Getting Data In

Community Activity

ingest csv files containing multi line fields Hi at all,I have to ingest a csv file where some fields are multivalue and multiline, something like this: FIELD1;F... by gcusello SplunkTrust in Getting Data In 07-10-2020 0 5	0	5
How to format raw events into splunk table when the events are already in tabular format Hi ,I have following data coming into splunk in one event and i want these event to be formatted in proper splunk tab... by ak9092 Path Finder in Getting Data In 07-10-2020 0 4	0	4
Why is the null value in a JSON event not being parsed properly as NULL? I have the following data coming into Splunk in JSON format and extracted at index-time: { administrativeState:... by anthonysomerset Path Finder in Getting Data In 07-10-2020 2 6	2	6
Cisco ESA add-on (email security) extracting logs from a common syslog file I'm using the Cisco ESA add-on (https://splunkbase.splunk.com/app/1761/) The documentation references files which ne... by fahmed11 Explorer in Getting Data In 07-09-2020 0 2	0	2
splunk-perfmon.exe not run I have a Splunk Deployment Server that pull the apps to UF. I have create an app WinPerfmon and inside of inputs.conf... by Mai_splunk Explorer in Getting Data In 07-09-2020 0 6	0	6
Splunk Forwarder - OpenSSL version Hi,I've deployed Splunk Forwarder on my machine and noticed it is installing an older version of OpenSSL (1.0.2t).Is ... by cb1 New Member in Getting Data In 07-09-2020 0 2	0	2
High memory usage by Forwarders due to Indexer unavailability Hello,We had a power outage after which our main Splunk instance (which serves as a Search Head and an Indexer) went ... by yZinou Engager in Getting Data In 07-09-2020 0 0	0	0
How to configure batch file in inputs.conf of the TA-app to run every X seconds? I have a batch file in the jar directory of a TA-app on all my forwarders. The batch file has the following structur... by tbrown Path Finder in Getting Data In 07-09-2020 0 1	0	1
Prevent events from ingesting Hello,after connecting AWS add-on and configuration, I have this query which is filling my index with much unwanted e... by ranmys Loves-to-Learn in Getting Data In 07-09-2020 0 2	0	2
Getting error when using 'DATETIME_CONFIG = CURRENT' for a batch input. Hi, I am using a batch input to ingest some huge files with a single line events that do not have a timestamp. I have... by nawazns5038 Builder in Getting Data In 07-08-2020 0 0	0	0
Universal forwarder upgrade hi all,I need to upgrade the universal forwarder on a windows server. 1. Can I just download the latest version of th... by verifi81 Path Finder in Getting Data In 07-08-2020 0 1	0	1
How to change props.conf based on input/sourcetype I have a couple .txt files that I want to parse differently than the rest of my data coming in from my forwarders.How... by tbrown Path Finder in Getting Data In 07-08-2020 0 3	0	3
Universal Forwarder doesn't forward specific log Hello!It's my first time writing here so forgive me if my question may lack information.What I want to do: I want to ... by misterduke Explorer in Getting Data In 07-08-2020 0 4	0	4
Sending MacOS logs to Splunk without involving another tool or agent Trying to figure out a successful method for sending MacOS logs to Splunk without involving another tool or agent. We... by brattyah Splunk Employee in Getting Data In 07-08-2020 0 2	0	2
Splunk query output formating to Jason format I have ingested some logs to Splunk which now looks like below when searching from search header. {\"EventID\":563662... by krisrmal Engager in Getting Data In 07-08-2020 0 0	0	0
Restart a UF via CLI / other remote means Hi Is there a way to remotely restart a UF forwarder in splunk directly from within splunk e.g. using splunk cli or... by flo_cognosec Communicator in Getting Data In 07-08-2020 0 9	0	9
Deployment of Universal Forwarder to Apple Mac fleet Our company operates a fleet of Apple Macs. We would like to automate the deployment and configuration of the Unive... by wdeguara Explorer in Getting Data In 07-08-2020 0 4	0	4
Indexer - Indexes not retaining logs for as long as they should Hello,I have an issue with the Indexer not retaining logs for the expected period, and I'm really scratching my head.... by dylanmnf Engager in Getting Data In 07-08-2020 0 1	0	1
Is there a way to migrate indexed data from a legacy standalone indexer to a new indexer cluster? I've read through quite a few pages and there are mixed partial solutions. Is there a way to migrate indexed data f... by rewritex Contributor in Getting Data In 07-08-2020 1 7	1	7
AWS Add on AWS-- Issue with SQS-Based S3 and cloudwatch -Errors HiCan anyone help me in understanding the errors im getting in the application aws addon, i have configured the input... by sarithapguptha Engager in Getting Data In 07-08-2020 0 1	0	1
Splunk DB Connect - data formating Hey everyone!Lately we had an unfortunate incident were most of our logs were deleted from splunk. Luckily we saved t... by Acxon1 Observer in Getting Data In 07-07-2020 0 0	0	0
How to resolve latency between event time and index time? My index time is 7/6/20 3:37:42.210 PM My event time is 07/06/20 10:37:42.210 CDT My TIME_FORMAT=%x %H:%M:%S.%3N%Z B... by uagraw01 Motivator in Getting Data In 07-07-2020 0 7	0	7
Error while setting up connection using MongoDB Driver Hi,I have installed MongoDB drive from unityjdbc http://unityjdbc.com/mongojdbc/setup/mongodb_jdbc_splunk_dbconnect_... by SowCent123 Observer in Getting Data In 07-07-2020 0 0	0	0
How to change saved search permissions via python SDK? Hey, I am looking for a way to change permissions to a saved search via splunk python SDK. I tried using the splun... by dorilevy Path Finder in Getting Data In 07-07-2020 0 4	0	4
Dashboard: Include $job.message$ information Hello,I have a dashboard which populates the results of a query in a table form.The results of this table is sometime... by jaimelopez Explorer in Getting Data In 07-07-2020 0 0	0	0