Getting Data In

Community Activity

	Checksum for seek ptr didn't match, will re-read entire file _TCP_ROUTING = forward_logsdisabled = falseindex = 1idx1sourcetype = LOGScrcSalt = <SOURCE>Even though our inputs.con... by akpadhi Explorer in Getting Data In 11-17-2020 0 3	0	3
	outputs.conf add a delimiter Is it possible to add a stanza field to outputs.conf on a light forwarder to add a delimiter to data that currently h... by robnewman666 Path Finder in Getting Data In 11-17-2020 0 2	0	2
	Upgrade Splunk All-in-one - Loss of logs on Universal Forwarder Hello everyone,I am planning to upgrade my all-in-one Splunk which is on version 7.2.4 to 8.1.According to the docume... by Silek Explorer in Getting Data In 11-17-2020 0 3	0	3
	Splunk_TA_Windows - script:installedapps timestamp issues? All, Thought I posted this before, but can't find it in my history. I am seeing alerts in my Splunk logs statin that ... by daniel333 Builder in Getting Data In 11-16-2020 0 1	0	1
	history of the missing index Good afternoonDuring an activity, the in index stanza in the indexes.conf file was commented to perform an event clea... by efaundez Path Finder in Getting Data In 11-16-2020 0 2	0	2
	Get data from Azure Function into Splunk Enterprise I am trying to be able to get data in from an azure function one our of team's has done.We are not able to get the da... by jeffbat Path Finder in Getting Data In 11-16-2020 0 0	0	0
	indexes.conf recommendation for large volume of data per day in 1index Hi,I am looking for any recommendation when dealing with such scenario. On one instance or one indexer, 300-400GB of... by fgu Loves-to-Learn Lots in Getting Data In 11-16-2020 0 4	0	4
	Nginx Logs from Kubernertes Containers hi guys,forgive the n00bness of this question as im sure its fairly straightforward and/or been answered before.So im... by stuartcooney Loves-to-Learn in Getting Data In 11-16-2020 0 0	0	0
	Heavy forwarder Hi, I am trying to figure out if i need a heavy forwarder or not; from what I have read in the documentation, a heavy... by hethu Path Finder in Getting Data In 11-16-2020 0 3	0	3
	Universal Forwarder to Both On Prem and Cloud Instances We're starting outline our architecture and how data will flow, and we're looking to forward data to both an on prem ... by LCelley Explorer in Getting Data In 11-16-2020 0 1	0	1
	Need help writing input stanza for maillog I'm having a hard time getting my stanza setup correctly. I basically want to monitor the maillog directories (maillo... by Jarohnimo Builder in Getting Data In 11-15-2020 0 3	0	3
	Cisco logs though Heavy Forwarder Hello!I'm trying to collect logs from Cisco ASA devices through Heavy Forwarder, I'm sending all Cisco ASA logs to my... by tmardan Explorer in Getting Data In 11-15-2020 0 1	0	1
	Exclude field values from other field Hi,I have some sylog events, login failed and login success in particular. I can determine if the event is success or... by marco_massari11 Communicator in Getting Data In 11-14-2020 0 2	0	2
	Filtering Cisco ASA Session log to remove logging for a session ID and IP combination Hi,I'm very new to Splunk, and struggling to find a way to filter a specific log which is consuming a large proporti... by timoggy Loves-to-Learn Lots in Getting Data In 11-13-2020 0 2	0	2
	Getting A Specific Field From a Log Hello Splunkers. I have a stream of logs going to Splunk that reports daily errors. The logs is as follows: Exceptio... by luteixeira Explorer in Getting Data In 11-12-2020 0 2	0	2
	XML metadata field extraction Hi Splunkers, I am working on field extraction for XML events. I have added regex in transforms.conf for extraction.... by jsanjeb Explorer in Getting Data In 11-12-2020 0 1	0	1
	Splunk timestamp offset GMT Good evening. I have a ASCII event message that looks like the following: The timestamp is in GMT time. When Splunk ... by SFOTC New Member in Getting Data In 11-12-2020 0 6	0	6
	Events filter on heavy forwarder doesn't work Hi all,we are monitoring some log files in a Windows directory; we'd like to keep only events containing the word FAI... by nicofantinato Path Finder in Getting Data In 11-12-2020 0 0	0	0
	wrong year in _time Hi,I have several data sources that have each their own timestamp(different times, one format) due to Geo differences... by boromir Path Finder in Getting Data In 11-12-2020 0 3	0	3
	Splunk migration Hi We are working on migration to different environments and we are looking to forward same data to different indexer... by kowsikreddy Loves-to-Learn in Getting Data In 11-11-2020 0 2	0	2
	Null Filtering Not Working Greetings all. I am having some trouble getting syslog data to filter with regards to nullQueue. Below are what my co... by iamDT03 Engager in Getting Data In 11-11-2020 0 1	0	1
	Conditional Input.conf setting? All, I have about 200 machines with UF installed. I want to monitor bash_history and a few other Linux /home items. T... by daniel333 Builder in Getting Data In 11-11-2020 0 1	0	1
	Make Splunk Look For Logs Inside Folders Hello all!  I'm currently implementing Splunk inside one of our company systems. It happens so that the logging stru... by luteixeira Explorer in Getting Data In 11-11-2020 0 2	0	2
	Improve Batch stanza Ingestion for large files We have a script which is downloading file from the location every 5 min and we are monitoring using batch stanza. E... by nisu Explorer in Getting Data In 11-11-2020 0 1	0	1
	splunk index HiWe are on migration on 2 different environments for windows OS.Can we get details, where we have define new indexes... by kowsikreddy Loves-to-Learn in Getting Data In 11-11-2020 0 2	0	2