm required to integrate the Alogsec Security Management Suite (ASMS) logs via API method to cover the richer vi... by kvm Explorer in Getting Data In 05-05-2026 0 3	0	3
INDEXED_EXTRACTIONS, Universal Forwarder & Splunk Cloud One of my sourcetypes is a CSV file (with CSV header)I was using this sourcetype stanza in props.conf:[foo_bar] INDEX... by zapping575 Communicator in Getting Data In 04-29-2026 0 1	0	1
Splunk KnowBe4 Integration I was wondering if any one has successfully onboard KnowBe4 data? I don't see a TA or App on Splunkbase. by BluFalcon Engager in Getting Data In 04-27-2026 0 8	0	8
Host override not working. Sample events - working in regex101 : https://regex101.com/r/LuC6ZQ/1\| rex field=_raw "nsssvcip\=(?<host>\d+\.\d+\.\d... by gnagasri Engager in Getting Data In 04-26-2026 0 4	0	4
Cisco Security Cloud Estreamer Issues Good Afternoon,I have been at war with the estreamer app for 2 weeks and I can not get this to work. Below is the cur... by Rafaelled Explorer in Getting Data In 04-24-2026 1 1	1	1
Ingest Claude OpenTelemetry logs Hi All,Has anyone tried to ingest Claude OpenTelemetry logs into Splunk? I'd be interested in understanding what appr... by becksyboy1 Engager in Getting Data In 04-24-2026 0 4	0	4
Splunk remote upgrader Windows update issue Hello,we are trying to use splunk_app_uf_remote_upgrade_windows to upgrade our UF using Deployment server.I have inst... by Solitus31 Explorer in Getting Data In 04-20-2026 0 2	0	2
Send PDQ Connect Audit Logs to Splunk Hello, I would like to automatically send the audit logs from PDQ Connect into our Splunk environment. I can manuall... by Kat7 Explorer in Getting Data In 04-19-2026 0 3	0	3
WEF - Universal Forwarder multiple Windows TA's / performance issues Hi, We currently have a centralized WEF collection server that collects all windows logs across the environment.This ... by ljo4497 Explorer in Getting Data In 04-15-2026 1 9	1	9
Numerical Precision in Metrics I have data of the following structure in Kafka.{"id": "ABC", "name": "lukas", "timestamp": 1775567475, "payload": 37... by duesser Path Finder in Getting Data In 04-12-2026 0 7	0	7
Alternatives to Rehydrating Logs Hello Everyone!We have what we have been told is not a complete ideal setup where we have searchable data for 90 days... by durnan13 Explorer in Getting Data In 04-11-2026 0 11	0	11
Issue with sourcetype extraction Hello Splunkers1!I am encountering an issue with field extraction related to the sourcetype. My requirement is to map... by uagraw01 Motivator in Getting Data In 04-08-2026 0 9	0	9
Slow indexer restart in cluster When restarting an indexer in our cluster, I first put the cluster in maintenance mode. The indexer restarts within m... by splunkettes Path Finder in Getting Data In 04-08-2026 0 4	0	4
Starting Splunk ES POV- Any advice? Hello all, Starting end of next week my team will be doing a POV of Splunk ES as a possible replacement of our curre... by cjharmening Loves-to-Learn Lots in Getting Data In 04-07-2026 0 3	0	3
Splunk 10: Journald input not working with debian 13 (trixie) After upgrading to Debian 13 Journald input is not working anymore with Splunk 10.x.This error I found in the interna... by Beerman New Member in Getting Data In 04-07-2026 0 5	0	5
Field extractions Hey team,If we want to reduce pressure on our Splunk indexers and our data is routing through Cribl, what does Splunk... by spulivarthi700 Loves-to-Learn in Getting Data In 04-01-2026 0 2	0	2
Open AI Compliance API to Splunk Has anyone had any luck getting Open AI Compliance API logs into Splunk Cloud? This API ships logs that provide visib... by Cerum Loves-to-Learn in Getting Data In 03-31-2026 0 3	0	3
user-seed.conf not working in Universal Forwarder I have installed the UF(.v 10.2.1) on a Windows server using the cli command below. Splunk appears to install success... by Stem Engager in Getting Data In 03-30-2026 1 4	1	4
When are apps being redeployed? This subject keeps baffling us - Can I configure restartSplunkd to true for all applications? One thing we saw is tha... by spl_aficionado Path Finder in Getting Data In 03-23-2026 0 3	0	3
Splunk is not indexing anymore Hello Team,I hope you are doing well. Recently i am going through a critical issue on my splunk entreprise. I used to... by fedayn05 Path Finder in Getting Data In 03-21-2026 0 4	0	4
Universal Forwarder - Configured but inactive forwarders. I have a fresh install of 7.0.x in our QA environment to test with. I have an indexer/search head/deployment server r... by JordanPeterson Path Finder in Getting Data In 03-21-2026 0 7	0	7
Splunk Add-on for Check Point Log Exporter Hello, we haveSplunk Add-on for Check Point Log Exporter ( https://splunkbase.splunk.com/app/5478 ) Built by Splunk L... by splunkreal Influencer in Getting Data In 03-20-2026 0 3	0	3
GPU metrics monitoring via nvidia-smi Hello. I have the following issue: I can't make splunk index GPU data in a metrics index. On the GPU server I have a ... by radko Explorer in Getting Data In 03-19-2026 0 4	0	4
Output from Universal Forwarder is failing to be sent via HTTPOUT (HEC) Hi,I'm attempting to configure a Universal Forwarder on a Windows server behind a proxy to send data via S2S over htt... by eddieddieddie Path Finder in Getting Data In 03-19-2026 0 9	0	9
Why am I receiving "cannot concatenate 'str' and 'NoneType' objects" error when uploading a log file? Sorry for bringing this up again, but the other questions haven't been answered yet in a way that would help us. I'm... by dwoehr Explorer in Getting Data In 03-18-2026 1 17	1	17