Getting Data In

Community Activity

How to disable perfmon index in one of the cluster? In my enviroment there are 2 indexer cluster .i.e. cluster 1 and cluster 2. I need to disable perfmon index in cluste... by sag5757 Explorer in Getting Data In 08-06-2020 0 3	0	3
Is there a way to change the token prefix from splunk to bearer? Hi All,We are trying to push data from Grafana to Splunk using HEC based integration. When we did the testing we foun... by nareshkumarg Path Finder in Getting Data In 08-06-2020 0 2	0	2
How to use ip address instead fqdn in splunk mail server configuration? My host is not capable of resolving the ip address so can any one help to configure my ip address as mail relay. by btshivanand Path Finder in Getting Data In 08-06-2020 0 1	0	1
how to extract json fields in a mixed type log outside SPL (spath) in props.conf/transform.conf I have a logfile with "\|" (pipe) seperated field. So i use transform.conf to seperate those fields.two of the fields ... by RetailOperation Explorer in Getting Data In 08-06-2020 0 0	0	0
new index not accepting data Hello,I am not able to get my data into the newly created "varlog" index. The index is an event index and active in t... by damucka Builder in Getting Data In 08-06-2020 0 5	0	5
Restarting Splunk UF due to TcpOutputProc issues Hi - having issues with a Windows UF we are having to restart circa weekly to clear the issue below which happens at ... by nickhaj New Member in Getting Data In 08-06-2020 0 3	0	3
splunkd.log errors attempting to send PCF data via TCP Hello,We are trying to send log data from PCF applications over to our Splunk indexers via TCP. This was configured a... by SPlunkQR Explorer in Getting Data In 08-05-2020 0 1	0	1
What configuration changes can we make to limit the ability of a user search to consume all the available memory on an indexer? All of the indexers in our index cluster are becoming unstable due to a user search. Would like a resource to review ... by sat94541 Communicator in Getting Data In 08-05-2020 0 3	0	3
Use a server list for monitor stanza We have about 100 servers that we want to monitor 1 file. I'd like to be able to have 1 monitor stanza, that can loop... by khickey New Member in Getting Data In 08-05-2020 0 1	0	1
Onboard Windows events: DNS application logs Hi, I am trying to on-board the DNS application logs from windows servers 2012 event logs -> "Application and Service... by Mayanakhan Explorer in Getting Data In 08-04-2020 0 2	0	2
Cisco ESA Add-On Not Parsing A log subscription is set on the Cisco ESA appliance (IronPort Text Mail Logs) which is set to forward to a syslog-ng... by b3aggressive New Member in Getting Data In 08-04-2020 0 1	0	1
Cisco CNAE problems with script data input I am trying to get the addon for CNAE to work I have configured according to guideline, but I don’t get any data into... by Ida_2017 Explorer in Getting Data In 08-04-2020 0 0	0	0
IndexScopedSearch and default ingest timestamp Splunk Enterprise. Version: 7.2.3. Build: 06d57c595b80. New dataset of a 70 MB log file. The timestamp of the log fi... by ellothere Explorer in Getting Data In 08-04-2020 0 1	0	1
How to retain UF based data when link between on-prem heavy forwarder to Splunk Cloud goes down ? Whats the alternative when link between on-prem HF to Splunk cloud goes down? how we can we prevent loss of data duri... by damode Motivator in Getting Data In 08-03-2020 0 2	0	2
Universal Forwarder Stops sending data Hi, We have a Universal Forwarder on our Linux rSyslog server. It was working fine until two weeks ago. The problem... by harrisoncs Explorer in Getting Data In 08-03-2020 1 7	1	7
Extracting Date and Time from Events How do I extract the date and time from my events?Event Data Sample-------------------------Jun 4 01:27:01 rofsso504a... by NealBr New Member in Getting Data In 08-03-2020 0 4	0	4
(Caused by ProxyError('Cannot connect to proxy.', NewConnectionError(' we have heavy forwarder with splunk_ta_o365 installed the integration is working for some time and after some time I ... by rayar Contributor in Getting Data In 08-03-2020 0 0	0	0
Splunk App Packaging: How to package app with multiple add-ons to a single .spl file? I am trying to package the app with splunk package app abc But since there is another add-on which I installed f... by m_zaman Engager in Getting Data In 08-02-2020 0 3	0	3
Getting metrics timestamp in future Hello, I am trying to get metrics from RouterOS using scripting (logs are forwarded using UDP)I end up with all times... by nazar554 Loves-to-Learn in Getting Data In 08-01-2020 0 0	0	0
Receiving error message while starting Splunk on AIX7.2 Dear Splunkers, I am trying to install Splunk 7.0.7 version universal forwarder on an AIX7.2 machine. While doing so... by vsidharda Engager in Getting Data In 07-31-2020 0 1	0	1
How to see a list of files that Splunk is currently monitoring? I want to list out the current data inputs, I ran the following command: C:\Program Files\SplunkUniversalForwarder\... by s1j1yem1x Path Finder in Getting Data In 07-31-2020 0 9	0	9
Fixup Tasks - Pending - Streaming Failure Have Indexer Cluster. Have settings set to Search Factor 2, Replication Factor 3. I have 5 Indexer Peers at the momen... by dtrust New Member in Getting Data In 07-31-2020 0 0	0	0
Can Palo Alto logs be sent directly to Splunk, or do they initially need to be sent first to a syslog server ? I'm wondering if it's possible to configure the Palo Alto log forwarding profile so that the PA logs are directly sen... by adnankhan5133 Communicator in Getting Data In 07-31-2020 0 1	0	1
How to add _meta to all entries from forwarder? We have couple development environments that have Windows servers with same names (i.e. HOSTNAME1) and would like to ... by mestuleslv Engager in Getting Data In 07-31-2020 1 10	1	10
DB Connect - Query timed out Issue Im setting up a new DB connect. While creating inputs i could execute the SQL query and get results in Batch Mode. Wh... by spl_unker Explorer in Getting Data In 07-30-2020 0 1	0	1