Getting Data In

Community Activity

Input tab doesn't load : Microsoft Azure Add-On Hi, We have to ingest activity log into Splunk. We installed Microsoft add-on for Splunk on our heavy forwarder. When... by venkattm Loves-to-Learn in Getting Data In 02-13-2021 0 1	0	1
System Time in Splunk off but log times are correct Here is my environmentCluster Master, License Master, Deployment Server (on one Splunk instance)Cluster of 3 indexes ... by courtneyj Engager in Getting Data In 02-13-2021 0 1	0	1
Help filter out unwanted data from indexing using nullqueue Please Hi if someone could please help that would be great, I have events showing up in the indexer that are pushing me over... by marcusmartin Path Finder in Getting Data In 02-12-2021 0 6	0	6
HEADER_FIELD_LINE_NUMBER = 1 not working While trying to get the data from UF to indexer, the header is getting indexed as well. Attached the log file and the... by srinivasgowda Explorer in Getting Data In 02-12-2021 0 1	0	1
Timestamp recognition when date appears once but time appears on every line Hi, I can't seem to work out how to do this. I've looked in the documentation but can't find an example. I am trying ... by jbesant Explorer in Getting Data In 02-12-2021 0 0	0	0
Regex during getting data in Hello Everyone,I have a question. I have events like:Mon Mar 19 20:16:03 2018 Info: Delayed: DCID 8414309 MID 1941090... by bosseres Contributor in Getting Data In 02-11-2021 0 3	0	3
How to efficiently push data to Splunk Dear Splunk community,I have a Python application that pushes data to Splunk every time is executed. Multiple events ... by Valentin Engager in Getting Data In 02-11-2021 0 4	0	4
Nullqueue filtering Hello All,Grateful for assistance on this one.We have several areas where servers are HA pairs and write to a server ... by timrich66 Communicator in Getting Data In 02-11-2021 0 5	0	5
how to split the json array into multiple new events I have a json like this format { "id":"123412341234", "actions": [ { "type":"a", "status":"b", ... by wood1986 Explorer in Getting Data In 02-11-2021 13 20	13	20
Does a cluster supports multiple version of splunk?? Hi all,I have 3 search heads as a part of search head cluster and 5 indexers in the indexer cluster and also my searc... by Anu Path Finder in Getting Data In 02-11-2021 0 7	0	7
Microsoft Azure Add on for Splunk: backoff time not applied Hi,when using the parameter query window size in the input to retrieve Azure AD signins the backoff time is not appli... by phl92812 New Member in Getting Data In 02-11-2021 0 0	0	0
how to remove comma in number hiI try to remove the comma in my number but it doesnt worksCould you help me please?\| rex field=count mode=sed "s/,/... by jip31 Motivator in Getting Data In 02-11-2021 0 9	0	9
Is it best practice to use useACK in outputs.conf I have inherited a SPlunk environment and one thing i've noticed is that one all of our heavy forwarders are using us... by ekenne06 Path Finder in Getting Data In 02-11-2021 0 1	0	1
How to remove the header line from the log file so that data should be indexed without the header. Below is my log file, i need to send log to my index without the header name and with only the values with there resp... by srujana96 Explorer in Getting Data In 02-11-2021 0 0	0	0
Agents for old versions of windows Agents for old versions of windows.I have a client which has some devices with versions of windows 2012 and 2008On th... by splunkcol Builder in Getting Data In 02-10-2021 0 1	0	1
Is there a better way to parse DTS Compliant IAS logs (xml format)? DTS Compliant IAS logs are IAS logs wrapped in XML. Additional info: http://technet.microsoft.com/en-us/library/cc771... by pjaguilarjr New Member in Getting Data In 02-10-2021 0 7	0	7
black list regex files starting with a period (.) I have seen a few regex examples on this and I have used the regex tools online to test my regex to blacklist files t... by coreyCLI Communicator in Getting Data In 02-10-2021 0 3	0	3
Field alias on extracted fields not working on all fields I got an issue with a few field alias on extracted fields from a json log This is done on a search head and done in t... by erikwie Path Finder in Getting Data In 02-10-2021 0 0	0	0
Data input script stop ! I am collecting logs every 5 seconds using a script.However, script execution is suddenly stopped.Why does the script... by thkwon Explorer in Getting Data In 02-10-2021 0 4	0	4
Ingesting logs from rsyslog Im furious............2 hosts ( physical ) :: both Ubuntu Server. Read about Splunk and how dibi bleeps GHA ( soi... by awslabspl Observer in Getting Data In 02-09-2021 0 4	0	4
Need to install Jira module in python splunk . Need to install Jira module in python splunk . But it is not getting installed .How to install any custom module in s... by romansha Loves-to-Learn Lots in Getting Data In 02-09-2021 0 1	0	1
Problem anonymizing data in Splunk We want to anonymize the usernames in the following event using sed script.Raw event:{"externalId": null, "statusChan... by justynap_ldz Path Finder in Getting Data In 02-09-2021 0 2	0	2
Dropdown Hi,if input is add then show all data, if input is delete show only the added data to delete in splunkAdd num... by chuck_life09 Path Finder in Getting Data In 02-09-2021 0 2	0	2
Splunk enterprise not receive any data from Universal Forwarder Hi,I'm a trial user for Splunk. I have a setup in Azure: One Azure VM running Splunk Enterprise and four Azure VMs wi... by JakeK Loves-to-Learn in Getting Data In 02-09-2021 0 8	0	8
Can splunk recognize Chinese character timestamp 1.How can I extract timestamp to correct time as following ?2020/12/29 下午 02:39:45 "下午" means PM ==> 2020/12/29... by 123tk Loves-to-Learn Lots in Getting Data In 02-09-2021 0 4	0	4