Getting Data In

Discussions

Thread Info

Windows Event Log - .evtx file import - Foriegn AD Domain

Hello, Hoping to get a hint on where to go with this; Use Case: I am attempting to import files from a exported ....

by Path Finder in

HEC troubleshooting in distributed Enterprise environment

I cannot figure out which component to enable HEC and where to send the events. We have an on prem Splunk Enterprise ...

by Engager in

Need help with a custom source type

Hi, starting fresh. maybe I can explain a bit better here.. I found another similar issue to mine here: https://c...

by Path Finder in

json kvm_mode and additional transforms

Please confirm/deny something for me because it's not clear from the docs. Let's assume I have events containing bo...

by SplunkTrust in

Implement lookup file to replace the "host" field value collected from the rsyslog

Hello Splunkers, I'm collecting Aruba AP (Aruba Access Point) logs from my rsyslog inputs. I use the Aruba_Networ...

by Path Finder in

regex to capture both fields as below

Hi SMEs, Seeking help to capture below 2 strings (Only string1 & Only string1) as below in one regex ","category"...

by Path Finder in

Automatic Indexing

Can my client automatically index his/her files in splunk server ? If yes, how?

by Path Finder in

Data stop insert ?

Hello, ***this is my first time use of Splunk *** I have install the splunk and setup simple syslog udp on port 11514...

by Loves-to-Learn in

spunk data input - xml

This is data file(<Interceptor>~~~</Interceptor><Interceptor>~~~</Interceptor>) <?xml version="1.0" encoding="UTF-8...

by Explorer in

Change Timezone - Splunk free license

I use Splunk Free License. For Free License, we cannot change the user settings. I mean, I can't change the timezo...

by Explorer in

HTTP Event Collector batch post and HTTP errors

Hi, I've started using HEC to push data to my Splunk Enterprise instance and noticed the errors I get. For exampl...

by Engager in

Splunk doesn't format Sysmon JSON correctly

That's the problem. I have a Sysmon JSON to examine but, although in the "Add Data" section everything looks OK, once...

by Explorer in

Filter AWS Cloudtrail readonly events

Does anybody know a good way to filter out AWS Cloudtrail readonly events? This is what I have on my HF and jum...

by Path Finder in

DB Connect MySQL Connection

Hi, I am trying to create a new MySQL Connection in DB Connect Driver installed : 5.1Application using JDK7 and j...

by Communicator in

Problem Getting sentinelone as asset for phantom

Enter the correct URL and api token but phantom will add-on the URL when testing.

by New Member in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Windows Event Log - .evtx file import - Foriegn AD Domain

HEC troubleshooting in distributed Enterprise environment

Need help with a custom source type

json kvm_mode and additional transforms

Implement lookup file to replace the "host" field value collected from the rsyslog

regex to capture both fields as below

Automatic Indexing

Data stop insert ?

spunk data input - xml

Change Timezone - Splunk free license

HTTP Event Collector batch post and HTTP errors

Splunk doesn't format Sysmon JSON correctly

Filter AWS Cloudtrail readonly events

DB Connect MySQL Connection

Problem Getting sentinelone as asset for phantom

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

Assistance Needed: Reformatting Provided Events to...

XML Regex Conversion

SC4S Initial setup error

Reports are not indexed correctly

Journald exclude specific services