Getting Data In

Community Activity

If I have multiple Cisco devices sending syslog directly to Splunk with the same source and sourcetype, how do I view them separately? Although we have multiple threads related to this topic, none are useful and confusing for newbies like me. I have m... by mi5cyberninja New Member in Getting Data In 09-28-2020 0 5	0	5
Splunk DB connect - Cannot get schemas Hello splunk community,There might be some configuration issues in our environment, but I could not find anything sta... by xlin Engager in Getting Data In 09-28-2020 0 1	0	1
How to create a script for DBConnect that adds an action to an existing alert? We use DBConnect to retrieve SQL data. We have a critical feed that is fairly stable. I added a retrieval for just th... by dorgra Path Finder in Getting Data In 09-28-2020 0 0	0	0
Splunk Monitoring Hi Team i'm new in splunk, I need to Monitor programs that executing on task manager whether is successfully or Not.... by mlindokuhle Loves-to-Learn Lots in Getting Data In 09-28-2020 0 3	0	3
Will Splunk index old data present in a folder after integration date? I have a Prod Linux server where I have deployed Universal forwarder and monitoring few directories. Say like below. ... by santhoshi Explorer in Getting Data In 09-28-2020 1 3	1	3
Archsight to Splunk via UF /Syslog We are planning to migrate archsight to Splunk via Collection of UF , syslog to HF.How many UF we need to install , ... by sahiltcs Path Finder in Getting Data In 09-27-2020 0 4	0	4
Why did our Windows Universal Forwarder stop forwarding? I have the universal forwarder installed on one of our Windows servers and it has been forwarding logs with no issue ... by kpers Path Finder in Getting Data In 09-27-2020 0 8	0	8
Can I get the iframe embed URL for a report via the REST API? I'm hoping to build a product that allows users to easily select a report from their Splunk instance and embed it in ... by sjodle Path Finder in Getting Data In 09-27-2020 0 2	0	2
Unable to authenticate to search heads: "Global key files are invalid. This server cannot distribute searches..." After a long-overdue upgrade from 6.x to 7.1.3 -- this release it the latest one supported by my vendor, who interope... by myudkowsky Communicator in Getting Data In 09-27-2020 0 10	0	10
UFs new pointer after restart If I gracefully shutdown the UF, it will send all logs from output queue and from internal parsing queue.Suppose I re... by hectorvp Communicator in Getting Data In 09-26-2020 1 3	1	3
Send a hostname tag via universalforwarder using Docker-Compose Hi.I'm configuring a docker-compose responsible to start a cluster of an application and then Splunk and the univers... by juliofalbo Engager in Getting Data In 09-26-2020 1 2	1	2
Logs sending being cutoff Hello,I have had an issue where specifically the firewall logs were cutoff for about 5 hours and then reconnected and... by STU3 Engager in Getting Data In 09-26-2020 0 1	0	1
How do I schedule a CSV Report? Hello!I have a scheduled report that I have running monthly that exports my results into a PDF format that is emailed... by ctaylor3819 Engager in Getting Data In 09-25-2020 0 1	0	1
mv extraction in props.conf I need to extract (at search time) a multivalue field in some JSON data in a manner that will allow me to perform add... by Dworsnop Path Finder in Getting Data In 09-25-2020 0 6	0	6
Failed to reap viewstate I find these in splunkd.log and the inputs.conf doesn't seem to be working INFO ViewstateReaper - Failed to reap view... by vigneshnarendra Explorer in Getting Data In 09-25-2020 0 0	0	0
ServiceNow Add-on 'sys_updated_on' field error Hi,Splunk server: 7.3.5snow_ta version: 6.0.0I'm trying to collect data from the snow cmdb input with the ta, but the... by oangarita Explorer in Getting Data In 09-24-2020 0 2	0	2
How to send a data source to specific indexers? Hi I am looking for an example to follow, where I can specify which data source goes to which indexers.I am trying to... by Glasses Builder in Getting Data In 09-24-2020 1 6	1	6
Removing newline and carriage return Hi, I am new to splunk. I am trying to make my logging message format good. I have log message with newline or carria... by avanijjain16 Explorer in Getting Data In 09-24-2020 0 1	0	1
Removing Backslash Good morning.Trying to replace a "\" (backslash) from a string. Below is my example ...# Perform Global Replace for ... by vpsmax Path Finder in Getting Data In 09-24-2020 1 5	1	5
host override not working Hello,We are using the Splunk app for checkpoint to ingest checkpoint logs via a heavy forwarder.The host is always r... by dkloud Explorer in Getting Data In 09-24-2020 2 8	2	8
Log fetching issues - Http event collector Hi ,we created a token and shared with the enduser to configure and send the logs on secure https.if i run the curl c... by krvamsireddy Explorer in Getting Data In 09-24-2020 0 4	0	4
Detect unusual login at work-off time Hi Guys ,I want to check login behavior on a per-app basis. In short to look at when most logins happen, for example... by abhinav_bel Loves-to-Learn Lots in Getting Data In 09-24-2020 0 3	0	3
Universal Forwarder Can we detect following from UFs internal logs:Is TCP connection failed between UF and indexer/HF.If UF dropped some ... by hectorvp Communicator in Getting Data In 09-24-2020 0 1	0	1
crushed logs master Bonjour si le maître écrase une configuration qui n'était pas dans son fichier lors d'un push Par exemple, il écrase ... by dfall Loves-to-Learn in Getting Data In 09-24-2020 0 0	0	0
Events on Heavy Forwarder not available on Search Head - IMAP Mailbox This issue is primarily related to events ingested via the IMAP Mailbox AppWe are running a distributed environment w... by timrich66 Communicator in Getting Data In 09-24-2020 0 3	0	3