Getting Data In

Community Activity

micro focus Service Manager logs parsing SpoilerHi Everyone,i want to parse the below custom Application logs, Need your help and advises.12084( 14140) 11/02/... by splunking4me Explorer in Getting Data In 11-04-2020 1 4	1	4
Universal Forwarder send syslog to a thrid party First of all, can UF's send syslog to a third party? The documentation says, "You can configure a forwarder" but does... by I-Man Communicator in Getting Data In 11-04-2020 1 7	1	7
Splunk not recognizing nested json I've searched quite some time, but I'm not able to find why Splunk is not recognizing a nested JSON.Here's how my dat... by dstoev Path Finder in Getting Data In 11-04-2020 0 0	0	0
Selective indexing of events from UF on Heavy Forwarder Hello,I have read the documentation on routing and filtering events (https://docs.splunk.com/Documentation/Splunk/8.1... by performancemoni Path Finder in Getting Data In 11-04-2020 0 2	0	2
Load Balancing UF to 3rd third party receivers Hi,I have some troubles setting up the following topology. There is 1 UF which needs to forward unCooked raw data to ... by jknulst Explorer in Getting Data In 11-03-2020 1 6	1	6
Eventgen: is it possible to create events taking pair values from a file? Hi at all,I have to use eventgen to populate a demo I prepared.I'm able to populate events starting from a template a... by gcusello SplunkTrust in Getting Data In 11-03-2020 1 1	1	1
How to upload wevtutil generated xml file of Security log into Splunk? I have a situation when I need to dump a remote Security log with wevtutil and subseqently upload it into Splunk to c... by ageld2020 New Member in Getting Data In 11-03-2020 0 0	0	0
Monitoring File Directories but not indexing file contents Hi all,Sorry for the really newb question (because I am one).I have Splunk Enterprise running on my standalone PC to ... by Highlander22 Engager in Getting Data In 11-03-2020 0 3	0	3
Issue with timestamps creating extra events Certain events in these logs have dates in certain tags below such as <BeginDateTime> and <EndDateTime> . They are cr... by bnichols024 New Member in Getting Data In 11-03-2020 0 2	0	2
Variable string processing in variable string in map command IF the _raw is the same as above, I want to search with the query below.Index=_internal sourcetype=splunkd I want to ... by litmuspaper Loves-to-Learn Lots in Getting Data In 11-03-2020 0 1	0	1
Index events with timestamp of previous day We have a report from a system that needs to be indexed into splunk on monthly basis. This report is generated on 1st... by rajeshjlnt Path Finder in Getting Data In 11-03-2020 0 5	0	5
Does indexer discovery also apply to heavy forwarder to Splunk enterprise? by phil_wong Explorer in Getting Data In 11-02-2020 0 1	0	1
SSL Forwarding: Why does a Splunk forwarder need its own certificate? outputs.conf on forwarder gets its own cert. E.g. something like [tcpout-server://192.168.1.100:9997] sslRootCAPath ... by mlorch Path Finder in Getting Data In 11-02-2020 1 7	1	7
How to index Json array into metric index? Hi All, My question is the same as the title. How am I able to index Json array into metric index? I would appreciate... by brandy81 Path Finder in Getting Data In 11-02-2020 0 0	0	0
How to remove a group of characters for each value from list/multivalue. String of variable alert_type:\|detail.action=blocked\|detail.devicename=hd03\|detail.virus=fec_virus_macro_sic_1\|detail... by dashield Explorer in Getting Data In 11-02-2020 0 6	0	6
field extraction working with rex but not props.conf I am trying to extract a portion of the source as a field. Here's what the source looks like: D:\Host Logs\info.serve... by jdmclemore Path Finder in Getting Data In 11-02-2020 0 7	0	7
Splunk Add-on for AWS ARN Format Mismatch HelloIn setting up the add on for AWS(4.6.1) in the IAM role setup it expects a role ARNin the format of :arn:aws-us-... by tkw03 Communicator in Getting Data In 11-02-2020 0 0	0	0
UK dates recognised as US until 10th of the month Hi AllI am trying to index some log files that have been converted to tab delimited text files. These are being picke... by Ognib Explorer in Getting Data In 11-02-2020 0 6	0	6
Splunk logging driver logs not parsed by indexer Hi Splunkers,I have start using Splunk Logging Driver to get my docker logs into Splunk. I am using Splunk Enterprice... by ps Explorer in Getting Data In 11-02-2020 0 2	0	2
index data retention Hello there.Within splunk cloud, I go to Settings < Indexes.I am looking at my main index. It has a current size of ... by trojan_81 Path Finder in Getting Data In 11-01-2020 1 2	1	2
data retention of sourcetype Two questions regarding Dynamic Data Storage: 1) Within an Index, can I archive a specific sourcetype only or can I o... by trojan_81 Path Finder in Getting Data In 10-31-2020 0 1	0	1
How can I import this CSV file into Splunk? I have: 1 Searchhead 1 Deployment Server 4 Indexers (Non clustered) This is the raw CSV file: date,name,capacity,fre... by dperry Communicator in Getting Data In 10-30-2020 0 16	0	16
SmartStore configuration Hello All. I’m testing a SmartStore index with the configuration below. I’m getting errors from S3Client “no address ... by oscar84x Contributor in Getting Data In 10-30-2020 0 0	0	0
LINE_BREAKER regex for I have XML files I'm trying to break-up into individual events based on the following XML format. I need to break the... by astackpole Path Finder in Getting Data In 10-30-2020 0 3	0	3
What is the best way to integrate Mulesoft with Splunk cloud? Need help with this integration.@richgalloway @woodcock by Roy_9 Motivator in Getting Data In 10-30-2020 0 4	0	4