Getting Data In

Community Activity

Splunk DB Connect: Install on SQL Server itself? I've been surfing the documentation for Splunk DB Connect, and can't find any indication that I need to install anyth... by jasongb Path Finder in Getting Data In 06-01-2021 0 4	0	4
Indexing and parsing Azure AD logs I am new to splunk, we are currently trying to configure Splunk to parse AzureAD logs being received from a Syslog se... by vrajshekar Path Finder in Getting Data In 06-01-2021 0 3	0	3
HEC replacing underscore (_) with space ( ) I'm working with Proofpoint Threat Response events that are being sent to our instance of Splunk using an HEC connect... by jwhughes58 Contributor in Getting Data In 06-01-2021 0 0	0	0
Windows Forwarder to read eventlog from another windows server Hi Friends,We have old 2003 Windows server where we can not install UF anymore. So we want to read EventLogs from Win... by anantdeshpande Path Finder in Getting Data In 06-01-2021 0 5	0	5
Unpacking and Uploading certain files from an archive automatically/scripted What is the best way to get data into Splunk from a zip file (files in different subfolders of the zip) in an automat... by ValentinM Engager in Getting Data In 06-01-2021 0 2	0	2
AGREETOLICENSE not agreeing? Windows10 I'm trying to install Splunk UF through an MDM onto windows 10 but i'm running into an issue with the AGREETOLICENSE ... by phongshader New Member in Getting Data In 05-31-2021 0 4	0	4
Same sourcetype different data sets I have a source type for multiple CSV files where it is configured as with a no_timestamp. For now I have used this ... by willadams Contributor in Getting Data In 05-31-2021 0 2	0	2
How to pull logs into Splunk from Proofpoint via APIs or any other methods from a Proofpoint Cloud instance? Has anyone done Splunk and Proofpoint Cloud instance integration? I am looking for help to pull the logs from Proofpo... by daniel_augustyn Contributor in Getting Data In 05-31-2021 1 19	1	19
Route and filter data that is received only from certain index from tcp 9997 port Based on thishttps://docs.splunk.com/Documentation/Splunk/8.2.0/Forwarding/Routeandfilterdatad#Filter_data_by_target_... by z080236 Explorer in Getting Data In 05-31-2021 0 1	0	1
Using ASCII FS/GS Control Characters as Delimiters Hello! I'm having such a hard time with this but I know it is super-simple to do. Our log files are structured to u... by nboscia Engager in Getting Data In 05-29-2021 0 2	0	2
Eval c= USLanguage = abcdENGLISH123qw..... \| rex fields=Language "\w{4}(?<myval>)\d{4}"\| eval ans=case(c="US",myval, true(... by Khuzair81 Path Finder in Getting Data In 05-29-2021 0 1	0	1
Condition c1 = US, c2 = UAEL1 = English, L2 = ArabicI want to get the answer in "ans" like, If c1= US, then ans= L1elseif c... by Khuzair81 Path Finder in Getting Data In 05-29-2021 0 5	0	5
syslog data on udp port is showing as zero bytes in Splunk Hi Splunk experts, I ran into a strange situation in Splunk wherein udp connections but data size is zero. Just to... by vikasverma1985 New Member in Getting Data In 05-28-2021 0 1	0	1
AWS Grand Central Add-on with nested AWS OUs We installed the Grand Central 3.0.7 add-on installed in our Splunk Cloud environment and were working on configuring... by rbolande Explorer in Getting Data In 05-28-2021 0 0	0	0
How to SEDCMD nested json calculated as string? Hey Splunkers! We have a large json event that has a Body Message, and BodyJson Message, a little redundant but this ... by Aatom Explorer in Getting Data In 05-28-2021 0 4	0	4
How do I create extractions where it can pick field names from the events See events below I have 2 types of logs from one source where I need to map fields vs values ...I dont want to create complex regex as... by puneetkharband1 Path Finder in Getting Data In 05-28-2021 0 4	0	4
Rex field1=abcdCheck:123456wxyz, sdfCheck:234567qweI want get the result as Check:123456 by Khuzair81 Path Finder in Getting Data In 05-28-2021 0 3	0	3
Do shortened events from universal forwarder count towards license? Hi,Our event size is set to the default 10,000 bytes. We are using the universal forwarder to get log events to our i... by Som Explorer in Getting Data In 05-28-2021 0 7	0	7
How to setup a Universal Forwarder to forward syslog data from firewall I have a windows 2019 SRV and will be installing splunk forwarder 8.0.4I have a firewall and I have set the IP of thi... by jbleich Path Finder in Getting Data In 05-27-2021 0 3	0	3
Logs are stopped genarating from 2nd april My logs showing before April 2nd only when I check for previous 7 days it's not showing what may be the issue please ... by anil1432 Explorer in Getting Data In 05-27-2021 0 9	0	9
sending data from s3 to splunk Hi , i am sending aws s3 data through aws TA into splunk.In start data is indexing properly after 2 day,stops the ind... by snehal Loves-to-Learn Lots in Getting Data In 05-27-2021 0 3	0	3
Universal Forwarder and AppLocker Events XML Hey Guys trying to toubleshoot an issue here. Trying to get the XML events from the UF on Windows machines into splu... by pirsa Explorer in Getting Data In 05-27-2021 0 4	0	4
Why is my Index Current Size greater than my Max Size (Cluster) Hi Splunk Folk,I've spent most of the morning trying to find this with no luck, I've seen some similar posts but none... by richardgosnay Explorer in Getting Data In 05-27-2021 0 1	0	1
Space Delimeter Problem with Quotation Mark So IIS logs are usually delimited by a space between every other field, however I have recently realized that when a ... by zekiramhi Path Finder in Getting Data In 05-27-2021 0 0	0	0
How do you test a modular input on the command line with a valid session_key? I'm writing a modular input (simpleinput) which stores its password using StoragePasswords facility offered by the Sp... by envancleve Engager in Getting Data In 05-27-2021 1 2	1	2