Getting Data In

Community Activity

Do I have to use Splunk Connect for Syslog with the Cisco Networks Add-on for Splunk? We're running v8.0.7. We ingest syslog data through a cluster of servers running rsyslog and UFs. I'm looking to in... by ericlarsen Path Finder in Getting Data In 01-29-2021 0 1	0	1
Universal Forwarder and props.conf and transforms.conf Just a quick question regarding the "Universal Forwarder" I have setup my inputs.conf and outputs.conf in /opt/... by phoenixdigital Builder in Getting Data In 01-29-2021 4 6	4	6
Timeformat Hello members, Can you help me out to find out , what will be exact timeformat for this time below and timeprefix as ... by uagraw01 Motivator in Getting Data In 01-29-2021 0 4	0	4
Data going to main even after set to different index Hi all, I have install splunk forwarder in 1 centos device, sending to indexer. From the search head, i can see data... by johnlzy0408 Loves-to-Learn Everything in Getting Data In 01-29-2021 0 4	0	4
Browser history I want to collect chrome browser logs, for example historyhow can I configure it via Splunk? by bossere New Member in Getting Data In 01-29-2021 0 0	0	0
Ingestion with Microsoft Teams add-on Hi All,We runs only one splunk instance within our network and plans to open IP ranges and ports in order to collect ... by brandy81 Path Finder in Getting Data In 01-28-2021 0 0	0	0
how to start up the stream fwd process hi on a windows server how would i start the streamfwd process? I had to END the process in taskmgr but now I want to... by iherb_0718 Path Finder in Getting Data In 01-28-2021 0 1	0	1
Filtering data out with RegEx based on blacklist works only partially Hi guys!I want to filter data out on my forwarder by using Regular Expression in transforms.conf. The strange thing i... by kepffr Explorer in Getting Data In 01-28-2021 0 6	0	6
SEDCMD to alter text - Redacting Hi All,I have events with text strings like this: ..._Code/> <InDesc>Diagnosis=Read Code,Comment=carrying \| ladder... by KeithH Communicator in Getting Data In 01-28-2021 0 0	0	0
[HEC] timestamp recognition We have data ingesting into Splunk via HEC token, and observed the time parsing of the event is not taking properly.E... by sylim_splunk Splunk Employee in Getting Data In 01-28-2021 1 1	1	1
[AWS TA] Data being delayed after 5.0.3 upgrade. We are seeing delay in indexing - this started to happen after the AWS TA 5.0.3 upgrade from 4.0.6.In the TA log ther... by sylim_splunk Splunk Employee in Getting Data In 01-28-2021 0 1	0	1
How to track delay of event on a day to day basis? Hi!I currently have a csv file which shows the expected time my daily reports should be sent out.I also have a search... by dl70 Loves-to-Learn in Getting Data In 01-28-2021 0 3	0	3
XML Data Line Breaking on DateTime tag Here is my data normally.2021-01-26 00:00:44.2885 [INFO] SIXPACService.SplunkForwarder.SplunkWriter Attempting to Spl... by ekenne06 Path Finder in Getting Data In 01-28-2021 0 2	0	2
Sourcetype Override is not working the problem i'm currently having:Software team has logs being written to a file of mixed format and structure. I'm tr... by ekenne06 Path Finder in Getting Data In 01-28-2021 0 4	0	4
SC4S Timestamp Extraction for Custom Inputs Hi, I created my custom input (mytest.conf.tmpl) by coping the /opt/sc4s/local/config/log_paths/lp-example.conf.tmpl.... by mbozbura Engager in Getting Data In 01-28-2021 0 0	0	0
Single server timestamp issues Hello all,I am currently running into issues with netscaler logs with the following format: 2021-01-28T06:14:09.88450... by tpa_splunk Loves-to-Learn Lots in Getting Data In 01-27-2021 0 2	0	2
Splunk not getting syslogs. Hello all,I am having a problem with my Splunk install that it has stopped accepting syslogs from my Cisco ASA. It wa... by deca2499 Engager in Getting Data In 01-27-2021 0 2	0	2
Field extraction issue on events with no sourcetype information Using Splunk 6.6.2, I've created a search to look for supervisord events on two different hosts. These events are no... by wadesworld Engager in Getting Data In 01-27-2021 0 2	0	2
Windows Defender Endpoint / ATP via Azure Event Hub I'm using the Splunk Addon for Microsoft Cloud Service to import our ATP / Microsoft Defender Endpoint Data into Splu... by pcookhayboo Explorer in Getting Data In 01-27-2021 0 0	0	0
forwarder Logs Hi, I am forwarding logs to indexer and also to third party server from my universal forwarderI am sure what we ar... by splkadmin Explorer in Getting Data In 01-27-2021 0 5	0	5
monitor security windows events with syslog hi there,i monitor windows security event log from the DC with RAW SYSLOG.i can see in Splunk the raw data (without t... by LiorG Engager in Getting Data In 01-27-2021 0 0	0	0
Not getting EventCodes 4103 and 4104 even though logging is enabled (powershell). I'm trying to get better visibility of our PowerShell activity in one of my boxes (cola182) so I enabled process Audi... by weetabixsplunk Explorer in Getting Data In 01-26-2021 0 1	0	1
Insert text into certain logs going to a 3rd party? I'm looking to insert some text at our heavy forwarder into certain sourcetypes that a 3rd party running syslog-ng wi... by eblackburn Path Finder in Getting Data In 01-26-2021 0 1	0	1
Change timezone props.conf Hi,I need help adding a line in my props.conf file that will convert lastupdatedt time from UTC to Mountain time. Exa... by TheBravoSierra Path Finder in Getting Data In 01-26-2021 0 1	0	1
calculate Time difference in stats Hello, I have this query Index = s098_prod sourcetype=SERVER_PROD SCRIPT_ID=6SW* NOT (name="Logout" OR name="Login" ... by hazemfarajallah Explorer in Getting Data In 01-26-2021 0 17	0	17