Getting Data In

Discussions

Thread Info

Ingesting Log Files in Windows - Some Logs Being Ingested and Some Failing

Hi team,I have been experiencing issues with log ingestion in a Windows Server and I was hoping to get some advice.Th...

by Path Finder in

Splunk onboarding field values mistake

We are trying to onboard data from F5 WAF devices to our splunk. F5 team sending it by key value pairs. And one of th...

by Communicator in

Problem with timestamp extraction and props.conf

I have the following props which works fine in the "Add Data" GUI and a test file of logs: EVENT_BREAKER = ([\r...

by Explorer in

Just in time admin access

Does Splunk on Prem or cloud have a solution that allows users to be an Analyst when doing that role and sign in or e...

by New Member in

Splunk not ingesting all logs with xml ... Only ingesting 1 out of every 3

Hi, I am dealing with an issue where I am ingesting some logs that contains a few regular line then followed by xml d...

by Path Finder in

Moving indexers from centos to redhat8

Hi Folks, currently we have 4 physical indexers running on CentOS but since CentOS is EOL , plan it to migrate ...

by Path Finder in

How to send OpenCTI data to Splunk

Hi there, i got issue when setting connector Splunk in OpenCTI When i check logs, it says terminated i fol...

by Communicator in

How to filter specific logs and send it as syslog to a third-party host

Hi all, I want to send logs (which are part from our sourcetype [kube_audit]) from my HeavyForwarder to a third-par...

by Engager in

Splunk HTTP Event Collector support for custom metadata(tags) fields/routing fields.

Splunk version 9.0.8/9.1.3/9.2.x and above has added capability to process key value pairs that will be added at inde...

by Splunk Employee in

UF in AIX stops after some time.

Hi, a few days ago, I installed the UF in an AIX server but it had some details, such as the service running, but the...

by Explorer in

Logs truncated in Splunk despite line being under the 10000 bytes threshold

Hi community,I have observed an issue with the ingestion of the first line in a log file that, at first glance, seeme...

by Path Finder in

Why are Splunk some logs missing from kiwi syslog?

Hello everyone I am running into an issue that may be either Splunk or my Kiwi Syslog server, and I am not really sur...

by Engager in

How to get a list of all hosts installed with Universal Forwarder

I have a bunch of agents(hosts) in Appdynamics, I wanted to figure out that the Universal Forwarder is installed or n...

by New Member in

How could I specifit someday for splunk oneshot to Splunk Indexer?

Hi guys, I have a set of data in the following format: This is a manually exported list, and my requiremen...

by Explorer in

Splunk - How to convert Logs to Metrics (SQL Add on)?

Hi, I am trying to get SQL Performance monitoring logs into our environment for one of our ITSI use cases The ...

by Engager in

Does Splunk Windows installer generates any logs during the install process?

Splunk Windows installer, the msi package, is used to install new Splunk instances or upgrade/update existing Splunk ...

by Splunk Employee in

_TCP_ROUTING with clustered indexers system logs

Hello, we have 2 Splunk platforms and we are using _TCP_ROUTING to forward logs. System logs from 1st platform in...

by Motivator in

Is there any timezone conversion function in splunk to convert timezone in search string?

by New Member in

504 Gateway Time-out

We are hosting Splunk enterprise on AWS EC2 instances, the flow goes as follows: ALB>Apache Reverse proxies>ALB>SHC...

by Observer in

Issue with accepting splunk_hec as exporter for OpenTelemetry Collector

Hello. I'm trying to transfer metric collected from Prometheus to my cloud instance. According to https://docs.s...

by Path Finder in

JSON Data extraction issues with Comma

Hi Team,We are trying to extract JSON data with custom sourcetype and With the current configuration, all JSON object...

by Loves-to-Learn Lots in

AggregatorMiningProcessor - Breaking event because limit of 256 has been exceeded

Splunk has warning log: WARN AggregatorMiningProcessor [10530 merging] - Breaking event because limit of 256 has be...

by Engager in

dealing with UF user change (linux)

I haven't upgraded UF in a while, and I'm having some trouble figuring out how I should proceed with bringing it up t...

by Path Finder in

Filter Logs

I have XML input logs in Splunk. I have already extracted the required fields, totaling 10 fields. I need to ensu...

by Explorer in

How to connect Apigee Edge to Splunk

Need help configuring a secure connection between Google Apigee Edge and Splunk. What parameters need to be set on t...

by Splunk Employee in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Ingesting Log Files in Windows - Some Logs Being Ingested and Some Failing

Splunk onboarding field values mistake

Problem with timestamp extraction and props.conf

Just in time admin access

Splunk not ingesting all logs with xml ... Only ingesting 1 out of every 3

Moving indexers from centos to redhat8

How to send OpenCTI data to Splunk

How to filter specific logs and send it as syslog to a third-party host

Splunk HTTP Event Collector support for custom metadata(tags) fields/routing fields.

UF in AIX stops after some time.

Logs truncated in Splunk despite line being under the 10000 bytes threshold

Why are Splunk some logs missing from kiwi syslog?

How to get a list of all hosts installed with Universal Forwarder

How could I specifit someday for splunk oneshot to Splunk Indexer?

Splunk - How to convert Logs to Metrics (SQL Add on)?

Does Splunk Windows installer generates any logs during the install process?

_TCP_ROUTING with clustered indexers system logs

Is there any timezone conversion function in splunk to convert timezone in search string?

504 Gateway Time-out

Issue with accepting splunk_hec as exporter for OpenTelemetry Collector

JSON Data extraction issues with Comma

AggregatorMiningProcessor - Breaking event because limit of 256 has been exceeded

dealing with UF user change (linux)

Filter Logs

How to connect Apigee Edge to Splunk

Splunk App for Anomaly Detection End of Life Announcment

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions