Getting Data In

Community Activity

Receiving error message while starting Splunk on AIX7.2 Dear Splunkers, I am trying to install Splunk 7.0.7 version universal forwarder on an AIX7.2 machine. While doing so... by vsidharda Engager in Getting Data In 07-31-2020 0 1	0	1
How to see a list of files that Splunk is currently monitoring? I want to list out the current data inputs, I ran the following command: C:\Program Files\SplunkUniversalForwarder\... by s1j1yem1x Path Finder in Getting Data In 07-31-2020 0 9	0	9
Fixup Tasks - Pending - Streaming Failure Have Indexer Cluster. Have settings set to Search Factor 2, Replication Factor 3. I have 5 Indexer Peers at the momen... by dtrust New Member in Getting Data In 07-31-2020 0 0	0	0
Can Palo Alto logs be sent directly to Splunk, or do they initially need to be sent first to a syslog server ? I'm wondering if it's possible to configure the Palo Alto log forwarding profile so that the PA logs are directly sen... by adnankhan5133 Communicator in Getting Data In 07-31-2020 0 1	0	1
How to add _meta to all entries from forwarder? We have couple development environments that have Windows servers with same names (i.e. HOSTNAME1) and would like to ... by mestuleslv Engager in Getting Data In 07-31-2020 1 10	1	10
DB Connect - Query timed out Issue Im setting up a new DB connect. While creating inputs i could execute the SQL query and get results in Batch Mode. Wh... by spl_unker Explorer in Getting Data In 07-30-2020 0 1	0	1
Install Universal forwarder from Splunk Deployment Server? Hi, Want to monitor many devices on my local site and on remote, can I deploy installation of universal forwarder age... by jblibam New Member in Getting Data In 07-30-2020 0 5	0	5
Certain Defender ATP alerts are being onboarded multiple times Hello,I am trying to onboard Defender ATP alerts using Microsoft Defender ATP Add-on for Splunk (https://splunkbase.s... by RevatiLawrence New Member in Getting Data In 07-30-2020 0 0	0	0
How to add timezone recognition on WinPrintMon logs? I've sat up monitoring of WinPrintMon on some Windows servers. The input using the WinPrintMon stanza, as described h... by hettervik Builder in Getting Data In 07-30-2020 0 0	0	0
Splunk DB connect Integration Splunk DB Connect 3.3.1 - New database connection to MS SQL Server failsJRE version - 8JDBC Driver - 7.2.2Task serve... by nbr Explorer in Getting Data In 07-29-2020 0 2	0	2
FluentD to Splunk Hi There,I'm trying to get the logs forwarded from containers in Kubernetes over to Splunk using HEC. Fluentd has bee... by venksel Explorer in Getting Data In 07-29-2020 1 0	1	0
rsyslog no send logs in specific ip range Hi,I have 2 indexerswith the command I confirm that port 9997 is open.In one of the two indexers all the incoming con... by splunkcol Builder in Getting Data In 07-28-2020 0 1	0	1
How to make a POST request to Splunk API in a SimpleXML javascript dashboard? How can I use the splunkjs "Service" class to make POST changes to .conf files via the REST API in a Splunk SimpleXML... by herbatology New Member in Getting Data In 07-28-2020 0 1	0	1
Can I use the Splunk Supporting Add-on for Active Directory (SA-ldapsearch) to enumerate group membership for a specified user? I have seen how the Splunk Supporting Add-on for Active Directory (SA-ldapsearch) can give me a list of all groups, a... by danielansell Path Finder in Getting Data In 07-28-2020 0 1	0	1
Heavy Forwarder can not preview SQL server data Hello Splunk community,We had the splunk heavy forwarder set up on one machine, and SQL server database on the other ... by xlin Engager in Getting Data In 07-28-2020 0 3	0	3
Why is my oneshot command not working I have a oneshot command thats returning strange error message. I have everything in [-paramteter value] format. Here... by tkw03 Communicator in Getting Data In 07-28-2020 0 2	0	2
Duplicated Events: Local Log4net_xml Monitor I've got an issue where a significant portion of my ingested Log4Net_xml sourcetype logs have duplicate events. I'm c... by JacobCarrell Explorer in Getting Data In 07-28-2020 0 0	0	0
IIS logs :Need to mask cs_cookie,cs_Referer and cs_uri_path but headers still showing values after using SEDCMD Need to mask cs_cookie,cs_Referer and cs_uri_path but headers still showing values after using SEDCMD.i need to mask ... by sag5757 Explorer in Getting Data In 07-28-2020 0 3	0	3
Universal Forwarder to Intermediate Forwarding to Splunk Enterprise Instance,Indexer Cluster & Heavy Forwarder I've a scenario where I've got around 250 servers where UF has to be installed. These data would be forwarded to Inde... by hectorvp Communicator in Getting Data In 07-28-2020 0 6	0	6
Extracting JSON object from JSON array, if value matches I've stuck in a scenario, where I want to extract complete JSON object from an JSON array collection on behalf of my ... by rishabh10jain Engager in Getting Data In 07-28-2020 0 5	0	5
TIME_FORMAT in props is not working I have configured the TIME_FORMAT in props.conf as mentioned below. [mySourceType] INDEXED_EXTRACTIONS = csv FIELD_... by ankitarath2011 Path Finder in Getting Data In 07-27-2020 0 9	0	9
Distributed Search Looking for answers on the following (with regards to the distributed search):1.) An explanation on how the distribut... by KayBeesKnees83 Path Finder in Getting Data In 07-27-2020 0 1	0	1
How do we enable a forwarder boot-start? We are running the following - /opt/splunk/splunkforwarder/bin/splunk enable boot-start -user splnkfwd The genera... by ddrillic Ultra Champion in Getting Data In 07-27-2020 0 8	0	8
Splunk - how to filter json search results My splunk search returns one event as below: notice agent data is in a nested json format. agentName and agentSwitch... by evanxu Explorer in Getting Data In 07-27-2020 0 8	0	8
Data filtering \| Blacklisting help needed In order to filter below data logs not to ingest into splunk. %DOMAIN-2-IME:%DOMAIN-2-IME_DETAILS:%DOMAIN-5-TCA:Follo... by SabariRajanT Path Finder in Getting Data In 07-27-2020 0 3	0	3