Getting Data In

Thread Info

Multiple json events coming as one

I have multiple events which are coming as one and I need to separate them into separate events in order to create a...

by New Member in

Dynamically filter table data

I have a table with 6 columns of information that I am trying to filter dynamically: date_time src_MAC dst_MAC src...

by Explorer in

How to modify sourcetype for forwarded windows event

For some reason, the sourcetype of my forwarded windows events are now set to WinEventType instead of the usual "Wind...

by Loves-to-Learn Lots in

Data upload from splunk ui is successful, but data is not appearing in search

Hi, I have uploaded the data to splunk, but while searching the data doesnt appear, I have shared the screenshots as ...

by Explorer in

How to integrate BSM 9.24 into splunk ?

Hi Im a new splunk user, i have a requirement to integrate Microfocus BSM 9.24 logs into splunk. Can someone help me ...

by Engager in

Is there a way to forward parsed logs in ELK Stack to Splunk?

Hello, We have integrated ELK Stack with our application(DNS Firewall) previously for forensics.Now, we want to re...

by Engager in

Json line breaking issue

Hi, I have exactly same issue as below https://answers.splunk.com/answers/513703/json-breaking-single-string-into...

by Communicator in

How to write to reverse DNS lookups in Splunk Cloud?

Is there a way to reverse query IP addresses in Splunk Cloud? If so how? Please share the documentation.

by New Member in

How to connect to apigee edge free account using Splunk

Apigee Edge is API management platform. It is both http and tcp based and it sends to syslogs. Can I install Splun...

by Explorer in

Splunk Windows Registry Monitor not showing any events

Hey, I want to monitor the changes in my Windows Registry. I have did the needed procedures and steps however the ...

by Engager in

Windows Forwarded Events from UF on WEC are not being ingested

Hi I have a Windows Server Collecting WinEventLogs from a number windows host endpoints. I was told the Server was a...

by Builder in

Splunk as Datasource for Grafana?

Hello, I'd like to import data from Splunk into Grafana so I can use Grafana's visualization and Splunk as a data...

by Explorer in

REST GET request to get list of AD users

Hello, I'm trying the following request in Postman to send a request to get the list of Active Directory users: http:...

by New Member in

csv headers are not getting listed

Hello, I have clonned the CSV source type in Splunk and created a new CSV sourcetype as Alpha_csv and configured ...

by New Member in

could not use strptime to parse timestamp

Feb 18 18:36:20 smtp2 sm-mta[17872]: l1J0a3fO017872: discarded I have one sample event. when I this it gives me "...

by Path Finder in

change date of import data

hi i'm copy log of my application to splunk server with script (i don't use forwarder here) now problem is log se...

by Motivator in

How does splunk reassamble chunks of data coming from UFs in an indexer cluster ?

By default, UFs are sending chunks of 64kB data and spread these over multiple indexers. But indexers are supposed to...

by Contributor in

How can I get more than 10,000 lines into a single event?

I want more than 10,000 lines to merge and show in a single event. [tally_nightly_prd] SHOULD_LINEMERGE=true NO_BI...

by Path Finder in

Rex pattern to extract unc path from xml

I like to extract the UNC path from a log, below a portion from the file : ;<soa:FileSystem identifier="8ec65285-1...

by Engager in

Error Message; The search for datamodel 'abc_123' failed to parse, cannot get indexes to search?

I have two indexers in peer that share 1 index, and 1 data model. Both indexers are configured identically. Both data...

by Communicator in

how to force all data to go to a different index?

How do I force all data to go to a different index without inserting index=foo for all input stanzas?

by Splunk Employee in

500 Internal Server Error out of splunklib/binding.py

I'm seeing this error message stream when the TA-ObserveIT tries to get what I think is the configuration information...

by Contributor in

Why am I getting "404 Not Found" for every REST API call?

I am using the following query as per documentation: curl -k -u username:password http://myhosthere:8000/services/...

by Explorer in

KV_MODE not extracting xml fields

I have an app on a deployment server that runs a script and has splunk ingest the output which is valid xml. I've add...

by Explorer in

Getting containerized universal forwarder to forward host log files

I would like to be able to run the forwarder in a container, and have it forward my host logs from /var/log. So I mou...

by New Member in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Multiple json events coming as one

Dynamically filter table data

How to modify sourcetype for forwarded windows event

Data upload from splunk ui is successful, but data is not appearing in search

How to integrate BSM 9.24 into splunk ?

Is there a way to forward parsed logs in ELK Stack to Splunk?

Json line breaking issue

How to write to reverse DNS lookups in Splunk Cloud?

How to connect to apigee edge free account using Splunk

Splunk Windows Registry Monitor not showing any events

Windows Forwarded Events from UF on WEC are not being ingested

Splunk as Datasource for Grafana?

REST GET request to get list of AD users

csv headers are not getting listed

could not use strptime to parse timestamp

change date of import data

How does splunk reassamble chunks of data coming from UFs in an indexer cluster ?

How can I get more than 10,000 lines into a single event?

Rex pattern to extract unc path from xml

Error Message; The search for datamodel 'abc_123' failed to parse, cannot get indexes to search?

how to force all data to go to a different index?

500 Internal Server Error out of splunklib/binding.py

Why am I getting "404 Not Found" for every REST API call?

KV_MODE not extracting xml fields

Getting containerized universal forwarder to forward host log files

Cultivate Your Career Growth with Fresh Splunk Training

Introducing a Smarter Way to Discover Apps on Splunkbase

How to Send Splunk Observability Alerts to Webex teams in Minutes

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions