Getting Data In

Community Activity

Microsoft Azure Add on for Splunk (TS-MS-AAD v 3.1.1) error:309 \| _Splunk_ Unable to obtain access token Hello I am installing a fresh new install of this app to replace our old version (1.2.4)I am using the same credentia... by Azeemering Builder in Getting Data In 03-30-2021 0 1	0	1
CPU Utilization of Splunk Forwarder running on Linux machine showing wrong values Hi, I have two servers running on Centos that have Universal Forwarder installed and I've enabled the following:But u... by hishamjan Explorer in Getting Data In 03-29-2021 0 3	0	3
How to run a nested loop? Hi,I have one field containing an array within an array.How can I run a for loop to query the nested arrays and displ... by aditya Engager in Getting Data In 03-29-2021 0 4	0	4
Help extracting key value pairs within a grouped/nested field. I'm trying to pull KV pairs from a event field, and having trouble. The issue is I don't know what the field names wi... by timgren Path Finder in Getting Data In 03-26-2021 0 2	0	2
Rest api & splitting json events with fields and timestamps Hi, im really struggling to split out events from my json at the moment.currently i only get a single event with mult... by luminousplumz Engager in Getting Data In 03-26-2021 0 1	0	1
Extract JSON data within the logs ( JSON mixed with unstructured data) We got a requirement to extract information from log file. The log file contains JSON data which is the bread-butter ... by koshyk Super Champion in Getting Data In 03-26-2021 6 17	6	17
how to write props and transforms.conf for docker services I am getting output for docker services in linux server (docker ps -a - linux command) . it will list the services... by DataOrg Builder in Getting Data In 03-26-2021 0 0	0	0
How do i get tiemstamp of when an index was created? I basically i want to get a timestamp of when an index created in Splunk...I am aware that the timestamp of when each... by mguhad Communicator in Getting Data In 03-26-2021 0 0	0	0
How to write a monitoring stanza in inputs.conf to monitor a file in linux using splunk. Hi All, Can any help me on how to write a stanza in inputs.conf to monitor a file in linux. Files to be monitored :... by Hemnaath Motivator in Getting Data In 03-26-2021 0 13	0	13
Splunk Smartstore : Bucket status Hi All,We have Indexer cluster configured on AWS EC2 Instances which is configured with Smart store. Since this is ... by samadmemon Explorer in Getting Data In 03-25-2021 0 1	0	1
List of servers sending logs to Heavy forwarder Hello All, We have 20 indexers and 5 HF's in our Environment. HF's are forwarding their data to indexers. I'd need to... by Master_Blaster Explorer in Getting Data In 03-25-2021 0 2	0	2
Appendcols - Issue in the output of the query Query1 : index="" earliest=-1mon@mon latest=@mon\| stats countO/P : 25,419,925,723Query2 : index="" earliest=-2mon@m... by vn_g Path Finder in Getting Data In 03-25-2021 0 4	0	4
Index data from shell script with headers I want to index a shell script output thro inputs.conf.I have configured the script [script://$SPLUNK_HOME/etc/apps/s... by DataOrg Builder in Getting Data In 03-25-2021 0 0	0	0
forwarder stopped in AIX I installed splunk universal forwarder version 6 in AIX and it stopped automatically after some time. please let me k... by kml_uvce Builder in Getting Data In 03-24-2021 0 2	0	2
Capture historical data of processes in AIX I am new to Splunk and was wondering if there is a way to capture the historical data of the amount of CPU or Memory ... by kkoene Engager in Getting Data In 03-24-2021 0 2	0	2
How do I locate KVstore & scripted based look ups? Under lookups I see a few .csv based & few look up definitions. So where are the KVstore based or scripted based look... by SamHTexas Builder in Getting Data In 03-24-2021 0 2	0	2
Splunk field extractor ignors comma towards the end I have a CSV with the following data 19,john doe,blue car,NAY,NA,YAY,,NIL,,,,NA,, There are 14 fields in the above li... by termcap Path Finder in Getting Data In 03-24-2021 0 0	0	0
Splunk log management I know splunk manages its own internal logs and there is log.cf and local-log.cfg. I am wondering can we manage log f... by singhba1 New Member in Getting Data In 03-24-2021 0 1	0	1
Configured but Inactive Forwards, inspite of resolving Firewall issue. Why? Hello I am trying to configure a forwarder between a Linux Machine and a Windows machine. My Splunk is installed on ... by smk54 New Member in Getting Data In 03-24-2021 0 3	0	3
splunk forwarder up-gradation using tar file on custom path Hi All, We are planning to upgrade splunk forwarders with ansible. We observed that our forwarders are running on cus... by btshivanand Path Finder in Getting Data In 03-24-2021 0 7	0	7
The monitor input cannot produce data because splunkd's processing queues are full. This will be caused by inadequate in The monitor input cannot produce data because splunkd's processing queues are full. This will be caused by inadequate... by imam99 Loves-to-Learn Lots in Getting Data In 03-24-2021 0 1	0	1
Cisco IOS Have recently been administrating our Splunk deployments. My question is in the CISCO TA app our props.conf has [sour... by amack Observer in Getting Data In 03-23-2021 0 0	0	0
What is the best way to forward Vcenter and ESXi host logs to Splunk? Hello, I am working on a project to get logs from Vcenter and ESXi host to Splunk . question 1 ) Is Vcenter app fo... by raomu Explorer in Getting Data In 03-23-2021 1 1	1	1
Windows monitored file duplicate data I have a csv file that is written to once a day. The input points to a custom sourcetype [csvtest] which has approp... by darrenfuller Contributor in Getting Data In 03-23-2021 0 0	0	0
How do I get a count of applications deployed to forwarders? The Deployment Server - (Settings -> Forwarder Management) shows Host Name, Client Name, Instance Name, IP Address, A... by rholm01 Explorer in Getting Data In 03-23-2021 0 7	0	7