Getting Data In

Community Activity

Need help in extracting network events before indexing I have a file with full of logs from different sources. But i want to monitor only logs from a particular network dev... by sivaranjiniG Communicator in Getting Data In 12-17-2020 0 3	0	3
splunk universal forwarder HiActually we are forwarding data from 2 forwarders servers to the indexer server, from one forwarder server we are... by kowsikreddy Loves-to-Learn in Getting Data In 12-17-2020 0 2	0	2
Getting OCI Audit Logs into Splunk Hello,Our infrastructure is currently hosted on Oracle Government Cloud and we are trying to determine a way to get t... by adnankhan5133 Communicator in Getting Data In 12-16-2020 1 0	1	0
Reduce clustered index COLD which becomes oversized over time Hello guys,one clustered index is now oversized due to lower indexed data since several months and data froze over ti... by splunkreal Influencer in Getting Data In 12-16-2020 0 0	0	0
Missing "Ingest Settings" tab in the asset settings in Splunk Phantom Hi, I'm getting this message from save_container():"Container addition failed, reason from server: Asset myasset (7) ... by ayuri Engager in Getting Data In 12-16-2020 0 0	0	0
CSV file not extracting properly when there is empty value for a field Hi there,I have a CSV file with the following header and values in it. There are some empty values for a field too. T... by satvika New Member in Getting Data In 12-16-2020 0 1	0	1
Is it possible to use sourcetype and host stanzas for the same event? We have the varonis ta and its props has the following section - [varonis:ta] However, each varonis server that s... by danielbb Motivator in Getting Data In 12-16-2020 0 1	0	1
Splunk and Dynatrace Integration Hello All,We have a requirement of integration of Dynatrace (SAAS service) and Splunk 8.0.0(On Premise).Currently we ... by ManjunathN Engager in Getting Data In 12-16-2020 0 0	0	0
whitelist blacklist inputs.conf not respected Hello guys,we used this in inputs.conf according to the Splunk CIM compliant addon for Unix and Linux :[monitor:///va... by splunkreal Influencer in Getting Data In 12-16-2020 0 1	0	1
Integrating logs from Fortinet devices with Splunk Hello Everyone on Splunk Forum.I want to integrate logs from following Fortinet devices1) Switch, model: FortiSwitch1... by d4wc3k Path Finder in Getting Data In 12-16-2020 0 0	0	0
Is it possible to Monitor network ports using Splunk Universal Forwarder? I have a Bluecoat device i want to monitor that device logs using UF. after have opened port from bluecoat to a relay... by sivaranjiniG Communicator in Getting Data In 12-15-2020 0 1	0	1
Why does Modular input script hang Why do Modular inputs like crowdstrike stream hang so often? by sean193 Explorer in Getting Data In 12-15-2020 0 0	0	0
Continuous monitoring doesn't work when the size of the file is constant Hi guys;I want to monitor a single file with a universal forwarder. It works perfectly till the size of the file rea... by mzn1979 Explorer in Getting Data In 12-15-2020 0 0	0	0
Splunk suddenly stops ingesting data. Hi All, I have a scripted output file that splunk is ingesting via a heavy forwarder. Since last few weeks, I am fa... by soumdey0192 Explorer in Getting Data In 12-15-2020 0 4	0	4
Universal forwarder for Linux had mixture of permissions for root and splunk. Hello, I am working with a Linux system and a universal forwarder. Operating System: Debian GNU/Linux 10 (buster) ... by splunktrainingu Communicator in Getting Data In 12-15-2020 0 1	0	1
Indexing Ubisecure Ubilogin logs? HiHave anyone indexed Ubisecure's Ubilogin audit or diag files? Basically those are CSV files, BUT depending of event... by isoutamo SplunkTrust in Getting Data In 12-15-2020 0 0	0	0
Connecting Azure Monitor, log analytics, Application Insights with Splunk How to link Azure Monitor with Splunk? How to link Azure log analytics workspace with Splunk? How to link Azure Appli... by prakash0046 New Member in Getting Data In 12-14-2020 0 4	0	4
Issues with XML Linebreaker Hello fellow splunkers,right now I'm working through the 7 labs for SE II which are necessary to be able to start the... by avoelk Communicator in Getting Data In 12-14-2020 0 1	0	1
Valid JSON not being broken up into individual events I've checked a number of threads about breaking JSON files and I've tried a number of offered solutions and none seem... by BongoTheWhippet Path Finder in Getting Data In 12-14-2020 0 1	0	1
dedup by time hello, I am trying to dedup events from successful authorizations in Splunk. Currently, our windows systems make abou... by gba8912 Explorer in Getting Data In 12-11-2020 0 3	0	3
Monitoring file changes to a NetApp file share Hello,New to Splunk. Can Splunk monitor or audit changes to a Netapp file share? We would like to know about file o... by JPrictoe Loves-to-Learn in Getting Data In 12-11-2020 0 1	0	1
We just loaded an AIX server with a forwarder and we're getting can't write file "/.splunk/authToken_#####_8089: We just loaded an AIX server with a forwarder and we're getting can't write file "/.splunk/authToken_#####_8089: Perm... by nls7010 Path Finder in Getting Data In 12-11-2020 0 0	0	0
Disabling a single tcp/ip data input port breaks connections to other ports Hi, Follow these steps to reproduce the problem:1. Create two tcp data inputs. In my case I used ports 9850 and 98602... by John235711 Engager in Getting Data In 12-11-2020 0 0	0	0
Log ingestion from fluentd Hi All,Is there a way to ingest logs from fluentd to splunk apart from HEC method? by VijaySrrie Builder in Getting Data In 12-11-2020 0 1	0	1
http event collector interval where to set Hello,I am using HTTP Event collector for one of the sources. And currently the data is getting indexed every Monday ... by surekhasplunk Communicator in Getting Data In 12-11-2020 0 3	0	3