Getting Data In

Community Activity

	Change index based on source and index from different environments Hello,we have Windows servers from two environments, we want WinEventLog source (Windows Events logs) to go in "windo... by splunkreal Influencer in Getting Data In 04-07-2025 0 5	0	5
	Can I bring the logs to see if a user on Azure has MFA enabled? HI everyone,I need to check my logs to see if a user has MFA enabled or not. I've already configured Microsoft Azure ... by toporagno Explorer in Getting Data In 04-06-2025 0 1	0	1
	Splunk UF version 9.4.1 install issue OS Version: Server 2019I'm trying to install Splunk UF in my test lab. Using the GUI install, I put all the necessary... by christal654 Observer in Getting Data In 04-05-2025 0 5	0	5
	Syslog-ng error Hi,I setup the syslog-ng to receive syslog from devices and splunk HF on the same server will read those logs files.H... by tech_g706 Path Finder in Getting Data In 04-05-2025 0 3	0	3
	Having multiple Forwarders sharing the same Instance GUID As the title suggests, I am having multiple Universal Forwarders sharing the same Instance GUID due to the mistake of... by Na_Kang_Lim Path Finder in Getting Data In 04-04-2025 0 9	0	9
	Change initial date then stop ingestion I have disabled input (generic S3) of aws add-on for a year. After I enable it, it ingests old data so I disable it a... by karn Path Finder in Getting Data In 04-03-2025 0 2	0	2
	Ingesting application logs from Docker container into Splunk Cloud Hi everyone,I'm seeking advice on the best way to send application logs from our client's Docker containers into a Sp... by tawm_12 Engager in Getting Data In 04-02-2025 0 2	0	2
	How to solve duplicate GUIDs of Forwarders? As the title suggests, I am having multiple Universal Forwarders sharing the same Instance GUID due to the mistake of... by Na_Kang_Lim Path Finder in Getting Data In 04-02-2025 0 1	0	1
	How to convert "data" Field to "event" in Splunk HTTP Event Collector (HEC)? I'm ingesting data into Splunk via the HTTP Event Collector (HEC), but the data is wrapped inside a "data" key instea... by bhavesh0124 Explorer in Getting Data In 04-02-2025 0 5	0	5
	Akamai WAF integration with Splunk I have installed akamai add on for splunk in our HF. https://splunkbase.splunk.com/app/4310 I followed the documentat... by jitbahan New Member in Getting Data In 04-02-2025 0 7	0	7
	Windows splunk_wmi.exe Hi,Windows UF stopped sending events. I saw this event in _internal index'message from ""C:\Program Files\SplunkUnive... by zafar Engager in Getting Data In 04-02-2025 0 3	0	3
	Very long log events coming over syslog 514/udp are cut HelloHas anyone encountered the situation of incomplete log transmission using UDP 514? Would changing to TCP be usef... by Zoe_ Observer in Getting Data In 04-01-2025 0 2	0	2
	Universal Forwarders stopped sending data to Heavy Forwarders over HTTP after upgrading Heavy Forwarders to 9.3.x Hi,We recently upgraded the Heavy Forwarders (HF) of our Splunk Enterprise. After the upgrade the Universal Forwarder... by ArtieZ Explorer in Getting Data In 03-31-2025 0 8	0	8
	DB Connect SQL Procedures I've been using dbxquery connection=my_connection procedure=my_procedure to build reports and a few that my DBAs have... by Kyles Observer in Getting Data In 03-31-2025 0 1	0	1
	Issue with props.conf and transforms.conf – Port-Based Filtering Not Working Dear Splunk Support,I am encountering an issue while configuring Splunk to filter logs based on specific ports (21, 2... by Namchin_Bar New Member in Getting Data In 03-31-2025 0 2	0	2
	Akamai data input throwing error Hi all, I am trying to pull Akamai logs to Splunk. Hence installed this app in HF - https://splunkbase.splunk.com/ap... by Karthikeya Communicator in Getting Data In 03-31-2025 0 21	0	21
	The events associated with this job have no sourcetype information I want to route dataI want to split one sourcetype into two.When I click Extract New Fields... by bedrocho Explorer in Getting Data In 03-30-2025 0 4	0	4
	TA deployment question I'm looking for training that would cover at when deploying a TA if it would have to go to the indexer level rather t... by SplunkStudent2 Engager in Getting Data In 03-30-2025 0 3	0	3
	Modular input issue We are installing modular input (akamai add-on) to get akamai logs to Splunk.In our environment, we have kept modular... by Karthikeya Communicator in Getting Data In 03-30-2025 0 8	0	8
	Do I need to use INDEXED_EXTRACTIONS when using FIELD_DELIMITER & FIELD_NAMES on UF? I've noticed an issue with one of my syslog indexes. I have a syslog server centralizing and forwarding syslogs for 6... by StephenD1 Path Finder in Getting Data In 03-28-2025 0 1	0	1
	How to parse this kind of log I have this kind of log:Mar 18 02:32:19 MachineName python3[948]: DEBUG:root:... Dispatching: {'id': '<id>', 'type': ... by Na_Kang_Lim Path Finder in Getting Data In 03-28-2025 0 8	0	8
	Why can't I download from OpenCTI Stream Feed into Splunk? Hi,I just want to input OpenCTI feed from OpenCTI to Splunk.I followed installation instruction.https://splunkbase.sp... by goji Path Finder in Getting Data In 03-28-2025 0 3	0	3
	SSL/TLS Configuration on Splunk Forwarder (Windows) Hello,I’ve been reviewing the documentation for configuring SSL/TLS on a Splunk forwarder, but I couldn’t find the sp... by BRFZ Communicator in Getting Data In 03-28-2025 0 9	0	9
	import vendor security advisories for comparison with inventory Hello,Can Security Essentials import security advisories from vendors like Broadcom or Microsoft?I would like to comp... by Andre_ Path Finder in Getting Data In 03-27-2025 0 2	0	2
	How to combine multiple data input into one with different polling interval Hi Team,How to combine multiple data input into one, basically I am having 5 different data inputs where I am taking ... by KJ10 Engager in Getting Data In 03-27-2025 0 3	0	3