Getting Data In

Community Activity

Issue with parsing Json data Hello Splunkers,I'm facing problem with correct parsing json data. Splunk correctly recognizes data as json sourced, ... by slipinski Path Finder in Getting Data In 11-30-2020 0 2	0	2
S3 bucket log ingestion Hi,We have integrated a S3 bucket with Splunk. Log path -aaa\folder\out.logaaa\folder\error.logaaa\folder\audit.logaa... by VijaySrrie Builder in Getting Data In 11-30-2020 0 0	0	0
Logs from Acronis Backups sent to Splunk Hello Everyone,Does anyone know the best way to go about getting logs from our Acronis Backups solution to send it's ... by AJSCSA Loves-to-Learn Lots in Getting Data In 11-30-2020 0 0	0	0
Real time table load I have a table with a join, which means there are 2 sources - x and y. I receive the logs from x first, I would like... by anonuser Explorer in Getting Data In 11-30-2020 0 2	0	2
Getting None value in timestamp along with Datetime value in timestamp field In raw data, timestamp field value is 1606730113962778 but for the timestamp field in the interesting fields list i a... by Tamilraj28 Engager in Getting Data In 11-30-2020 1 0	1	0
Why does the Splunk Forwarder for Linux randomly stop sending and monitoring files? The port is open and listening. The logs directory which I am monitoring contain hundreds of thousands of files in it... by gymmynzl New Member in Getting Data In 11-30-2020 0 9	0	9
Ingest GPX Files Hello,I'm using an old copy of a Windows-based running tracking application. The mapping function no longer works. Th... by genesiusj63 Explorer in Getting Data In 11-29-2020 0 3	0	3
Unable to rewrite host meta key at ingestion I have a reg ex tested and working that will extract the host out of these events. My transforms is as follows: [... by brent_weaver Builder in Getting Data In 11-29-2020 0 3	0	3
Universal Forwarder can't connect to Deployment Server Spent a day on this and have been seeking help in Splunk IRC. Bout to lose it. Deployment Server states no clients h... by BryanBerry Path Finder in Getting Data In 11-28-2020 4 4	4	4
How to troubleshoot why deployment client wont phonehome with my current configuration? So I've been banging my head against the wall trying to get my Splunk Universal Forwarders to at least attempt to pho... by PGrantham Path Finder in Getting Data In 11-28-2020 1 6	1	6
Cant get windows server into splunk Im pretty technical... i got splunk installed in centos, everything works ok, but for the life of me i cant figure th... by davidbeiler Loves-to-Learn in Getting Data In 11-27-2020 0 1	0	1
Splunk app (forescout) could not read index I am getting this error and needs help troubleshooting and resolving the issue: " App: [ForeScout App for Splunk] cou... by splunk-newbie Loves-to-Learn in Getting Data In 11-27-2020 0 3	0	3
TIME_FORMAT in props.conf seems to not be working Hello all... I have events that have a timestamp that starts with: 2014-05-07 13:12:27 2910 ... The trailing # ... by brent_weaver Builder in Getting Data In 11-27-2020 1 9	1	9
Cross app enrichment How does one enrich using data from another app space? or: How can one write enrichment data to another app space?I h... by peiffer Path Finder in Getting Data In 11-27-2020 0 0	0	0
Forwarding on-prem data to splunk cloud with universal forwarder We have a managed splunk cloud tenant. I am trying to set up forwarding on on-prem server logs to splunk cloud. I've ... by mrsnrub Engager in Getting Data In 11-27-2020 1 0	1	0
Does anyone implemented an IoT devices for motorcyle/car for insurance telematics that is integrated to splunk? Hi Splunkers,Does anyone of you know or has an experience integrating IoT devices for motorcycle/car for insurance te... by ejmindanao Explorer in Getting Data In 11-26-2020 0 0	0	0
Index internal logs locally and forward all other logs As title suggest, i want to index internal logs only and forwards all other logs to forwarders or idxs.Here is the se... by k31453 Explorer in Getting Data In 11-26-2020 0 5	0	5
Regex help for a newby please Hi All, looking for some assistance on what a regex would look like when every new line starts with an open bracket ... by markturner14 Explorer in Getting Data In 11-26-2020 1 3	1	3
Bash echo command no ingested by splunk, whle others are. I have these as the final lines of my bash script:response=$(curl -H "Authorization: Bearer $access_token" -H "Accept... by Dpeedahnb Explorer in Getting Data In 11-26-2020 0 4	0	4
how to forward JSON data to splunk Properly I have a json file like below, i need to broke it up in to events{"env":"UAT","label":"jenkins-17887.api.v2.dm.btc","... by kirrusk Communicator in Getting Data In 11-25-2020 0 6	0	6
Question about Inputs.conf Hello,I have made a new app under deployment apps with the following inputs.conf [monitor:///root/something/somethin... by zekiramhi Path Finder in Getting Data In 11-25-2020 0 10	0	10
Why is a field which doesn't exist in _raw data being added to an index? Eg : index = userinformation _raw doesnt have any field or value related to field "ue". But "ue" is being shown i... by vn_g Path Finder in Getting Data In 11-25-2020 0 2	0	2
Send events from TA to different indexes depending on hostname Hi Splunkers. What approach are people using to send events from a TA to different indexes depending on what the hos... by torowa Path Finder in Getting Data In 11-25-2020 0 2	0	2
Send csv data to Http Event Collector Hi,I want to send a csv pure data file as it is to splunk via Http Event Collector. How can I do it? Can I send it to... by learnkhru New Member in Getting Data In 11-24-2020 0 3	0	3
Forwarding data from Heavy forwarder to syslog server exclude audit.log We're trying to do:Collect Event Log by REST input on Splunk Enterprise 8.1 --> HF (v8.1 on Windows) --> external Sys... by eorMsisseL Engager in Getting Data In 11-24-2020 1 1	1	1