Getting Data In

Discussions

Thread Info

create notable event for missing forwarders

Hi, is there any solution to create a notable event for missing forwarders? Now missing forwarders generate an alert ...

by Path Finder in

Need Help Routing Subset of Docker Container Logs to Different Index

Hello Splunk Community, I could certainly use you help getting myself out of a rather large jam I'm in. I need guidan...

by Path Finder in

Wildcard to monitor in inputs.conf

Hi, I have below log files under path /path/to/app/ usera-x.log userb-x.log userc-x.log userd-y.log usere...

by Path Finder in

Splunk App for Windows Infrastructure default index issue

I have the latest SA-LDAP, Splunk_TA_Windows and Windows Infra apps installed. I have sourcetype WinHostMon data com...

by Path Finder in

[WinError 10061] No connection could be made because the target machine actively refused it

Hello! I am having trouble uploading any files to Splunk using Add Data. This is the whole error message I am getting...

by New Member in

Props.conf, transforms.conf and Index Time field extractions not working in production environment

We are logging one application deployed in Kubernetes and ingesting its tomcat localhost access logs in Splunk via HE...

by Engager in

Splunk Monitoring

Hi Splunkers, I'm working on Splunk and ServiceNow integration. Where ServiceNow team wants pull a report from Splu...

by Path Finder in

Logging of DNS Audit events

Hey guys, i want to log dns audit events such as the deletion/creation of dns entries. I've installed Splunk ap...

by New Member in

Renaming Fields in Data

Good Morning, We are having a bit on an issue with our data "layout". In our wineventlogs we have a field in the XM...

by Explorer in

Splunk not breaking events correctly with multiple double quotes for field (CSV)

I'm having som issues with how Splunk is handling event breaking for CSV files. A sample of the CSV file in questio...

by Explorer in

Daily License Report not Showing

My Environment: 1 SH, 1DS (CM, LM), 2 INDX`s and 15GB/day License.The day before yesterday logs ingested to Splunk fr...

by Path Finder in

Stealthwatch data into Splunk Cloud

Good Afternoon, We are attempting to get our Stealthwatch data into Splunk. We are in Cloud 8.1 one so the only Add...

by Explorer in

Log tag recolection

Hi, I´m new with Splunk and i´m trying to do to enable a tag on splunk recolection to know from which heavy/indexer...

by Loves-to-Learn Lots in

Uploading flat/sequential file

I'm trying to upload an ascii file (created on a IBM mainframe) into splunk using the lookup - add new lookup table f...

by New Member in

Splunk (8.1.2 and previous) not reading data from all stanzas

Dear community, I have a massive issue with a (single hosted) Splunk installation reading files from a local drive/...

by Explorer in

Persistent queue for windows input not working

Hello, we have an issue with persistent queue not working correctly. As visible below we have enabled persistent Qu...

by Observer in

source name setup with wildcard

Hi Everyone, Currently i am monitoring the *.log files under a path, i have not given a source name since we dont h...

by Path Finder in

splunk rename source

I have my source name as below, the 'user' field keeps on updating E:\test\Apps\path\EventLogs\MemoCPU\user-MemoCPU...

by Path Finder in

Reading from Tibco queues

I have a requirement to read data from Tibco queue to Splunk. Can you please help me in providing an insight into the...

by Splunk Employee in

Delay Ingestion at the Universal Forwarder Until Event Is Complete

I have an interesting dilemma and I believe there is a solution, but I can use some advice on this one. We have a l...

by Path Finder in

How to ingest logs from a single file and split them into 2 source types or indexes?

I've been trying to ingest logs from a single log file into 2 source types. For example, looking at the 'messages' fi...

by Contributor in

Cost for Exporting CloudWatch Logs to Splunk

I'm trying to figure out some rough costs for my setup before moving forward. I'd like to export logs from Clo...

by Engager in

Splunk Integration App For ServiceNow

Hi Splunkers I would like to know if anyone has faced the issue of multiple incidents getting created in ServiceNow...

by Explorer in

MSSQL TA and putting it's data into a metrics index

Hi, I'd like to store the data collected by the "Splunk Add-on for Microsoft SQL Server" in a metrics index. Initia...

by Path Finder in

Reset Splunk Data

Hey guys, Let's say I have an index called test. I am only ingesting EVTX by modifying the inputs.conf ...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

create notable event for missing forwarders

Need Help Routing Subset of Docker Container Logs to Different Index

Wildcard to monitor in inputs.conf

Splunk App for Windows Infrastructure default index issue

[WinError 10061] No connection could be made because the target machine actively refused it

Props.conf, transforms.conf and Index Time field extractions not working in production environment

Splunk Monitoring

Logging of DNS Audit events

Renaming Fields in Data

Splunk not breaking events correctly with multiple double quotes for field (CSV)

Daily License Report not Showing

Stealthwatch data into Splunk Cloud

Log tag recolection

Uploading flat/sequential file

Splunk (8.1.2 and previous) not reading data from all stanzas

Persistent queue for windows input not working

source name setup with wildcard

splunk rename source

Reading from Tibco queues

Delay Ingestion at the Universal Forwarder Until Event Is Complete

How to ingest logs from a single file and split them into 2 source types or indexes?

Cost for Exporting CloudWatch Logs to Splunk

Splunk Integration App For ServiceNow

MSSQL TA and putting it's data into a metrics index

Reset Splunk Data

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?

WARN SSLCommon [53742 FwdDataReceiverThread] - Re...

What is the correct format for including the API k...

Configuring Splunk OTel Collector for Linux/Window...

Upload failed with ERROR: Read Timeout

DB Connect SQL Procedures