Getting Data In

Community Activity

Can I get the iframe embed URL for a report via the REST API? I'm hoping to build a product that allows users to easily select a report from their Splunk instance and embed it in ... by sjodle Path Finder in Getting Data In 09-27-2020 0 2	0	2
Unable to authenticate to search heads: "Global key files are invalid. This server cannot distribute searches..." After a long-overdue upgrade from 6.x to 7.1.3 -- this release it the latest one supported by my vendor, who interope... by myudkowsky Communicator in Getting Data In 09-27-2020 0 10	0	10
UFs new pointer after restart If I gracefully shutdown the UF, it will send all logs from output queue and from internal parsing queue.Suppose I re... by hectorvp Communicator in Getting Data In 09-26-2020 1 3	1	3
Send a hostname tag via universalforwarder using Docker-Compose Hi.I'm configuring a docker-compose responsible to start a cluster of an application and then Splunk and the univers... by juliofalbo Engager in Getting Data In 09-26-2020 1 2	1	2
Logs sending being cutoff Hello,I have had an issue where specifically the firewall logs were cutoff for about 5 hours and then reconnected and... by STU3 Engager in Getting Data In 09-26-2020 0 1	0	1
How do I schedule a CSV Report? Hello!I have a scheduled report that I have running monthly that exports my results into a PDF format that is emailed... by ctaylor3819 Engager in Getting Data In 09-25-2020 0 1	0	1
mv extraction in props.conf I need to extract (at search time) a multivalue field in some JSON data in a manner that will allow me to perform add... by Dworsnop Path Finder in Getting Data In 09-25-2020 0 6	0	6
Failed to reap viewstate I find these in splunkd.log and the inputs.conf doesn't seem to be working INFO ViewstateReaper - Failed to reap view... by vigneshnarendra Explorer in Getting Data In 09-25-2020 0 0	0	0
ServiceNow Add-on 'sys_updated_on' field error Hi,Splunk server: 7.3.5snow_ta version: 6.0.0I'm trying to collect data from the snow cmdb input with the ta, but the... by oangarita Explorer in Getting Data In 09-24-2020 0 2	0	2
How to send a data source to specific indexers? Hi I am looking for an example to follow, where I can specify which data source goes to which indexers.I am trying to... by Glasses Builder in Getting Data In 09-24-2020 1 6	1	6
Removing newline and carriage return Hi, I am new to splunk. I am trying to make my logging message format good. I have log message with newline or carria... by avanijjain16 Explorer in Getting Data In 09-24-2020 0 1	0	1
Removing Backslash Good morning.Trying to replace a "\" (backslash) from a string. Below is my example ...# Perform Global Replace for ... by vpsmax Path Finder in Getting Data In 09-24-2020 1 5	1	5
host override not working Hello,We are using the Splunk app for checkpoint to ingest checkpoint logs via a heavy forwarder.The host is always r... by dkloud Explorer in Getting Data In 09-24-2020 2 8	2	8
Log fetching issues - Http event collector Hi ,we created a token and shared with the enduser to configure and send the logs on secure https.if i run the curl c... by krvamsireddy Explorer in Getting Data In 09-24-2020 0 4	0	4
Detect unusual login at work-off time Hi Guys ,I want to check login behavior on a per-app basis. In short to look at when most logins happen, for example... by abhinav_bel Loves-to-Learn Lots in Getting Data In 09-24-2020 0 3	0	3
Universal Forwarder Can we detect following from UFs internal logs:Is TCP connection failed between UF and indexer/HF.If UF dropped some ... by hectorvp Communicator in Getting Data In 09-24-2020 0 1	0	1
crushed logs master Bonjour si le maître écrase une configuration qui n'était pas dans son fichier lors d'un push Par exemple, il écrase ... by dfall Loves-to-Learn in Getting Data In 09-24-2020 0 0	0	0
Events on Heavy Forwarder not available on Search Head - IMAP Mailbox This issue is primarily related to events ingested via the IMAP Mailbox AppWe are running a distributed environment w... by timrich66 Communicator in Getting Data In 09-24-2020 0 3	0	3
Parsing Forcepoint CASB CEF logs in Splunk I need some help with parsing Forcepoint CASB CEF logs in Splunk. The data does not seem to parse the epoch time stam... by geoffmoraes Path Finder in Getting Data In 09-24-2020 0 5	0	5
How can I filter the contents of an eventID without blacklisting it? I am currently trying to filter EventCode 4703. I wanted to do this via blacklist but not fully block the EventCode b... by splunktrainingu Communicator in Getting Data In 09-23-2020 0 2	0	2
CarbonBlack/Splunk Integration I am having difficulty configuring the Cb Defense Add-On for Splunk on a heavy forwarder, which is forwarding to my S... by fdarrigo Path Finder in Getting Data In 09-23-2020 0 0	0	0
DB Connect App template Hi All, I'm using DB Connect 3.x - I want to create a template for future MS-SQL connections to speed the process up... by putnamblake Path Finder in Getting Data In 09-23-2020 1 1	1	1
TA MS defender not working I have this add-on "TA Microsoft Windows Defender" installed in our UFs using a deployment server, all configuration ... by titoluna07 Explorer in Getting Data In 09-23-2020 1 0	1	0
Monitoring WEC .evtx files on another drive I am after some help to debug why Splunk is not monitoring my external .evtx files.Currently have the following: %Spl... by Blackmagician Engager in Getting Data In 09-23-2020 1 1	1	1
DB query to fetch logs from McAfee ePO 5.10 We upgraded the McAfee ePO from 5.9 to 5.10 after that splunk integration was broken, so i checked some articles and ... by krvamsireddy Explorer in Getting Data In 09-23-2020 0 0	0	0