Getting Data In

Community Activity

How to add _meta to all entries from forwarder? We have couple development environments that have Windows servers with same names (i.e. HOSTNAME1) and would like to ... by mestuleslv Engager in Getting Data In 07-31-2020 1 10	1	10
DB Connect - Query timed out Issue Im setting up a new DB connect. While creating inputs i could execute the SQL query and get results in Batch Mode. Wh... by spl_unker Explorer in Getting Data In 07-30-2020 0 1	0	1
Install Universal forwarder from Splunk Deployment Server? Hi, Want to monitor many devices on my local site and on remote, can I deploy installation of universal forwarder age... by jblibam New Member in Getting Data In 07-30-2020 0 5	0	5
Certain Defender ATP alerts are being onboarded multiple times Hello,I am trying to onboard Defender ATP alerts using Microsoft Defender ATP Add-on for Splunk (https://splunkbase.s... by RevatiLawrence New Member in Getting Data In 07-30-2020 0 0	0	0
How to add timezone recognition on WinPrintMon logs? I've sat up monitoring of WinPrintMon on some Windows servers. The input using the WinPrintMon stanza, as described h... by hettervik Builder in Getting Data In 07-30-2020 0 0	0	0
Splunk DB connect Integration Splunk DB Connect 3.3.1 - New database connection to MS SQL Server failsJRE version - 8JDBC Driver - 7.2.2Task serve... by nbr Explorer in Getting Data In 07-29-2020 0 2	0	2
FluentD to Splunk Hi There,I'm trying to get the logs forwarded from containers in Kubernetes over to Splunk using HEC. Fluentd has bee... by venksel Explorer in Getting Data In 07-29-2020 1 0	1	0
rsyslog no send logs in specific ip range Hi,I have 2 indexerswith the command I confirm that port 9997 is open.In one of the two indexers all the incoming con... by splunkcol Builder in Getting Data In 07-28-2020 0 1	0	1
How to make a POST request to Splunk API in a SimpleXML javascript dashboard? How can I use the splunkjs "Service" class to make POST changes to .conf files via the REST API in a Splunk SimpleXML... by herbatology New Member in Getting Data In 07-28-2020 0 1	0	1
Can I use the Splunk Supporting Add-on for Active Directory (SA-ldapsearch) to enumerate group membership for a specified user? I have seen how the Splunk Supporting Add-on for Active Directory (SA-ldapsearch) can give me a list of all groups, a... by danielansell Path Finder in Getting Data In 07-28-2020 0 1	0	1
Heavy Forwarder can not preview SQL server data Hello Splunk community,We had the splunk heavy forwarder set up on one machine, and SQL server database on the other ... by xlin Engager in Getting Data In 07-28-2020 0 3	0	3
Why is my oneshot command not working I have a oneshot command thats returning strange error message. I have everything in [-paramteter value] format. Here... by tkw03 Communicator in Getting Data In 07-28-2020 0 2	0	2
Duplicated Events: Local Log4net_xml Monitor I've got an issue where a significant portion of my ingested Log4Net_xml sourcetype logs have duplicate events. I'm c... by JacobCarrell Explorer in Getting Data In 07-28-2020 0 0	0	0
IIS logs :Need to mask cs_cookie,cs_Referer and cs_uri_path but headers still showing values after using SEDCMD Need to mask cs_cookie,cs_Referer and cs_uri_path but headers still showing values after using SEDCMD.i need to mask ... by sag5757 Explorer in Getting Data In 07-28-2020 0 3	0	3
Universal Forwarder to Intermediate Forwarding to Splunk Enterprise Instance,Indexer Cluster & Heavy Forwarder I've a scenario where I've got around 250 servers where UF has to be installed. These data would be forwarded to Inde... by hectorvp Communicator in Getting Data In 07-28-2020 0 6	0	6
Extracting JSON object from JSON array, if value matches I've stuck in a scenario, where I want to extract complete JSON object from an JSON array collection on behalf of my ... by rishabh10jain Engager in Getting Data In 07-28-2020 0 5	0	5
TIME_FORMAT in props is not working I have configured the TIME_FORMAT in props.conf as mentioned below. [mySourceType] INDEXED_EXTRACTIONS = csv FIELD_... by ankitarath2011 Path Finder in Getting Data In 07-27-2020 0 9	0	9
Distributed Search Looking for answers on the following (with regards to the distributed search):1.) An explanation on how the distribut... by KayBeesKnees83 Path Finder in Getting Data In 07-27-2020 0 1	0	1
How do we enable a forwarder boot-start? We are running the following - /opt/splunk/splunkforwarder/bin/splunk enable boot-start -user splnkfwd The genera... by ddrillic Ultra Champion in Getting Data In 07-27-2020 0 8	0	8
Splunk - how to filter json search results My splunk search returns one event as below: notice agent data is in a nested json format. agentName and agentSwitch... by evanxu Explorer in Getting Data In 07-27-2020 0 8	0	8
Data filtering \| Blacklisting help needed In order to filter below data logs not to ingest into splunk. %DOMAIN-2-IME:%DOMAIN-2-IME_DETAILS:%DOMAIN-5-TCA:Follo... by SabariRajanT Path Finder in Getting Data In 07-27-2020 0 3	0	3
Indexers showing: WARN AdminHandler:AuthenticationHandler - Denied session token for user: splunk-system-user Hi, We have a v6.1.6 Windows server 2008 distributed Splunk environment. On the Indexers the following event is bein... by Ant1D Motivator in Getting Data In 07-25-2020 0 9	0	9
Splunk logging library Doesn't work I am trying to use Splunk logging library to log events to HTTP Event Collector via java.util.logging.Followed steps... by pmurarka Explorer in Getting Data In 07-24-2020 0 1	0	1
PowerShell sample for HTTP Event Collector I've been studying and creating several pieces of code to take advantage of the wonders of the HTTP Event Collector a... by gmartins_splunk Splunk Employee in Getting Data In 07-24-2020 8 8	8	8
Worker Process CPU and RAM monitoring Hi Team,I want to monitor individual CPU and RAM of the worker processes which I get when I run C:\Windows\System32\i... by developmenttool Loves-to-Learn Lots in Getting Data In 07-24-2020 0 9	0	9