Getting Data In

Community Activity

how to split the json array into multiple new events I have a json like this format { "id":"123412341234", "actions": [ { "type":"a", "status":"b", ... by wood1986 Explorer in Getting Data In 02-11-2021 13 20	13	20
Does a cluster supports multiple version of splunk?? Hi all,I have 3 search heads as a part of search head cluster and 5 indexers in the indexer cluster and also my searc... by Anu Path Finder in Getting Data In 02-11-2021 0 7	0	7
Microsoft Azure Add on for Splunk: backoff time not applied Hi,when using the parameter query window size in the input to retrieve Azure AD signins the backoff time is not appli... by phl92812 New Member in Getting Data In 02-11-2021 0 0	0	0
how to remove comma in number hiI try to remove the comma in my number but it doesnt worksCould you help me please?\| rex field=count mode=sed "s/,/... by jip31 Motivator in Getting Data In 02-11-2021 0 9	0	9
Is it best practice to use useACK in outputs.conf I have inherited a SPlunk environment and one thing i've noticed is that one all of our heavy forwarders are using us... by ekenne06 Path Finder in Getting Data In 02-11-2021 0 1	0	1
How to remove the header line from the log file so that data should be indexed without the header. Below is my log file, i need to send log to my index without the header name and with only the values with there resp... by srujana96 Explorer in Getting Data In 02-11-2021 0 0	0	0
Agents for old versions of windows Agents for old versions of windows.I have a client which has some devices with versions of windows 2012 and 2008On th... by splunkcol Builder in Getting Data In 02-10-2021 0 1	0	1
Is there a better way to parse DTS Compliant IAS logs (xml format)? DTS Compliant IAS logs are IAS logs wrapped in XML. Additional info: http://technet.microsoft.com/en-us/library/cc771... by pjaguilarjr New Member in Getting Data In 02-10-2021 0 7	0	7
black list regex files starting with a period (.) I have seen a few regex examples on this and I have used the regex tools online to test my regex to blacklist files t... by coreyCLI Communicator in Getting Data In 02-10-2021 0 3	0	3
Field alias on extracted fields not working on all fields I got an issue with a few field alias on extracted fields from a json log This is done on a search head and done in t... by erikwie Path Finder in Getting Data In 02-10-2021 0 0	0	0
Data input script stop ! I am collecting logs every 5 seconds using a script.However, script execution is suddenly stopped.Why does the script... by thkwon Explorer in Getting Data In 02-10-2021 0 4	0	4
Ingesting logs from rsyslog Im furious............2 hosts ( physical ) :: both Ubuntu Server. Read about Splunk and how dibi bleeps GHA ( soi... by awslabspl Observer in Getting Data In 02-09-2021 0 4	0	4
Need to install Jira module in python splunk . Need to install Jira module in python splunk . But it is not getting installed .How to install any custom module in s... by romansha Loves-to-Learn Lots in Getting Data In 02-09-2021 0 1	0	1
Problem anonymizing data in Splunk We want to anonymize the usernames in the following event using sed script.Raw event:{"externalId": null, "statusChan... by justynap_ldz Path Finder in Getting Data In 02-09-2021 0 2	0	2
Dropdown Hi,if input is add then show all data, if input is delete show only the added data to delete in splunkAdd num... by chuck_life09 Path Finder in Getting Data In 02-09-2021 0 2	0	2
Splunk enterprise not receive any data from Universal Forwarder Hi,I'm a trial user for Splunk. I have a setup in Azure: One Azure VM running Splunk Enterprise and four Azure VMs wi... by JakeK Loves-to-Learn in Getting Data In 02-09-2021 0 8	0	8
Can splunk recognize Chinese character timestamp 1.How can I extract timestamp to correct time as following ?2020/12/29 下午 02:39:45 "下午" means PM ==> 2020/12/29... by 123tk Loves-to-Learn Lots in Getting Data In 02-09-2021 0 4	0	4
Splunk Add-on for Microsoft Office 365 - M365 Enterprise Mobility + Security E3 Subscription Hi,I have a question related to the subscription of M365 services. Will the Splunk Add-on for Microsoft Office 365 ca... by vikesh Loves-to-Learn in Getting Data In 02-08-2021 0 0	0	0
Log ingestion Via HEC - Huge log volume Hi All,We are ingesting huge volume of logs from fluentd to splunk via HEC method. Will there be any loss as huge vol... by VijaySrrie Builder in Getting Data In 02-08-2021 0 1	0	1
configuring a receiver - cluster master hi,we have following setup1 cluster master, 3 indexers, 1 deployement server, 3 search heads, 1 Heavy forwarder and m... by sramiz Path Finder in Getting Data In 02-08-2021 0 3	0	3
find absence of data in splunk - iis Hello; We ingest IIS logs. Recently some of our iis calls lately haven't included the required username, causing the... by benj851 Explorer in Getting Data In 02-08-2021 0 1	0	1
Regex field extracting more than one field with same name and different value I got to extract some fields of a JSON log. Log buildup eksample:{"name":"cookie","Value":"Foo"}{"name":"cookie","Val... by erikwie Path Finder in Getting Data In 02-08-2021 0 2	0	2
Understanding how to use snowincident for servicenow/splunk integration Hello, I am really confused on how to use the snow commands such as the ones listed here: https://docs.splunk.com/Do... by asuh New Member in Getting Data In 02-07-2021 0 2	0	2
How to pull data from Sharepoint to Splunk? How to pull the data from SharePoint to Splunk? Because we need the total count of the data on the SharePoint by noelflorendo Observer in Getting Data In 02-07-2021 0 5	0	5
Routing and filtering syslog Have Palo Alto logs being sent to syslog-ng server. A UF is on the syslog-ng and forwarding logs to Heavy Forwarder. ... by ezparra05 Engager in Getting Data In 02-05-2021 0 1	0	1