Getting Data In

Discussions

Thread Info

How do I upload a csv file and then it will generate a separate chart instead of adding to an existing chart?

I want to upload several csv files and I hope that each csv file can be a separate chart instead of adding to an exis...

by Engager in

Move data from old Splunk 6.3.2 to New Splunk 8.1.3 help

Hello everyone, I have been trying to move data from my old 6.3.2 splunk to the new 8.1.3 splunk which is empty. ...

by New Member in

Can we apply multiple time settings via props for same feed

Hi All, Have seen a few options for the issue I have, but wanted to know if Splunk can handle applying multiple pro...

by Path Finder in

How can I ingest windows logs that were backed up

Prior to a customer getting splunk, they 7-zipped there logs and copied them to a server. I just got them a brand ne...

by Path Finder in

REgex to mask half of the data in splunk

Can someone help me with th regex to put in props.conf file to mask the data as below . Except the first three letter...

by Explorer in

Monitor Files and Directories - configured - but nothing is indexing ?

File Monitor configured - but nothing is indexing ? here is my inputs.conf [monitor://C:\xxxx\xxxxxx\xxxxxxx\xxx...

by Explorer in

How to truncate a field or limit a field value

I have a field called org_name in the data as below Org_name="davidcareerhome" Org_name ="Ethanfurniture" I w...

by Explorer in

Timestamp extraction failed if no INDEXED_EXTRACTION=json on props.conf

Hello, On a monoinstance Splunk, I'd like to ingest some simple JSON data : { GDH: 2021-07-08 16:54:00.6...

by Communicator in

Adding custom logs from Event Viewer stanza

Anybody has experience with adding custom logs from Event Viewer to inputs.conf? Is it enogh to put stanza: [WinE...

by New Member in

Filtering Windows Events using XML in inputs.conf

Somobody has experience with filtering (supressing) Windows event using XML in Splunk inputs.conf? So I have XML to...

by New Member in

Cisco Secure eStreamer Client Autolookup estreamer_fw_action commented out

After updating our TA we realized the action field autolookup wasn't working anymore. Digging through the TA I see in...

by Loves-to-Learn Everything in

Splunk App for infrastructure entities by role

Hey! I am trying to install Splunk App for infrastructure on our distributed Splunk platform and I was wondering w...

by New Member in

Adding new threat list feed into splunk

Hello all, I am having issues with adding AlienVault OTX as a intelligence feed into splunk. At first, when i didn'...

by Contributor in

How to view pdf as splunk dashboard

I generated reports for a certain dataset from splunk and saved it as a pdf, now in future I wish to import that same...

by Explorer in

Unable to forward syslog from NetScaler Service VMs (SVMs)

We have asked our customers to forward syslog from Netscaler Service VMS (SVMs) to our Splunk syslog servers. We have...

by Communicator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How do I upload a csv file and then it will generate a separate chart instead of adding to an existing chart?

Move data from old Splunk 6.3.2 to New Splunk 8.1.3 help

Can we apply multiple time settings via props for same feed

How can I ingest windows logs that were backed up

REgex to mask half of the data in splunk

Monitor Files and Directories - configured - but nothing is indexing ?

How to truncate a field or limit a field value

Timestamp extraction failed if no INDEXED_EXTRACTION=json on props.conf

Adding custom logs from Event Viewer stanza

Filtering Windows Events using XML in inputs.conf

Cisco Secure eStreamer Client Autolookup estreamer_fw_action commented out

Splunk App for infrastructure entities by role

Adding new threat list feed into splunk

How to view pdf as splunk dashboard

Unable to forward syslog from NetScaler Service VMs (SVMs)

Observability | How to Think About Instrumentation Overhead (White Paper)

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

The Great Resilience Quest: 10th Leaderboard Update

Lopping Off Dot Notation Field Names

Splunk on GCP: what's the benefit of running dataf...

Splunk user password restore

scheduler.log broken korean

Suggestions Please: REST Api, csv,html