Getting Data In

Community Activity

different monitors for different hosts under the same index hi!I have a case where I need to onboard data from different hosts and paths but under the same index. As an example,... by przemysaw Explorer in Getting Data In 02-02-2021 0 2	0	2
Log forwarding not every 30 seconds Hello Team,As far as I know, forwarder must forward logs to indexer every 30 seconds.I've reinstalled system and tryi... by bosseres Contributor in Getting Data In 02-02-2021 0 9	0	9
Heavy forwarder not forwarding IIS logs, but other logs fine We are forwarding IIS logs from UFs to a heavy forwarder, and the heavy forwarder is supposed to send them on to a 3r... by eblackburn Path Finder in Getting Data In 02-01-2021 0 3	0	3
UF versus HF processing Currently, my firewall logs (PaloAlto) are sent via syslog to a virtual Linux machine. On that machine, I run a full... by craigkleen Communicator in Getting Data In 02-01-2021 0 6	0	6
Integrate FireEye logs in Enterprise Security Hi at all,I have to configure an Enterprise Security and one of the sources is FireEye.I found in Splunkbase an Add-o... by gcusello SplunkTrust in Getting Data In 02-01-2021 0 0	0	0
Different timezone Hi all!I have a problem with the time my logs arrive. There is an hour difference. how can I solve that? If I have da... by Mai_splunk Explorer in Getting Data In 02-01-2021 0 3	0	3
Universal forwarder is not reading all the files/directories from the monitored directories in inputs.conf Hi Splunkers , Our Architectures has 3 universal forwarders running in cluster . There is a load balancer running in... by spl_unker Explorer in Getting Data In 02-01-2021 0 1	0	1
Splunk DB Connect - Error: Communications link failure: The last packet successfully received from the server was 2 ms Hi,I am trying to connect my database using splunk DB connect. and I am getting an error stating: Communications link... by vedantsethia Loves-to-Learn in Getting Data In 02-01-2021 0 0	0	0
Multiple AD monitoring with Splunk Hi everyone,I have to implement a use case for a customer which basically means, monitoring AD events of ~10 Domain C... by g_paternicola Path Finder in Getting Data In 02-01-2021 0 0	0	0
Barracuda WAF (Web Application Firewall) truncating query string to access log and in turn into Splunk Good morning fellow Splunkers,This might be a bit more of a Barracuda WAF question than a Splunk question but perhaps... by Maycockk Explorer in Getting Data In 02-01-2021 0 3	0	3
Data coming in from DS but not other hosts that talk to DS I've followed the steps here - https://docs.splunk.com/Documentation/SplunkCloud/8.1.2011/Admin/WindowsGDIAnd have se... by ross_sd Explorer in Getting Data In 02-01-2021 0 3	0	3
Need help to find specific auth logs for Linux OS Can someone please guide how I can collect the following logs from Linux systems ?changes to account privileges.unsuc... by damode Motivator in Getting Data In 02-01-2021 0 0	0	0
Logs stopped from one of the server Hi Splunkers, I am facing a strange issue like the splunk forwarder stopped forwarding data. I see the forwarder is w... by asharmaeqfx Path Finder in Getting Data In 01-31-2021 0 3	0	3
Decompressing log files from Microsoft Azure Blob I have logs that are stored in Micrsoft Blob Storage which are compressed as .xz files, but they are not named with t... by NickSegalle Explorer in Getting Data In 01-31-2021 0 0	0	0
Add multiple similar REST endpoints under 1 data input I am trying use REST API modular input in order to get data in Splunk from a REST endpoint. Unfortunately to get all ... by cdtinsley1 Observer in Getting Data In 01-31-2021 0 0	0	0
Props manipulate date Hello,I have to index a log file that has only the timestamp HH:MM:SS ,HH:MM:SS field1 field2 ...whenever a new row i... by giuces Engager in Getting Data In 01-30-2021 0 2	0	2
About configuration in forwarding by using SSL. I want to ask some point. When using the default certificate, sslVerifyServerCert in outputs.conf is false, and requ... by yutaka1005 Builder in Getting Data In 01-30-2021 0 4	0	4
Props isn't working on overrided sourcetype I followed this article https://docs.splunk.com/Documentation/Splunk/8.1.1/Data/Advancedsourcetypeoverridesbasically ... by ekenne06 Path Finder in Getting Data In 01-29-2021 0 2	0	2
Find index for a given host I have a query to detect missing forwarders (hosts) \| metadata type=hosts \| eval age = now() - lastTime \| search host... by jmo1 Path Finder in Getting Data In 01-29-2021 0 5	0	5
Exclude records from the final result Hi, I have a situation where I have to exclude certain records from the final result only. I don't want to include i... by Anand_Raman Loves-to-Learn Lots in Getting Data In 01-29-2021 0 2	0	2
What is the impact of increasing indexed_kv_limit in limits.conf? Hi,Some of my data has 1000+ fields and I want to increase indexed_kv_limit value to 2000 from limits.conf .I know it... by mufthmu Path Finder in Getting Data In 01-29-2021 0 1	0	1
Do I have to use Splunk Connect for Syslog with the Cisco Networks Add-on for Splunk? We're running v8.0.7. We ingest syslog data through a cluster of servers running rsyslog and UFs. I'm looking to in... by ericlarsen Path Finder in Getting Data In 01-29-2021 0 1	0	1
Universal Forwarder and props.conf and transforms.conf Just a quick question regarding the "Universal Forwarder" I have setup my inputs.conf and outputs.conf in /opt/... by phoenixdigital Builder in Getting Data In 01-29-2021 4 6	4	6
Timeformat Hello members, Can you help me out to find out , what will be exact timeformat for this time below and timeprefix as ... by uagraw01 Motivator in Getting Data In 01-29-2021 0 4	0	4
Data going to main even after set to different index Hi all, I have install splunk forwarder in 1 centos device, sending to indexer. From the search head, i can see data... by johnlzy0408 Loves-to-Learn Everything in Getting Data In 01-29-2021 0 4	0	4