Getting Data In

Community Activity

Reducing License usage by eliminating duplicate events from WIndows Hello, I am looking for a way to reduce our license usage by eliminating duplicate events being forwarded from a wind... by gba8912 Explorer in Getting Data In 11-19-2020 0 1	0	1
Forward only audit data from /var/log/audit.log splunk-8.1.0 server RHEL 8 system.So following the instructions from:https://docs.splunk.com/Documentation/Splunk/6.6... by eric_hagen Explorer in Getting Data In 11-19-2020 0 2	0	2
HTTP Event collector Log ingestion Hi , I am trying to configure HTTP event collector for log ingestion i have few questions ? I am hosting HEC on my H... by ram254481493 Explorer in Getting Data In 11-19-2020 0 3	0	3
parsing syslogs from Tiesse systems Hi at all,is there something that already parsed syslogs from Tiesse systems (Levanto and/or Imola)?Levanto are switc... by gcusello SplunkTrust in Getting Data In 11-19-2020 0 0	0	0
Question on HEC configuration Hello,I have data inputs configured with HEC coming in to index=A and source=http:sourcename1.I now have logs of simi... by km1986 Path Finder in Getting Data In 11-19-2020 0 1	0	1
rest api auth How you could request a session key from splunks rest api without hardcoding passwords in your code? by bsteelz93 Path Finder in Getting Data In 11-19-2020 2 7	2	7
Are there any apps or add-ons to integrate Microsoft Teams with Splunk Enterprise? Hi Team, Is there any app or add-on to integrate Microsoft Teams with Splunk. Since once the alert is getting trigge... by anandhalagarasa Path Finder in Getting Data In 11-19-2020 0 4	0	4
Stripping syslog-ng headers from Snort/idstools-u2json JSON files Hello fellow Splunk community membersI've finally got a workable solution for running Snort on my home router, output... by BongoTheWhippet Path Finder in Getting Data In 11-19-2020 0 0	0	0
Rename the "host" field from stormshield sourcetype events Hello,I will try to describe the situation first; my problem and then ask you my question :This my architecture :6 st... by kvnpichon Path Finder in Getting Data In 11-18-2020 0 1	0	1
How to stop ingesting a field value Hi guys, I have an input made from the ASplunk addon for AWS and what I want to do is to stop ingesting a field value... by franciscof Explorer in Getting Data In 11-18-2020 0 3	0	3
Anonymize Indexed data Hi,I have some data in my Splunk indexer (historical data) and I want to anonymize it now. Is there any better way to... by fnlfaraz Engager in Getting Data In 11-18-2020 0 1	0	1
Syslog Server to Splunk showing incorrect host - During Splunk test before implementation Currently at the company I work for we are runing a trial on Splunk for a couple of months to check that it meets our... by j666gak Communicator in Getting Data In 11-17-2020 0 4	0	4
How to subtract windows time stamps? In order to detect time changes of more than 20 seconds, I want to look into the Windows event "system time change" E... by splunk_operator Engager in Getting Data In 11-17-2020 1 9	1	9
Step by Step Process for Installing Universal Forwarder on Windows using SCCM I've seen lots of script examples, but not an actual step by step process for using SCCM to install Universal Forward... by Moose Loves-to-Learn in Getting Data In 11-17-2020 0 1	0	1
Splunk Search with PIPE So I have an application in centos that monitors process creation and sends it to a remote syslog server which is als... by cj New Member in Getting Data In 11-17-2020 0 1	0	1
Checksum for seek ptr didn't match, will re-read entire file _TCP_ROUTING = forward_logsdisabled = falseindex = 1idx1sourcetype = LOGScrcSalt = <SOURCE>Even though our inputs.con... by akpadhi Explorer in Getting Data In 11-17-2020 0 3	0	3
outputs.conf add a delimiter Is it possible to add a stanza field to outputs.conf on a light forwarder to add a delimiter to data that currently h... by robnewman666 Path Finder in Getting Data In 11-17-2020 0 2	0	2
Upgrade Splunk All-in-one - Loss of logs on Universal Forwarder Hello everyone,I am planning to upgrade my all-in-one Splunk which is on version 7.2.4 to 8.1.According to the docume... by Silek Explorer in Getting Data In 11-17-2020 0 3	0	3
Splunk_TA_Windows - script:installedapps timestamp issues? All, Thought I posted this before, but can't find it in my history. I am seeing alerts in my Splunk logs statin that ... by daniel333 Builder in Getting Data In 11-16-2020 0 1	0	1
history of the missing index Good afternoonDuring an activity, the in index stanza in the indexes.conf file was commented to perform an event clea... by efaundez Path Finder in Getting Data In 11-16-2020 0 2	0	2
Get data from Azure Function into Splunk Enterprise I am trying to be able to get data in from an azure function one our of team's has done.We are not able to get the da... by jeffbat Path Finder in Getting Data In 11-16-2020 0 0	0	0
indexes.conf recommendation for large volume of data per day in 1index Hi,I am looking for any recommendation when dealing with such scenario. On one instance or one indexer, 300-400GB of... by fgu Loves-to-Learn Lots in Getting Data In 11-16-2020 0 4	0	4
Nginx Logs from Kubernertes Containers hi guys,forgive the n00bness of this question as im sure its fairly straightforward and/or been answered before.So im... by stuartcooney Loves-to-Learn in Getting Data In 11-16-2020 0 0	0	0
Heavy forwarder Hi, I am trying to figure out if i need a heavy forwarder or not; from what I have read in the documentation, a heavy... by hethu Path Finder in Getting Data In 11-16-2020 0 3	0	3
Universal Forwarder to Both On Prem and Cloud Instances We're starting outline our architecture and how data will flow, and we're looking to forward data to both an on prem ... by LCelley Explorer in Getting Data In 11-16-2020 0 1	0	1