Getting Data In

Community Activity

How to avoid indexing of some fields or parts of events? Hello, we want to filter some fields of receiving events before indexing for the license saving, for example, in a fi... by jg91 Path Finder in Getting Data In 07-19-2020 0 3	0	3
How to forward data when forwarder cannot contact indexer through firewall? Hi all, I have a situation where there are servers from which we wish to get logs into Splunk. However, we cannot use... by joshuapetitt Path Finder in Getting Data In 07-19-2020 0 2	0	2
Splunk Index Best Practices Hi-We are indexing JSON data into Splunk. We push the data once every 24 hours. The Rest API will not give "Delta:", ... by loginsoft Loves-to-Learn Lots in Getting Data In 07-19-2020 0 2	0	2
Splunk is getting duplicate events from Azure billing API, Splunk is getting duplicate events from Azure billing API, We are using inbuild azure connector to onboard the data.... by pavanprem009 New Member in Getting Data In 07-19-2020 0 0	0	0
Timezone My logs are that kind :<July 13, 2020 10:55:02,572 PM CDT>So i used TIME_FORMAT=%b %d, %Y %H:%M:%S, %3N%p%zBut it is ... by uagraw01 Motivator in Getting Data In 07-18-2020 0 16	0	16
How to see all source and sourcetype list Hi, In splunk UI, I am seeing only top 10 source and sourcetype list. But I want to see all of them. Please suggest... by rameshlpatel Communicator in Getting Data In 07-18-2020 6 17	6	17
Line breaking not working for JSON logs (API at heavy forwarder). We are using ingest pattern as API at Heavy forwarder. props.conf:- [kenna:applications] INDEXED_EXTRACTIONS = json T... by asimasplunk Explorer in Getting Data In 07-18-2020 0 6	0	6
Ingest data from mongo db into Splunk Hi Splunk CommunityI was using MySQL databases and DB connect to ingest data into Splunk. Working great!If I use Mong... by sssignals Path Finder in Getting Data In 07-17-2020 0 1	0	1
Need assistance getting large data into Splunk This is a note my client sent:I can’t really use the logs from Splunk, because they are spotty.. Think I figured out ... by nls7010 Path Finder in Getting Data In 07-17-2020 0 0	0	0
Splunk App For Infrastructure VMware vSphere I'm trying to add VMware vSphere data using the Splunk app for infrastructure. When I try to, all I get is an alert "... by chrisratliff95 New Member in Getting Data In 07-17-2020 0 0	0	0
Running multiply Powershell scripts at the same time I have been working the past 2 weeks with getting powershell scripts and cron jobs stable. but find that when i run 6... by Danny_Nilsson Explorer in Getting Data In 07-17-2020 0 2	0	2
Windows Path monitor When installing the "universal forwarder" I put a "path to monitor".But I would like to add another path. How do I ad... by toledotiago Explorer in Getting Data In 07-17-2020 0 4	0	4
Getting syslogs from Avamar Hi at all, I'm trying to get Avamar logs by syslog (UDP). The problem is that every time Avamar sends an event log, I... by gcusello SplunkTrust in Getting Data In 07-16-2020 0 5	0	5
How to add custom tags to event data via universal forwarder? I am using universal forwarder. I wish to tag my logs with the application and some custom information like groupA o... by dandekarabhay New Member in Getting Data In 07-16-2020 0 8	0	8
field extractions transforms Hi, I am unable to figure out a regex that matches the key value pairs of my data , I think the transforms.conf regex... by nawazns5038 Builder in Getting Data In 07-16-2020 0 1	0	1
How to get data into splunk? Hi, After setted a source by inputs.conf where inside is specified a sourcetype="something" and index="something". So... by dani9 Explorer in Getting Data In 07-16-2020 0 2	0	2
Splunk 8.0.2 Docker environment variable or defaul.yml setting for python.version = python3 Is there an environment variable or a setting for defaul.yml I can set for python.version = python3 so that it is add... by wfskmoney Path Finder in Getting Data In 07-16-2020 1 1	1	1
Can I manually rename an index homePath with existing data? Hi all,I'm dealing with a legacy Splunk installation where I'd like to clean up an index for consistency.Lets say I h... by joshuapetitt Path Finder in Getting Data In 07-16-2020 0 1	0	1
Why am I unable to monitor $SPLUNK_HOME/var/log/splunk/audit.log on my Linux Universal Forwarders? I created an app named a_uf_inputs_conf. The app simply contains inputs.conf that has the monitor stanza's below. Thi... by matthewroberson Path Finder in Getting Data In 07-16-2020 0 13	0	13
Splunk Universal Forwarders audit logs merged - audit.conf configuration Hi All,As indicated here (https://community.splunk.com/t5/Getting-Data-In/Why-am-I-unable-to-monitor-SPLUNK-HOME-var-... by edoardo_vicendo Builder in Getting Data In 07-16-2020 0 1	0	1
How to set up a Universal Forwarder to allow it to receive logs via the REST API? We have a Universal Forwarder (UF) installation on premises that collects logs from various UF Agents and sends them ... by sujitdmello New Member in Getting Data In 07-16-2020 0 6	0	6
Unable to pull backlog data through TA-ms-loganalytics. I have setup the TA-ms-loganalytics on my Splunk enterprise instance, and configured the inputs, i have given the sta... by jaihingorani Path Finder in Getting Data In 07-16-2020 0 26	0	26
Blacklist windows event log by Host Application field Hello all,I would like to exclude the following windows event log on the universal forwarder. 07/15/2020 08:38:55 A... by thund_ssi Explorer in Getting Data In 07-14-2020 0 3	0	3
Display JSON as list, not table Hi,I'm trying to create some test data which contains some JSON embedded in it. I'm then trying to extract the JSON a... by DavidB New Member in Getting Data In 07-14-2020 0 3	0	3
I want to monitor my email directory We see lots of email alerts, and they come from a wide variety of places. I want to understand them better. So...I ... by chris94089 Path Finder in Getting Data In 07-14-2020 0 1	0	1