Getting Data In

Community Activity

Index data from a file and send to differents indexes Hi everyone,I am trying to index data from a single log file to different indexes but i can't do it, i have this data... by tdepablo88 Explorer in Getting Data In 01-04-2021 0 5	0	5
Log Flow Monitoring Solution (to detect broken/faulty feeds) Has anyone had success in creating monitoring in Splunk to detect broken data feeds.We have hundreds of feeds - some ... by jonaclough Path Finder in Getting Data In 01-04-2021 0 1	0	1
Reduce Event Code 4663 volume Hello. Thank you for reading thisDue to license constrictions, we need to eliminate the Event Code 4663 based on the... by AbelCruz Path Finder in Getting Data In 01-03-2021 0 4	0	4
configure splunk to read log files written 4X day I would like to configure splunk to read files stored in a inbound folder. These files are written 4x day, but could... by keithwsmith Loves-to-Learn in Getting Data In 01-01-2021 0 1	0	1
Timestamp configuration in props for epoch time Dear All,I am getting data from the Search head in json format. The first field of the event is timestamp and it is i... by Tamilraj28 Engager in Getting Data In 12-31-2020 0 0	0	0
XML parsing and field mapping Hi, I have a XML file which i wants to load in Splunk and parse during indexing.<measType p="1">node_cpu.idle</measTy... by panwarsagar Loves-to-Learn in Getting Data In 12-31-2020 0 3	0	3
Optimum payload size for ingesting events via splunk HEC I am trying to ingest data into Splunk via Splunk HEC using a python script. I am also sending the data in batches.Wh... by kkarthik_splunk Splunk Employee in Getting Data In 12-30-2020 0 1	0	1
how to reduce the index size of KV store and summary db how to reduce the index size of KV store and summary db on the server by syedabuthahir Explorer in Getting Data In 12-29-2020 0 2	0	2
What does pset and reuse mean in splunkd.logs Given this search for the TcpOutputProc index=_internal source=*splunkd.log component=TcpOutputProc \| fields _raw ... by dexterp Explorer in Getting Data In 12-29-2020 0 2	0	2
Vendor api token, but no add-on I have a vendor that will provide an api token so I can retrieve SIEM event data. There is no add-on available for th... by mikefg Communicator in Getting Data In 12-29-2020 0 1	0	1
Monitor File Activity on SMB Share I need to monitor all file reads, writes, deletes, etc. on a SMB share from a Windows server. In the past, I've just ... by ericl42 Path Finder in Getting Data In 12-29-2020 0 1	0	1
Where can i get some sample data to test Splunk ITSI Features? Hi I am trying to evaluate Splunk in context of all the features that it has to offer.... I downloaded the demo, but ... by RomeSplunk123 Explorer in Getting Data In 12-28-2020 0 6	0	6
How do I tell Splunk not to ignore first line in structured psv file? I have log files that append new data every five minutes starting with a timestamp, then dashes (-) then header, then... by Woody35 Observer in Getting Data In 12-28-2020 0 3	0	3
App Developers Gadgets Hi at all,this app is very useful for my needs, because I have to open or close panels in my dashboards, but I don't ... by gcusello SplunkTrust in Getting Data In 12-28-2020 0 0	0	0
Trouble authenticating ALL Active Directory users I'd like to open my Splunk system up to all of our AD users rather than mapping particular groups as we've in the pas... by dustinhartje Explorer in Getting Data In 12-28-2020 0 5	0	5
Unbound DNS Resolver Logs ```Dec 27 01:47:46 pvlpfSense01 unbound: [91480:1] info: resolving acceptor.mcafee-mvision-mobile[.]com. A INDec 27 0... by ArmbrusterC Explorer in Getting Data In 12-27-2020 0 2	0	2
Logs with XML data is being read as two separate events by Splunk Hi There Folks!Please refer screen shot of the original log file in a NotePad.http://prntscr.com/w82jd1Although its o... by venksel Explorer in Getting Data In 12-25-2020 0 1	0	1
License Capping We have a 16GB Indexing License for one applicatiom , which for the first time we have exceeded the limit. I would li... by abhijeet01 Path Finder in Getting Data In 12-24-2020 0 1	0	1
Is it possible to filter, route, and change the index of specific events? Hi All,Basically the data (WinEventLogs) flow is UF -> HF -> indexer Group 1/ Indexer Group 2.All the data will go to... by keithyap Path Finder in Getting Data In 12-23-2020 0 3	0	3
How to on-board comma separated csv data with pipes around each fields HiLooking for the advice how to on-board the csv file with comma separated values but each field has pipes around it ... by mlevsh Builder in Getting Data In 12-23-2020 0 1	0	1
index size in my stand alone environment indexes.conf:maxDataSize=100mbmaxTotalDataSizemb=200000but in ui one of index current s... by dall Path Finder in Getting Data In 12-23-2020 1 5	1	5
Collect SCOM Custom Performance Data with Splunk We have integrated SCOM with Splunk using Splunk Add-on for MS SCOM [HF]. We are getting ALL Perfmon Data in Splunk f... by mnachiappan80 Observer in Getting Data In 12-22-2020 0 0	0	0
App not creating sourcetypes Hi folks,I’m having an issue getting Juniper logs to show the correct sourcetype. Right now they simply all show up a... by jravida Communicator in Getting Data In 12-22-2020 0 1	0	1
Datamodels with Smartstore I have an environment where I'm using a datamodel with the _internal index. My datamodel_summary is created in the pa... by 7aurelius Loves-to-Learn in Getting Data In 12-22-2020 0 2	0	2
Syslog Output missing header Hello AllI found a similar question but did not see an answer.https://community.splunk.com/t5/Getting-Data-In/No-time... by edwardrose Contributor in Getting Data In 12-22-2020 0 0	0	0