Getting Data In

Community Activity

How to delete data / index (reset start from scratch) From UI it seems easy to add data but I don't see an option to delete existing data from index. I need the quick an d... by mldeschenes Explorer in Getting Data In 06-04-2021 8 14	8	14
Get a long string in a form of array without using Rex Hi Team,I have a field that has the data in this format below :[ { data data data }],[ {data data data}]As you see th... by beriwalnishant Path Finder in Getting Data In 06-04-2021 0 3	0	3
Overwrite index on each local csv file data pulling I have a need to overwrite an index every time a continously monitored local csv file is modified.This index should o... by cpm003 Path Finder in Getting Data In 06-04-2021 0 10	0	10
Split a nested json array with key/value pairs Hi all,Im trying to manually upload the following JSON file into splunk enterprise however its producing one event in... by shakSplunk Path Finder in Getting Data In 06-03-2021 0 7	0	7
Qualys IOError Activity log Hi,We're currently using host detection among other api calls with the Qualys app. I recently tried utilizing the act... by TheBravoSierra Path Finder in Getting Data In 06-03-2021 0 0	0	0
Enterprise causing server to freeze I admin a Splunk Enterprise instance for an isolated LAN that has 3 workstations and two DCs (1 is file server, 2 is ... by michaeler Communicator in Getting Data In 06-03-2021 0 0	0	0
Custom Search Command pass arguments as subsearch I need to pass two values to my Custom Search Command.These are my Options: x = Option(require=True) y = Option(req... by Unige2021 Loves-to-Learn in Getting Data In 06-03-2021 0 0	0	0
Custom search command Values for these required options are missing: ... I need to pass to my python custom search command two values: x and y.I found some examples where it's shown this: x... by Unige2021 Loves-to-Learn in Getting Data In 06-03-2021 0 1	0	1
Why does the _json default sourcetype work, but a clone of it doesn't? Hello!Running Splunk Enterprise 8.0.5.I have a scripted input that calls an Azure Event Hub and parses the json respo... by andrewtrobec Motivator in Getting Data In 06-03-2021 0 3	0	3
Json parsing - Failed to parse timestamp Hi all,I'm quite new to splunk. I've been testing the manual upload of the following json file to splunk enterprise. ... by shakSplunk Path Finder in Getting Data In 06-03-2021 0 3	0	3
Replications not happening for certain buckets (version 6.3.1). We have a single-site indexer cluster with 2 indexers and one cluster master. We are seeing some issues related to on... by satyamm Explorer in Getting Data In 06-02-2021 0 2	0	2
Monitoring a config file, index only the changes Hello there,First off, im new to Splunk and im evaluating if all our auditing / monitoring / reporting needs can be ... by Azunai Loves-to-Learn Lots in Getting Data In 06-02-2021 0 1	0	1
Windows - Filtering Forwarded Events based on LogName I have a use-case:There is a WEC server receving logs from a server farm. I need to forward only security events from... by PickleRick SplunkTrust in Getting Data In 06-02-2021 0 4	0	4
Need help with REST API on Splunk Cloud Hello,I have a request to receive the data from an application into splunk cloud using REST API.Opt 1: Requested splu... by Roy_9 Motivator in Getting Data In 06-02-2021 0 2	0	2
Integrate Crowdstrike with Splunk Looking for a documentation where the steps are mentioned to get the crwodstrike logs on Splunk. What is the procedur... by akashbhardwaj10 New Member in Getting Data In 06-01-2021 0 1	0	1
Splunk DB Connect: Install on SQL Server itself? I've been surfing the documentation for Splunk DB Connect, and can't find any indication that I need to install anyth... by jasongb Path Finder in Getting Data In 06-01-2021 0 4	0	4
Indexing and parsing Azure AD logs I am new to splunk, we are currently trying to configure Splunk to parse AzureAD logs being received from a Syslog se... by vrajshekar Path Finder in Getting Data In 06-01-2021 0 3	0	3
HEC replacing underscore (_) with space ( ) I'm working with Proofpoint Threat Response events that are being sent to our instance of Splunk using an HEC connect... by jwhughes58 Contributor in Getting Data In 06-01-2021 0 0	0	0
Windows Forwarder to read eventlog from another windows server Hi Friends,We have old 2003 Windows server where we can not install UF anymore. So we want to read EventLogs from Win... by anantdeshpande Path Finder in Getting Data In 06-01-2021 0 5	0	5
Unpacking and Uploading certain files from an archive automatically/scripted What is the best way to get data into Splunk from a zip file (files in different subfolders of the zip) in an automat... by ValentinM Engager in Getting Data In 06-01-2021 0 2	0	2
AGREETOLICENSE not agreeing? Windows10 I'm trying to install Splunk UF through an MDM onto windows 10 but i'm running into an issue with the AGREETOLICENSE ... by phongshader New Member in Getting Data In 05-31-2021 0 4	0	4
Same sourcetype different data sets I have a source type for multiple CSV files where it is configured as with a no_timestamp. For now I have used this ... by willadams Contributor in Getting Data In 05-31-2021 0 2	0	2
How to pull logs into Splunk from Proofpoint via APIs or any other methods from a Proofpoint Cloud instance? Has anyone done Splunk and Proofpoint Cloud instance integration? I am looking for help to pull the logs from Proofpo... by daniel_augustyn Contributor in Getting Data In 05-31-2021 1 19	1	19
Route and filter data that is received only from certain index from tcp 9997 port Based on thishttps://docs.splunk.com/Documentation/Splunk/8.2.0/Forwarding/Routeandfilterdatad#Filter_data_by_target_... by z080236 Explorer in Getting Data In 05-31-2021 0 1	0	1
Using ASCII FS/GS Control Characters as Delimiters Hello! I'm having such a hard time with this but I know it is super-simple to do. Our log files are structured to u... by nboscia Engager in Getting Data In 05-29-2021 0 2	0	2