Getting Data In

Ask a Question

Discussions

Thread Info

Add field to windows event

Hello, Is it possible to add fields to the windows event collected by a forwarder ? I would like to add an enviro...

by New Member in

Will upgrade to Splunk_TA_nix v8.2.0 still works with Splunk UF v7.0.4?

Hi Team, We have Splunk Enterprise v7.2.9.1 and planning to upgrade to v8.1.1. Now, as a pre-requisite, we will up...

by Communicator in

Route syslog from heavy forwarder to 3rd party, but only WinEventLogs?

We are sending logs received by our heavy forwarder to a 3rd-party syslog server. We thought we had it configured so ...

by Path Finder in

TA-meraki Not Logging all Events to Splunk

I've successfully installed and configured the TA-meraki app and have all the CIM compliant data coming into Splunk, ...

by Path Finder in

Catchpoint Splunk addons

I used splunk catchpoint add-ons to fetch the data from catchpoint. But after i mapped into splunk i can see only 12 ...

by Motivator in

Splunk integration with other tool

Hello I am having a single instance of Splunk enterprise on my environment ,Is there a way to forward the Splunk d...

by Explorer in

Query to list All indexes and sourcetypes of All Apps present in an instance

I need help to find a query that can list every source types and indexes of each and every app present in the search ...

by Engager in

Is it possible cluster master returns fqdn instead of IP's of Indexers ?

Is it possible cluster master returns fqdn instead of IP's of Indexers ? if yes please explain how ?

by Path Finder in

Is there a tool to forward logs from Windows 2000/2003 servers to Splunk?

Hi guys need your help. is there a tool which can monitor and forward logs from windows 2000/2003 servers to Splun...

by Explorer in

coldToFrozen Azure blob storage account

I have a distributed Splunk environment running in Azure IaaS. I need to start rolling my cold data off to archive an...

by Path Finder in

Forward data without effecting ingest volume

Hello, We have one universal forwarder, and two cloud instances. Currently I have all data going to 1 indexer, I'...

by Explorer in

Splunkd Service in splunk entprise 8

after installation of splunk enterprise 8.0, the Splunkd Service cannot restart

by Explorer in

Change log storage time

When the indexes were created, they were created by default. Now that I needed to know how long a log went from...

by Builder in

Wrongly merged Events/permanently blocked tcpout queue with Intermediate Universal Forwarder.

Using Universal forwarder as intermediate forwarder for source universal forwarders can cause Events being merged i...

by Splunk Employee in

inputs.conf `monitor` (re)ingest historic data

Hello, I have an inputs.conf monitor stanza configured to ingest syslog data that has been written to a file with ...

by Path Finder in

Report all Logon Activity != United States

I'd like to pull a logon report that shows me any logon activity that is != to the United States. Any help is great...

by Communicator in

Duplicate Data In Sourcetype

Hello, I have two Domain Controllers that are producing a lot of data, pushing my daily usage over the limit. I sa...

by Path Finder in

Splunk HTTP Event Collecter Spring Boot Log4j2 Causing Application to hang

I have a Spring Boot Application using an HTTP Event Collector to send logs to splunk using a Log4j2 Appender. https:...

by Observer in

Syslog Data Reaching Forwarder?

Hello, I need to check to see if Syslog data is reaching my forwarders. What would be the best query to use to check...

by Communicator in

How to forward events from Splunk Indexer to CyberArk PTA?

Q: Need to forward the data from all the indexes (Windows, Linux, etc...) to CyberArk PTA via Syslog or any other fro...

by Path Finder in

Last Time Heavy Forwarder received logs from it's Source

I've pieced together some SPL that shows me the last time the forwarder has sent its log data, but need to convert th...

by Communicator in

deleting misconfigured hosts

Hey guys I've been having trouble finding documentation about removing indexed data. After looking through the "met...

by Explorer in

Monitoring Docker containers like in the video

Hello, Where can we find instruction to setup Docker infrastructure monitoring like in the video below? https://w...

by Observer in

Universal forwarders ingestion behind F5 LB

Hi guys, I should find a solution to ingest a file on a network share that is managed from two server behind a load...

by Engager in

Splunk universal forwarder issues in windows

Hi All - I have installed SPlunk master in Linux and universal forwarder in Windows box. And Also opened all Ports ...

by Observer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Add field to windows event

Will upgrade to Splunk_TA_nix v8.2.0 still works with Splunk UF v7.0.4?

Route syslog from heavy forwarder to 3rd party, but only WinEventLogs?

TA-meraki Not Logging all Events to Splunk

Catchpoint Splunk addons

Splunk integration with other tool

Query to list All indexes and sourcetypes of All Apps present in an instance

Is it possible cluster master returns fqdn instead of IP's of Indexers ?

Is there a tool to forward logs from Windows 2000/2003 servers to Splunk?

coldToFrozen Azure blob storage account

Forward data without effecting ingest volume

Splunkd Service in splunk entprise 8

Change log storage time

Wrongly merged Events/permanently blocked tcpout queue with Intermediate Universal Forwarder.

inputs.conf `monitor` (re)ingest historic data

Report all Logon Activity != United States

Duplicate Data In Sourcetype

Splunk HTTP Event Collecter Spring Boot Log4j2 Causing Application to hang

Syslog Data Reaching Forwarder?

How to forward events from Splunk Indexer to CyberArk PTA?

Last Time Heavy Forwarder received logs from it's Source

deleting misconfigured hosts

Monitoring Docker containers like in the video

Universal forwarders ingestion behind F5 LB

Splunk universal forwarder issues in windows

Developer Spotlight with Paul Stout

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

Data-Driven Success: Splunk & Financial Services

No such file or directory: 'java' adding JMX acco...

WARN SSLCommon [53742 FwdDataReceiverThread] - Re...

Configuring Splunk OTel Collector for Linux/Window...

Upload failed with ERROR: Read Timeout

DB Connect SQL Procedures