Getting Data In

Thread Info

Syslog and Splunk?

Hello Everyone, We are sending VPN data via syslog over UDP to our splunk server. The reason we are using syslog a...

by Communicator in

How to forward entire .txt file in splunk from batch file

I have a batch file that runs this: break > D:\....\test.txt break > D:\....\test2.txt process1 >> D:\....\...

by Path Finder in

collectd reports "write_http plugin: curl_easy_perform failed with status 56: Recv failure: Connection reset by peer

I realize this may be more of a Linux problem than a Splunk problem, but I'm using code specifically for Splunk so pe...

by SplunkTrust in

Deleting an add-on created by Add-on builder: have you seen the following error?

Hi, I removed an add-on manually by deleting the folder $SPLUNK_HOME/etc/apps/TA-myProject. But now, i'm having an...

by New Member in

How to convert date and time in UTC to EST?

How to convert the DateTime in UTC to EST? I have the time value as 20161221211100. Thank you in advance.

by Communicator in

overwrite index on heavy forwarder based on port

Hi. We are about to ingest logs from multiple suppliers, where the individual supplier has full control over their...

by Contributor in

Can I use a _meta variable from inputs in a transforms on the same heavy forwarder?

Hi. I have a business requirement where I need to index data from multiple of our vendors that also use Splunk. T...

by Contributor in

DBConnect 3.2.0 integration with MongoDB

Hi all, I have problem getting Splunk to connect to MongoDB. Below are what i have done so far: 1. Download the d...

by Path Finder in

How to make Splunk ignore logs older than specific days

Dear Team, I had an issue with splunk and had to follow this post: https://community.splunk.com/t5/All-Apps-a...

by Explorer in

Why am I seeing so many corrupt buckets?

While searching for the reason why our indexers are creating so many hot buckets, I executed: | dbinspect index=* cor...

by Path Finder in

Exchange log fowarding.

Hi all, After setting up the universal forwarder on a Exchange server. Which configuration should be done in the GUI ...

by New Member in

Getting data into Splunk ES

I already have a Splunk Indexer, and the data is being sent there. I have a separate ES server. How do I view my da...

by Engager in

Strip leading junk to index json

I have some json coming in from syslog and there's a bunch of added junk that's inhibiting the field extraction. I ...

by Explorer in

Help with building REST API input in Splunk addon builder for Oracle Cloud integration

I am building a REST API input using add-on builder for ingesting logs from Oracle Identity Cloud Service following i...

by Motivator in

Routing events to a specific index based on a field value via transforms and props not working as expected

I am trying to route certain events to a specific index based on a field value. All events are sent to a heavy forwar...

by Communicator in

Not able to authenticate Splunk REST API with Postman

I'm able to confirm this works for me curl command is working for me. It returns a session ID. curl -k https://splun...

by Contributor in

Key Extract from data

I have following logs 2020-06-30 17:58:28,307; thread=[workflow-503]; LogLevel=INFO; class=a.b.c.getData; miles...

by Loves-to-Learn in

Microsoft IIS - Remove 0#.w| with transforms.conf and props.conf

Hello everyone, I am trying to remove this string "0#.w|" with a transforms.conf file. To be sure that my regex is ...

by Explorer in

Create Saved Search with Rest API ->need working example

Hi, Does somebody have a working example of how to create a Saved Search using the Rest API with XML? Thanks Ma...

by New Member in

transforms.conf set hostname to current host

Hi, Is there a way to use environment variables within transforms.conf. I am trying to override the hostname to the...

by Motivator in

Integrating Splunk with SpringBoot application

I need to integrate Splunk with a springboot application. The idea is having a form allowing user to enter keywords, ...

by Contributor in

TA-nmon fifo_reader.py, fifo_reader.sh, nmon.fifo not running, permission denied

The TA-nmon is not sending data to 'nmon' index on my splunk instance. I was looking through the troubleshoot guide f...

by Path Finder in

Splunk field transformations page UI

Hi , I have installed Splunk version 7.2.6 in some of the servers and I don't see the type dropdown in one of ...

by Builder in

how to input encrypted files like PGP encrypted files

Hello Everyone, Does anyone know if there is any method in Splunk to index encrypted input files like PGP encrypted...

by Path Finder in

Ingest Esxi logs through vrealize into Splunk via syslog

Hi All, I want to ingest ESXi logs through vrealize in Splunk via syslog. Is there any app to get these logs parse ...

by Loves-to-Learn in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Syslog and Splunk?

How to forward entire .txt file in splunk from batch file

collectd reports "write_http plugin: curl_easy_perform failed with status 56: Recv failure: Connection reset by peer

Deleting an add-on created by Add-on builder: have you seen the following error?

How to convert date and time in UTC to EST?

overwrite index on heavy forwarder based on port

Can I use a _meta variable from inputs in a transforms on the same heavy forwarder?

DBConnect 3.2.0 integration with MongoDB

How to make Splunk ignore logs older than specific days

Why am I seeing so many corrupt buckets?

Exchange log fowarding.

Getting data into Splunk ES

Strip leading junk to index json

Help with building REST API input in Splunk addon builder for Oracle Cloud integration

Routing events to a specific index based on a field value via transforms and props not working as expected

Not able to authenticate Splunk REST API with Postman

Key Extract from data

Microsoft IIS - Remove 0#.w| with transforms.conf and props.conf

Create Saved Search with Rest API ->need working example

transforms.conf set hostname to current host

Integrating Splunk with SpringBoot application

TA-nmon fifo_reader.py, fifo_reader.sh, nmon.fifo not running, permission denied

Splunk field transformations page UI

how to input encrypted files like PGP encrypted files

Ingest Esxi logs through vrealize into Splunk via syslog

Enhance Your Splunk App Development: New Tools & Support

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions