Getting Data In

Community Activity

Routing events to a specific index based on a field value via transforms and props not working as expected I am trying to route certain events to a specific index based on a field value. All events are sent to a heavy forwa... by IngloriousSplun Communicator in Getting Data In 06-30-2020 2 12	2	12
Not able to authenticate Splunk REST API with Postman I'm able to confirm this works for me curl command is working for me. It returns a session ID. curl -k https://splun... by spammenot66 Contributor in Getting Data In 06-30-2020 2 3	2	3
Key Extract from data I have following logs2020-06-30 17:58:28,307; thread=[workflow-503]; LogLevel=INFO; class=a.b.c.getData; milestone_en... by deepak1037 Loves-to-Learn in Getting Data In 06-30-2020 0 2	0	2
Microsoft IIS - Remove 0#.w\| with transforms.conf and props.conf Hello everyone,I am trying to remove this string "0#.w\|" with a transforms.conf file. To be sure that my regex is wor... by Silek Explorer in Getting Data In 06-30-2020 0 1	0	1
Create Saved Search with Rest API ->need working example Hi,Does somebody have a working example of how to create a Saved Search using the Rest API with XML?ThanksMax by Max_99 New Member in Getting Data In 06-30-2020 0 2	0	2
transforms.conf set hostname to current host Hi,Is there a way to use environment variables within transforms.conf. I am trying to override the hostname to the ho... by arjunpkishore5 Motivator in Getting Data In 06-29-2020 0 4	0	4
Integrating Splunk with SpringBoot application I need to integrate Splunk with a springboot application. The idea is having a form allowing user to enter keywords, ... by Taruchit Contributor in Getting Data In 06-29-2020 0 0	0	0
TA-nmon fifo_reader.py, fifo_reader.sh, nmon.fifo not running, permission denied The TA-nmon is not sending data to 'nmon' index on my splunk instance. I was looking through the troubleshoot guide f... by tbrown Path Finder in Getting Data In 06-29-2020 0 1	0	1
Splunk field transformations page UI Hi , I have installed Splunk version 7.2.6 in some of the servers and I don't see the type dropdown in one of the se... by nawazns5038 Builder in Getting Data In 06-29-2020 0 0	0	0
how to input encrypted files like PGP encrypted files Hello Everyone,Does anyone know if there is any method in Splunk to index encrypted input files like PGP encrypted fi... by VSIRIS Path Finder in Getting Data In 06-29-2020 2 1	2	1
Ingest Esxi logs through vrealize into Splunk via syslog Hi All,I want to ingest ESXi logs through vrealize in Splunk via syslog. Is there any app to get these logs parse cor... by NS2017 Loves-to-Learn in Getting Data In 06-29-2020 0 1	0	1
Get Teamcity database in Splunk Hi,I want to integrate Teamcity with splunk so that I can fetch teamcity database in to splunk. What is the best poss... by ips_mandar Builder in Getting Data In 06-29-2020 0 1	0	1
Splunk_TA_nix local inputs.conf not allowing multiple indexes I created a Splunk_TA_nix/local/inputs.conf.I created 2 different indexes in indexes.conf. And then I created an inp... by diptij Path Finder in Getting Data In 06-29-2020 0 3	0	3
ESET endpoint logs Hi , i am currently integrating logs from ESET endpoint security server , we have configured ESET to send logs in JS... by abdallah_hegazy Explorer in Getting Data In 06-29-2020 0 3	0	3
Monitoring FIles from Diretories Why my files that read from directories not showing the event? by mathiasy123 Path Finder in Getting Data In 06-29-2020 0 1	0	1
Is it possible to Mask or perform linebreaking on older data on Search Head?? Hi,We have a dataset that has improper line breaking on few of the events in it. We have added configuration to inges... by Arpit_12 Engager in Getting Data In 06-28-2020 0 2	0	2
Props.confで、タイムスタンプに時間修正を加えて_timeに格納できない複数の時間が入っているログから、特定のフィールドのタイムスタンプを一つを選択し、時間を変更した上で、タイムスタンプ（_time）に格納したいのですが、うまくできません。例えばログは以下の様なものです。580 <158>1 2020-0... by splunklover Observer in Getting Data In 06-27-2020 0 1	0	1
Sysmon App and Add-on installation failure I wanted to install Sysmon App for Splunk (App) and Microsoft Sysmon Add-on (Add-on) on my development server (Splunk... by state_larson_ti Path Finder in Getting Data In 06-26-2020 0 0	0	0
Use OSSEC archives.log to collect logs of different systems Hi all,I am trying to use OSSEC archives.log to collect logs of different systems. It can collect whatever you need f... by banaie Path Finder in Getting Data In 06-26-2020 0 4	0	4
Powershell and crontab with universal forwarder not working as expected I have done some really basic testing as i want to prove that this is not working correctly. I have added 3 scripts i... by Danny_Nilsson Explorer in Getting Data In 06-26-2020 1 0	1	0
How to Configure Splunk Heavy Forwarder to Consume Kafka Topics based on SSL/TLS Hello,we are using Splunk Heavy Forwarder to consume data from Kafka topics (flow #1) and forward it to the Splunk Se... by yongyuthvis New Member in Getting Data In 06-25-2020 0 3	0	3
How to configure my props.conf for a file with header in it? Hello ,I'm trying to configure my props.conf for one of the files in which it has header. I don't have any props.conf... by Dingu Explorer in Getting Data In 06-25-2020 0 3	0	3
Powershell script not running on schedule I'm running 2 powershell scripts on an Universal Forwarder version 7.0.1 to get all the users and systems from the AD... by agentsofshield Path Finder in Getting Data In 06-25-2020 0 5	0	5
Splunk answers updated UI Hi,I see that the Splunk answers page has been updated a few weeks ago. In the previous version, I used to save or fa... by nawazns5038 Builder in Getting Data In 06-24-2020 0 3	0	3
Splunk App for Infrastructure "Cannot find my entity after launch the script" Hello , I'm working on SAI ( Splunk App of infrastructure ) ! * Based on Single Instance ( Windows Os ) * I configur... by amelbahrouni Explorer in Getting Data In 06-24-2020 0 0	0	0