Getting Data In

Community Activity

Unbound DNS Resolver Logs ```Dec 27 01:47:46 pvlpfSense01 unbound: [91480:1] info: resolving acceptor.mcafee-mvision-mobile[.]com. A INDec 27 0... by ArmbrusterC Explorer in Getting Data In 12-27-2020 0 2	0	2
Logs with XML data is being read as two separate events by Splunk Hi There Folks!Please refer screen shot of the original log file in a NotePad.http://prntscr.com/w82jd1Although its o... by venksel Explorer in Getting Data In 12-25-2020 0 1	0	1
License Capping We have a 16GB Indexing License for one applicatiom , which for the first time we have exceeded the limit. I would li... by abhijeet01 Path Finder in Getting Data In 12-24-2020 0 1	0	1
Is it possible to filter, route, and change the index of specific events? Hi All,Basically the data (WinEventLogs) flow is UF -> HF -> indexer Group 1/ Indexer Group 2.All the data will go to... by keithyap Path Finder in Getting Data In 12-23-2020 0 3	0	3
How to on-board comma separated csv data with pipes around each fields HiLooking for the advice how to on-board the csv file with comma separated values but each field has pipes around it ... by mlevsh Builder in Getting Data In 12-23-2020 0 1	0	1
index size in my stand alone environment indexes.conf:maxDataSize=100mbmaxTotalDataSizemb=200000but in ui one of index current s... by dall Path Finder in Getting Data In 12-23-2020 1 5	1	5
Collect SCOM Custom Performance Data with Splunk We have integrated SCOM with Splunk using Splunk Add-on for MS SCOM [HF]. We are getting ALL Perfmon Data in Splunk f... by mnachiappan80 Observer in Getting Data In 12-22-2020 0 0	0	0
App not creating sourcetypes Hi folks,I’m having an issue getting Juniper logs to show the correct sourcetype. Right now they simply all show up a... by jravida Communicator in Getting Data In 12-22-2020 0 1	0	1
Datamodels with Smartstore I have an environment where I'm using a datamodel with the _internal index. My datamodel_summary is created in the pa... by 7aurelius Loves-to-Learn in Getting Data In 12-22-2020 0 2	0	2
Syslog Output missing header Hello AllI found a similar question but did not see an answer.https://community.splunk.com/t5/Getting-Data-In/No-time... by edwardrose Contributor in Getting Data In 12-22-2020 0 0	0	0
Non-admin user can't see all the owners in the filter dropdown Hi, We have Splunk Enterprise. and recently migrated from LDAP TO SAML. And we started observing that non-admin user... by amritkumar New Member in Getting Data In 12-22-2020 0 1	0	1
Can non-admin role manage the search jobs run by all users? A user with non-admin role can only see own search jobs in "Jobs" page. in a Splunk document (https://docs.splunk.com... by yangtse Explorer in Getting Data In 12-22-2020 0 0	0	0
Not able to send logs to my syslog-ng server Hi eveyone, I'm try to send pihole.log to my syslog-ng server through an splunk universal forwarder. Details about my... by g_paternicola Path Finder in Getting Data In 12-22-2020 0 7	0	7
Change sourcetype for data coming from UF Hello Splunkers,I need help with change sourcetype in logs.There is UF installed on Win server. I would like to colle... by lukasmecir Path Finder in Getting Data In 12-22-2020 0 6	0	6
What all the way to integrate splunk with scom hi all i wanted to integrate scom with splunk please suggest best practices and best options by dsingh21 Loves-to-Learn in Getting Data In 12-19-2020 0 1	0	1
Receiving multiple json events as one from third party application Hi everyone,I`m receiving multiple JSON events as one event from third party application as showned below. {"metric":... by aitymm Loves-to-Learn in Getting Data In 12-19-2020 0 0	0	0
just started learning splunk How do I resolve this error -> happens with both linux and macThe TCP output processor has paused the data flow. Forw... by deepmis New Member in Getting Data In 12-19-2020 0 4	0	4
Splunk Scripted Inputs ingesting only Headers Hi All,Splunk is ingesting only a portion of the scripted input ps.sh from my *nix os TA, and I don't know why.Before... by rmccullagh Explorer in Getting Data In 12-17-2020 0 3	0	3
Ingesting AlienVault OTX feed service with Splunk? Someone recently asked me how they could tie Splunk in with the free AlientVault OTX feed service. Has anyone ever d... by mitzkowitz_splu Splunk Employee in Getting Data In 12-17-2020 2 2	2	2
Removing subset of logs from index while maintaining route to syslog server Windows security logs are sent to a heavy forwarder, which is configured to send these logs to a syslog server in add... by timori Loves-to-Learn Lots in Getting Data In 12-17-2020 0 0	0	0
IP Address of Search Head I'm configuring one computer as a forwarder and another as the receiver. How do I find the IP address that the forwar... by Analysis19 Engager in Getting Data In 12-17-2020 0 3	0	3
Need help in extracting network events before indexing I have a file with full of logs from different sources. But i want to monitor only logs from a particular network dev... by sivaranjiniG Communicator in Getting Data In 12-17-2020 0 3	0	3
splunk universal forwarder HiActually we are forwarding data from 2 forwarders servers to the indexer server, from one forwarder server we are... by kowsikreddy Loves-to-Learn in Getting Data In 12-17-2020 0 2	0	2
Getting OCI Audit Logs into Splunk Hello,Our infrastructure is currently hosted on Oracle Government Cloud and we are trying to determine a way to get t... by adnankhan5133 Communicator in Getting Data In 12-16-2020 1 0	1	0
Reduce clustered index COLD which becomes oversized over time Hello guys,one clustered index is now oversized due to lower indexed data since several months and data froze over ti... by splunkreal Motivator in Getting Data In 12-16-2020 0 0	0	0