Getting Data In

Community Activity

set indexes dynamically in inputs.conf I was able to set indexes dynamically in inputs.conf based off the source path folder name however, it seems like its... by sbattista Explorer in Getting Data In 08-02-2021 0 0	0	0
Securing Client side logging using HTTP Event Collector I am sending client side logs (browser logs) to Splunk. I have setup an HTTP Event Collector (HEC) where I am sending... by aliyusuf Engager in Getting Data In 08-02-2021 2 2	2	2
Wineventlog and Sysmon on split indexes using the same source (WinEventLog://ForwardedEvents) Hello everyone,I am collecting Windows Event Logs and Sysmon Logs from my Windows Domain to my WEF. From WEF using a ... by b_chris21 Communicator in Getting Data In 08-02-2021 0 4	0	4
JSON spath mvexpand Hi,{<!-- --> [-] advisories: [ [+] ] number_of_device: 1 os_name: ios os_version: 1234 status: checked}Above is m... by surekhasplunk Communicator in Getting Data In 07-31-2021 0 6	0	6
Query format for viewing server name with count on respect of color Hi Team, I am very new in Splunk and i need your help to change my query as per requirement Please validate my syan... by sushil_sh Engager in Getting Data In 07-31-2021 0 3	0	3
UF remote to on-prem Splunk Enterprise best practices We have several remote and traveling systems that we need to forward logs from to our on-prem Spunk environment. Splu... by mikefg Communicator in Getting Data In 07-30-2021 0 3	0	3
What's the best practice to get AWS data into the Splunk platform at scale? What's the best practice to get AWS data, such as VPC Flow, CloudWatch, CloudTrail, into the Splunk platform at scale... by akornhauser_spl Splunk Employee in Getting Data In 07-29-2021 0 4	0	4
How to drop events on a heavy forwarder? hi, I have a heavy forwarder configured this wayinputs.conf[udp://514]sourcetype = syslogindex = abcconnection_host =... by vinaypradhan Explorer in Getting Data In 07-29-2021 0 2	0	2
Preserve data on disconnected machine I have a few endpoints with forwarders that need to be disconnected from the network for periods of time (up to a mon... by robertjollsdrs Explorer in Getting Data In 07-29-2021 0 0	0	0
Splunk Linux TA - packages script, some hosts have time in the future I'm running what I believe to be a somewhat standard input, from the Splunk Linux TA. I just realized for some hosts... by splunk219783 Path Finder in Getting Data In 07-29-2021 0 2	0	2
Upgradation of Splunk for Symantec App Hi @gcusello ,We've been asked to upgrade our existing Splunk version(7.1.3) to 8.1. So for that we are now upgrading... by rahul2gupta Path Finder in Getting Data In 07-29-2021 0 3	0	3
not able to connect to splunk web console I am not able to connect to splunk web console using python sdk getting timedout error , I am suspecting port is not ... by skr Loves-to-Learn Lots in Getting Data In 07-29-2021 0 14	0	14
High CPU Usage on Splunk Indexers Frequently i am receiving high CPU Usage alerts with over 99% on all 3 indexers.I am unable to search any query. It s... by alexspunkshell Contributor in Getting Data In 07-28-2021 0 6	0	6
When is the BatchReader used and when is the TailingProcessor used? I have a UniversalForwarder that is exporting hourly data to a monitored folder. Sometimes there are a lot of records... by JeremyHagan Communicator in Getting Data In 07-28-2021 0 2	0	2
Get logs for G Suite Hello,My client requests to ingest G Suite logs, when searching I see several APPs which do not have Splunk support.... by splunkcol Builder in Getting Data In 07-27-2021 0 1	0	1
Checkpoint log exporter props Hi,We have recently migrated from LEA to checkpoint log exporter facility to collect Checkpoint firewall logs in CEF ... by shivarpith Path Finder in Getting Data In 07-27-2021 0 1	0	1
How Do I send data from Mainframes to Splunk I need to extract particular set of records from DB2 table and pass it on to splunk. Splunk should accept that data a... by sunraka New Member in Getting Data In 07-27-2021 0 4	0	4
Convert String to Date Issue I have gone through the forums looking for an answer to this, but nothing has worked. I am trying to convert a strin... by matthewfry57 Explorer in Getting Data In 07-27-2021 0 8	0	8
Referencing Multiple hosts in Props.conf Hi, Does anyone know if it's possible to create a single props.conf stanza that looks for multiple hosts? I've check... by mattsutton Explorer in Getting Data In 07-27-2021 2 9	2	9
What is the difference between apps, add-ons and TAs and where/when do you use them? What is the difference between apps, add-ons and TAs? Which ones should be installed on the search heads and which o... by bnolf Engager in Getting Data In 07-27-2021 2 4	2	4
Setting up HEC (HTTP Event Collector) in a indexer cluster I am trying to set up HEC for my indexer cluster (v8.0.7), with 2 indexers (and 3 search heads) managed by a master n... by patng_nw Communicator in Getting Data In 07-27-2021 0 4	0	4
Splunk add on for Solarwinds Issues Hi all,Hope you can assist. I am having issues with connecting to my SolarWinds App server via the Splunk add on. I ... by IndyJones1345 Loves-to-Learn in Getting Data In 07-26-2021 0 1	0	1
Issue Getting Data In to Splunk Cloud We are in the midst of standing up our Splunk Cloud environment. Our architecture and data flows are as follows:Syslo... by qcjacobo2577 Path Finder in Getting Data In 07-26-2021 0 4	0	4
How to effectively route non-internal logs to external Indexers ? In my current setup, I want to forward only internal logs to Indexers in myOrg, whereas, some non-internal logs to In... by dm1 Contributor in Getting Data In 07-26-2021 0 1	0	1
How to identify what stream is going to which indexer ? In my current setup, I am routing some data (only non-internal indexes) from our current environment to two differen... by dm1 Contributor in Getting Data In 07-25-2021 0 0	0	0