Getting Data In

Community Activity

Changing data input (older data) for Splunk Add-On for Microsoft Office 365 My Splunk Add-On for Microsoft Office 365 only pulled in the last 7 days of data but in O365 I see older data. How c... by mattshwink1 Loves-to-Learn in Getting Data In 12-02-2020 0 0	0	0
UF stops forwarding when splunk cloud is down If you read the title, you are going "well of course it does", but hear me out. (This will be a long explanation th... by randy_moore Path Finder in Getting Data In 12-02-2020 0 0	0	0
Palo Alto Networks config logs not showing before and after info We forward all config logs from our Palo Alto Networks firewall directly into SplunkI can see that the config logs sh... by heathramos Path Finder in Getting Data In 12-02-2020 0 0	0	0
What is the best way to monitor large log files? Hi Team,What is the best way to monitor large rolling log files??As of now I have following configuration to monitor ... by gaurav_maniar Builder in Getting Data In 12-02-2020 0 0	0	0
Figure out what forwarder data came from I am trying to figure out if there is a query that will tell me which forwarder some of the data I have in my indexer... by jeffbat Path Finder in Getting Data In 12-02-2020 0 1	0	1
Free Splunk Add Data missing? Hi,I'm new at splunk and signed up for Free Splunk Cloud.I setup a universal forwarder on a windows server and connec... by JuergenUser New Member in Getting Data In 12-02-2020 0 0	0	0
Why has the Splunk Enterprise Trial license already expired in a brand new Docker container? I'm using a Docker image, created in 2017, whose dockerfile specifies: from splunk/splunk:6.6.3 The image is avail... by Graham_Hanningt Builder in Getting Data In 12-02-2020 0 4	0	4
Importing csv files from directory Hi all,I have been trying to monitor a directory with csv files. Let me explain. I have multiple PS scripts running a... by Sasquatchatmars Communicator in Getting Data In 12-02-2020 0 6	0	6
Input Monitor order of precedence Hi,Will Splunk use a more explicit Monitor stanza vs a wildcard stanza. Since the stanza's are not identical I do no... by sean193 Explorer in Getting Data In 12-01-2020 0 4	0	4
Using splunk to monitor Microsoft sql server backups. Hello, I am looking into using splunk to monitor sql server backups, can the splunk app for SQL do this?, can’t see t... by joe06031990 Communicator in Getting Data In 12-01-2020 0 2	0	2
Delete Windows logs description at index time Hi all,I´m trying to delete the description that came at the end of some windows events. From the CM I deployed the f... by pbalbasdtt Path Finder in Getting Data In 12-01-2020 0 2	0	2
Anonymize data and keep original aside Good afternoon fellow splunkthiasts, I need your help with data anonymization. Situation: Application on server with ... by eregon Path Finder in Getting Data In 12-01-2020 0 5	0	5
Why is my ui-prefs.conf change to make the default search time range 15 minutes in all apps not being respected? Goal - Change the default time of search to 15 minutes in all apps. I created a ui-prefs.conf in the local of the s... by daniel333 Builder in Getting Data In 12-01-2020 0 4	0	4
Issue with parsing Json data Hello Splunkers,I'm facing problem with correct parsing json data. Splunk correctly recognizes data as json sourced, ... by slipinski Path Finder in Getting Data In 11-30-2020 0 2	0	2
S3 bucket log ingestion Hi,We have integrated a S3 bucket with Splunk. Log path -aaa\folder\out.logaaa\folder\error.logaaa\folder\audit.logaa... by VijaySrrie Builder in Getting Data In 11-30-2020 0 0	0	0
Logs from Acronis Backups sent to Splunk Hello Everyone,Does anyone know the best way to go about getting logs from our Acronis Backups solution to send it's ... by AJSCSA Loves-to-Learn Lots in Getting Data In 11-30-2020 0 0	0	0
Real time table load I have a table with a join, which means there are 2 sources - x and y. I receive the logs from x first, I would like... by anonuser Explorer in Getting Data In 11-30-2020 0 2	0	2
Getting None value in timestamp along with Datetime value in timestamp field In raw data, timestamp field value is 1606730113962778 but for the timestamp field in the interesting fields list i a... by Tamilraj28 Engager in Getting Data In 11-30-2020 1 0	1	0
Why does the Splunk Forwarder for Linux randomly stop sending and monitoring files? The port is open and listening. The logs directory which I am monitoring contain hundreds of thousands of files in it... by gymmynzl New Member in Getting Data In 11-30-2020 0 9	0	9
Ingest GPX Files Hello,I'm using an old copy of a Windows-based running tracking application. The mapping function no longer works. Th... by genesiusj63 Explorer in Getting Data In 11-29-2020 0 3	0	3
Unable to rewrite host meta key at ingestion I have a reg ex tested and working that will extract the host out of these events. My transforms is as follows: [... by brent_weaver Builder in Getting Data In 11-29-2020 0 3	0	3
Universal Forwarder can't connect to Deployment Server Spent a day on this and have been seeking help in Splunk IRC. Bout to lose it. Deployment Server states no clients h... by BryanBerry Path Finder in Getting Data In 11-28-2020 4 4	4	4
How to troubleshoot why deployment client wont phonehome with my current configuration? So I've been banging my head against the wall trying to get my Splunk Universal Forwarders to at least attempt to pho... by PGrantham Path Finder in Getting Data In 11-28-2020 1 6	1	6
Cant get windows server into splunk Im pretty technical... i got splunk installed in centos, everything works ok, but for the life of me i cant figure th... by davidbeiler Loves-to-Learn in Getting Data In 11-27-2020 0 1	0	1
Splunk app (forescout) could not read index I am getting this error and needs help troubleshooting and resolving the issue: " App: [ForeScout App for Splunk] cou... by splunk-newbie Loves-to-Learn in Getting Data In 11-27-2020 0 3	0	3