Getting Data In

Ask a Question

Discussions

Thread Info

Syslog ingestion delay

Hello All, I have setup a syslog server to collect all the network devices logs, from syslog server via UF I am fo...

by Observer in

No such file or directory: 'java' adding JMX account using Splunk add-on for Tomcat

I am trying to use the Splunk Add-on for Tomcat first time. When I try Add Account this results in error message bel...

by New Member in

curl: (6) Could not resolve host: http-inputs-<stack_url>.splunkcloud.com

I cannot get auth to work for the HTTP Input in the Splunk trial.curl -H "Authorization: Splunk <HEC_token>" -k https...

by Explorer in

Wrong parameters on macOS and logd input?

Hi I try to Ingest macOS logd into Splunk Cloud. When I enable logd input it didn't work. Based on logs it use wron...

by SplunkTrust in

Mimecast App to get Archive logs

Hi, The Mimecast App gets events for most of the activity that occurs in the solution but does not give the option ...

by New Member in

SC4S, how do I write raw message into a directory?

Hi, I want to sc4s to receive syslog and I want sc4s to write raw message into a directory. However, it doesn't wr...

by Path Finder in

Support CSV files that have no CRLF at end of last line?

In the TA documentation at https://splunk.github.io/splunk-add-on-for-amazon-web-services/S3/ -- it is stated, "Ensur...

by Contributor in

Indexer Web UI is not available after migrating Cluster master hardware

Hi, Our Linux machine has reached the End of Support, so we are moving the Cluster Master from one machine to a...

by Contributor in

Transforms on multiline event containing some xml

Hello everybody, I am facing some challenges with some custom log file containing bits of xml surrounded by some so...

by Explorer in

Cloned Destinations: blockOnCloning

Could someone confirm the expected outcome for the following settings: outputs.conf [tcpout:group1] server ...

by Engager in

Tenable Json logs are not filtering

Hi I have a tenable json logs, i wrote rex and trying to send the logs to null queue, howevene it is not going to n...

by Loves-to-Learn Lots in

Data Inputs and valid objects - Something wrong with my instance?

I am new to Splunk and am teaching myself how to us it as I integrate it with my environment. I inherited an existi...

by Loves-to-Learn in

Concerning the Splunk Universal Forwarder 9.x Scheduler Cron Syntax

This is more statement than question, but the community should be advised Splunk Universal Forwarder 9.1.2 and 9.1.5 ...

by Explorer in

Splunk HF Stops Receiving Fortigate WAF Logs via Syslog Intermittently

Hello everyone, I'm currently collecting logs from a Fortigate WAF using Syslog, but I've encountered an issue ...

by Explorer in

Best Practices for Handling High-Cardinality Dimensions in Metric Indices?

We are using a metrics index to store metric events. These metric events are linked to a different parent dataset thr...

by New Member in

PLC & HMI Monitoring

Hi I'm currently looking for a software that can monitor logs from PLC (mostly Allen Bradley devices) and HMI (C-More...

by New Member in

Splunk DB connect to Splunk

Hello Splunkers!!Splunk is receiving the data from my Qracle database table from DBconnect. All of the events are bei...

by Motivator in

Re Route data coming from Syslog to new index

Hello,I have below inputs stanza to monitor the syslog feed coming to index=base, Now we need to filter the out with ...

by Path Finder in

Help with installing UF Credentials MacOS

Hi First of all, I'm a total beginner to Splunk. I just started my free trial of Splunk Cloud and want to install t...

by Explorer in

Script to filter events at index time

Is it possible to use a python script to perform transforms during event indexing? My aim is to remove keys from js...

by Path Finder in

Windows Command Prompt Freezing When Entering Splunk Commands

I am using Windows 10 and the Splunk Universal Forwarder version 9.4.0. When I run certain Splunk commands from an Ad...

by Observer in

Is there a way to ingest an entire file as an event?

We have a case in which each email message is stored on the file system as a distinct file. Is there a way to ingest ...

by Motivator in

Splunk application renaming without losing existing user data

I have an application on Splunkbase and want to rename it along with the commands and custom action.I have updated th...

by Observer in

OTEL splunk_hec receiver how to handle invalid tokens

Hello All,I am trying to build a open telemetry collector for splunk_hec receiver. I am able to get it working and r...

by Communicator in

ForwardedEvents ingestion broken after update to 9.1

This is an informational post rather than a question. If you use WEF to gather logs from your infrastructure to a s...

by SplunkTrust in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Syslog ingestion delay

No such file or directory: 'java' adding JMX account using Splunk add-on for Tomcat

curl: (6) Could not resolve host: http-inputs-<stack_url>.splunkcloud.com

Wrong parameters on macOS and logd input?

Mimecast App to get Archive logs

SC4S, how do I write raw message into a directory?

Support CSV files that have no CRLF at end of last line?

Indexer Web UI is not available after migrating Cluster master hardware

Transforms on multiline event containing some xml

Cloned Destinations: blockOnCloning

Tenable Json logs are not filtering

Data Inputs and valid objects - Something wrong with my instance?

Concerning the Splunk Universal Forwarder 9.x Scheduler Cron Syntax

Splunk HF Stops Receiving Fortigate WAF Logs via Syslog Intermittently

Best Practices for Handling High-Cardinality Dimensions in Metric Indices?

PLC & HMI Monitoring

Splunk DB connect to Splunk

Re Route data coming from Syslog to new index

Help with installing UF Credentials MacOS

Script to filter events at index time

Windows Command Prompt Freezing When Entering Splunk Commands

Is there a way to ingest an entire file as an event?

Splunk application renaming without losing existing user data

OTEL splunk_hec receiver how to handle invalid tokens

ForwardedEvents ingestion broken after update to 9.1

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Routing data to different indexes using regex

Re-ingest Windows logs across enterprise

SC4S Syslog server update fails during download wi...

Event break multiline PowerShell Transcript Log

uberAgent

Getting Data In

Are you a member of the Splunk Community?

Discussions