Getting Data In

Thread Info

Text logs not forwarded or indexed

Hi, I have an issue in forwarding application logs (text files) to splunk.Windows Event Logs are forwarded and inde...

by Explorer in

Getting duplicate events in splunk-ITSI indexes.

I have a clustered enviroment. But still getting duplicate events in splunk -ITSI indexes. Please give some recommend...

by Explorer in

Certificate

When i try to access server through 8089 where Forwarder is installed, i am seeing Invalid certificate. "This CA Ro...

by Path Finder in

Can you define a line break when you find a certain character?

Hi, I am trying to index data from a local directory, but the line break is not executing correctly. The expressio...

by New Member in

Stream not logging as separate events

Trying to send data to Splunk using 'services/receivers/stream', but data is not logged as separated event; instead i...

by Observer in

Forwarder- seekptr checksum error and logs not being sent

While debugging an issue where a forwarder would not send a specific log to our main splunk instance, i found this g...

by Path Finder in

JSON payloads not getting indexed into Splunk

Hi, Below is my props.conf on my Heavy Forwarder. I have recently found that there are few JSON messages completely...

by Builder in

Can someone help me with the approach for monitoring the UPS batteries(Modbus)?

Looking for the approach for monitoring these devices where this UPS devices are running on Modbus. Source is UPS pow...

by Motivator in

Index based on Raw Data?

I run a python script to get data into an indexer from mdb files, this basically creates events with source, host, so...

by Builder in

Splunk Add-on for Microsoft Office 365-data - data validation

hiwe have Splunk Add-on for Microsoft Office 365 running on heavy forwarderwhat is the best way to do data validation...

by Contributor in

How to split multiple data of same column into different columns

I have one column with data entries like below -column_1 a=123, b= 888, c=645,d=6328 a=6734, f=876, h=6666 ...

by Observer in

How to extract all log events excluding JSON messages?

Hi, I want to extract all the log events (normal lines) except JSON messages. There should be an easy way for this...

by Builder in

Splunk versions with updated datetime.xml

I will be installing version 7.3.4 in a testing environment and I am wondering if this version already has the patche...

by Communicator in

Indexer vs universal forwarder

Hi, I have a remote file (on server 2) which can be accessed directly from my Indexer (on server 1). What is the ...

by Builder in

Syslog forwarding to 3rd party: Why are events truncated at 1024 bytes?

Hi at all, I have very long events (more than 10,000 chars) that I have to send via syslog (udp) to a third party ...

by SplunkTrust in

Splunk: Python script to extract json data from API through OAUTH2 authentication

Hi All, I am new to python script. I have a requirement to extract json data in API through OAUTH2 authenticati...

by Explorer in

Find latest date for a record

Tried a couple of functions ... nothing easy... Example (index=XXX) AND event="XXXXXX" | eval tim =strftime(_time,...

by Explorer in

How do I route data to the null queue or another index in Splunk Cloud?

I am very aware of the configurations needed to route data certain indexes/null queue based on their content, however...

by Contributor in

Anyway I can get the result data through API?

It's cool for using splunk cloud UI to monitor the data. But If I just want to monitor the data in my own site. (I ...

by Engager in

Splunk Perfmon process not running

Hi, I have existing monitoring on my Windows servers. I wasn't the one who implemented it but I would like to add w...

by New Member in

Perfmon counter "HTTP Service Request Queues" is not forwarded to splunk

Hi, I've configured inputs.conf like below, but I can't see any data. (Other stanzas for [perfmon:// are all worki...

by Path Finder in

Problem as per screen shot - 500MB min disk space reached

Hi Guys I have Splunk enterprise installed. I have pulled across some directory's with files inside ( from Kali ). ...

by Explorer in

How to configure universal forwarder on same sys as Splunk Enterprise?

How, and what files specifically, do I configure to get data into Splunk enterprise from the localhost? I thought it ...

by Engager in

Finding errors affecting conversion in site funnel

We took ownership of a website that's full of errors. However, not all errors logged are fatal (e.g. breaks user fro...

by Explorer in

HTTP GET from Website

I have a IoT Device That has an Webserver Running. then I open the webpage http://iot-device.local/data I get an...

by New Member in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Text logs not forwarded or indexed

Getting duplicate events in splunk-ITSI indexes.

Certificate

Can you define a line break when you find a certain character?

Stream not logging as separate events

Forwarder- seekptr checksum error and logs not being sent

JSON payloads not getting indexed into Splunk

Can someone help me with the approach for monitoring the UPS batteries(Modbus)?

Index based on Raw Data?

Splunk Add-on for Microsoft Office 365-data - data validation

How to split multiple data of same column into different columns

How to extract all log events excluding JSON messages?

Splunk versions with updated datetime.xml

Indexer vs universal forwarder

Syslog forwarding to 3rd party: Why are events truncated at 1024 bytes?

Splunk: Python script to extract json data from API through OAUTH2 authentication

Find latest date for a record

How do I route data to the null queue or another index in Splunk Cloud?

Anyway I can get the result data through API?

Splunk Perfmon process not running

Perfmon counter "HTTP Service Request Queues" is not forwarded to splunk

Problem as per screen shot - 500MB min disk space reached

How to configure universal forwarder on same sys as Splunk Enterprise?

Finding errors affecting conversion in site funnel

HTTP GET from Website

Pro Tips for First-Time .conf Attendees: Advice from SplunkTrust

Raise Your Skills at the .conf25 Builder Bar: Your Splunk Developer Destination

Hunt Smarter, Not Harder: Discover New SPL “Recipes” in Our Threat Hunting Webinar

Power Platform audit logs

Regex works but transforms.conf extracts only part...

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

Getting Data In

Are you a member of the Splunk Community?

Discussions