Getting Data In

Community Activity

How to make Splunk ignore logs older than specific days Dear Team, I had an issue with splunk and had to follow this post:https://community.splunk.com/t5/All-Apps-and-Add-on... by phudinhha Explorer in Getting Data In 07-02-2020 0 8	0	8
Why am I seeing so many corrupt buckets? While searching for the reason why our indexers are creating so many hot buckets, I executed: \| dbinspect index=* cor... by kutzi Path Finder in Getting Data In 07-01-2020 0 2	0	2
Exchange log fowarding. Hi all, After setting up the universal forwarder on a Exchange server. Which configuration should be done in the GUI ... by yalonso7 New Member in Getting Data In 07-01-2020 0 0	0	0
Getting data into Splunk ES I already have a Splunk Indexer, and the data is being sent there. I have a separate ES server. How do I view my da... by splunkuser783 Engager in Getting Data In 07-01-2020 0 3	0	3
Strip leading junk to index json I have some json coming in from syslog and there's a bunch of added junk that's inhibiting the field extraction.I tri... by ntripp_element Explorer in Getting Data In 07-01-2020 0 1	0	1
Help with building REST API input in Splunk addon builder for Oracle Cloud integration I am building a REST API input using add-on builder for ingesting logs from Oracle Identity Cloud Service following i... by damode Motivator in Getting Data In 07-01-2020 0 0	0	0
Routing events to a specific index based on a field value via transforms and props not working as expected I am trying to route certain events to a specific index based on a field value. All events are sent to a heavy forwa... by IngloriousSplun Communicator in Getting Data In 06-30-2020 2 12	2	12
Not able to authenticate Splunk REST API with Postman I'm able to confirm this works for me curl command is working for me. It returns a session ID. curl -k https://splun... by spammenot66 Contributor in Getting Data In 06-30-2020 2 3	2	3
Key Extract from data I have following logs2020-06-30 17:58:28,307; thread=[workflow-503]; LogLevel=INFO; class=a.b.c.getData; milestone_en... by deepak1037 Loves-to-Learn in Getting Data In 06-30-2020 0 2	0	2
Microsoft IIS - Remove 0#.w\| with transforms.conf and props.conf Hello everyone,I am trying to remove this string "0#.w\|" with a transforms.conf file. To be sure that my regex is wor... by Silek Explorer in Getting Data In 06-30-2020 0 1	0	1
Create Saved Search with Rest API ->need working example Hi,Does somebody have a working example of how to create a Saved Search using the Rest API with XML?ThanksMax by Max_99 New Member in Getting Data In 06-30-2020 0 2	0	2
transforms.conf set hostname to current host Hi,Is there a way to use environment variables within transforms.conf. I am trying to override the hostname to the ho... by arjunpkishore5 Motivator in Getting Data In 06-29-2020 0 4	0	4
Integrating Splunk with SpringBoot application I need to integrate Splunk with a springboot application. The idea is having a form allowing user to enter keywords, ... by Taruchit Contributor in Getting Data In 06-29-2020 0 0	0	0
TA-nmon fifo_reader.py, fifo_reader.sh, nmon.fifo not running, permission denied The TA-nmon is not sending data to 'nmon' index on my splunk instance. I was looking through the troubleshoot guide f... by tbrown Path Finder in Getting Data In 06-29-2020 0 1	0	1
Splunk field transformations page UI Hi , I have installed Splunk version 7.2.6 in some of the servers and I don't see the type dropdown in one of the se... by nawazns5038 Builder in Getting Data In 06-29-2020 0 0	0	0
how to input encrypted files like PGP encrypted files Hello Everyone,Does anyone know if there is any method in Splunk to index encrypted input files like PGP encrypted fi... by VSIRIS Path Finder in Getting Data In 06-29-2020 2 1	2	1
Ingest Esxi logs through vrealize into Splunk via syslog Hi All,I want to ingest ESXi logs through vrealize in Splunk via syslog. Is there any app to get these logs parse cor... by NS2017 Loves-to-Learn in Getting Data In 06-29-2020 0 1	0	1
Get Teamcity database in Splunk Hi,I want to integrate Teamcity with splunk so that I can fetch teamcity database in to splunk. What is the best poss... by ips_mandar Builder in Getting Data In 06-29-2020 0 1	0	1
Splunk_TA_nix local inputs.conf not allowing multiple indexes I created a Splunk_TA_nix/local/inputs.conf.I created 2 different indexes in indexes.conf. And then I created an inp... by diptij Path Finder in Getting Data In 06-29-2020 0 3	0	3
ESET endpoint logs Hi , i am currently integrating logs from ESET endpoint security server , we have configured ESET to send logs in JS... by abdallah_hegazy Explorer in Getting Data In 06-29-2020 0 3	0	3
Monitoring FIles from Diretories Why my files that read from directories not showing the event? by mathiasy123 Path Finder in Getting Data In 06-29-2020 0 1	0	1
Oracle Cloud (OCI) WAF Logs Ingestion Hi,Does anyone know how to ingest the WAF logs generated by the Oracle Cloud Web Application Firewall service? The lo... by adnankhan5133 Communicator in Getting Data In 06-29-2020 0 1	0	1
Is it possible to Mask or perform linebreaking on older data on Search Head?? Hi,We have a dataset that has improper line breaking on few of the events in it. We have added configuration to inges... by Arpit_12 Engager in Getting Data In 06-28-2020 0 2	0	2
Props.confで、タイムスタンプに時間修正を加えて_timeに格納できない複数の時間が入っているログから、特定のフィールドのタイムスタンプを一つを選択し、時間を変更した上で、タイムスタンプ（_time）に格納したいのですが、うまくできません。例えばログは以下の様なものです。580 <158>1 2020-0... by splunklover Observer in Getting Data In 06-27-2020 0 1	0	1
Sysmon App and Add-on installation failure I wanted to install Sysmon App for Splunk (App) and Microsoft Sysmon Add-on (Add-on) on my development server (Splunk... by state_larson_ti Path Finder in Getting Data In 06-26-2020 0 0	0	0