Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

How to get the desired results using Splunk Text Input?

Hi, I have a dashboard. It has 3 text inputs. Search by IP Text Input 1 Search by NETBIOS Text Input 2 S...

by Contributor in

How to pick multiple value which has same key name

Log looks like this. {...\"Key_name\":\"Value\",....}, {...\"Key_name\":\"Value\",....}, {...\"Key_name\":\"Value\...

by Path Finder in

Why are logs are being cut off?

Some of the logs ingested into our Splunk environment has missing line. I was told that this could be the result of a...

by Engager in

Can't feed data into Splunk

I'm trying to know why I can't feed data in splunk. I'm trying to get data from windows servers to splunk, I've creat...

by New Member in

How do I add additional performance counters to the Splunk UF Collector?

We are attempting to add Microsoft RAS Total counters from PerfMon to the Splunk UF collector. We updated the local/i...

by Explorer in

How does monitor:// handle windows shortcuts to directories containing logs?

In an effort to get our inventory of inputs under control, I'm trying to get all servers to have one place for logs. ...

by Influencer in

query azure ad sign-in logs

I have indexed my Azure AD audit and sign-in logs: { [-] Level: 4 callerIpAddress: xxx.xxx.xxx.xxx category: SignI...

by Path Finder in

archiving an index, moved to cold, remaining folders and files in db

I'm working moving a retired index to frozen (indexer cluster). I've set the maxWarmDBCount = 0 for the index and all...

by Communicator in

Total users logged in at any given time to a Windows machine

Hello all, I am fairly new to Splunk and am working on gathering data for our operations team. They are asking me ...

by Path Finder in

Tutorial data upload error

Hi, I'm fairly new to Splunk and currently undergoing some training. Within my home lab I have a Splunk instance i...

by Communicator in

How to put multiple heavy forwarder or indexer name in collectd.conf for matrices data

Hello Guys, I need you help to figure out how to put multiple HF or indexer name in collectd.conf for matrices da...

by New Member in

Selective Filtered Indexing and Forwarding to 3rd party syslog

Hello, Our setup is as follows: Windows/Unix UF -> HF -> IDX Clusters Currently we are sending everything to...

by Explorer in

Monitor syslog-ng status

Hi All, We are running HF and syslog-ng on same server and we want to monitor the syslog-ng status. example if sys...

by Path Finder in

How to ingest Strava GPX (XML) data...

I'm trying to ingest various kinds of data to learn as much as I can about Splunk data ingestion as possible. My late...

by New Member in

How to get data from SharePoint to Splunk

Hi, I'm trying to connect my Splunk to our SharePoint and also get data. Is there any way to do this?? I'm using S...

by New Member in

Decomissioning indexers

I am working to decommission some indexers from my cluster. I am using splunk offline --enforce-counts and letting th...

by Builder in

Running splunk container and getting apt-get not found

Hi ..I have pulled docker image splunk/splunk and running the containter successfully. Able to login splunk GUI. I am...

by Engager in

How to set time zone of logs by source?

I’m trying to specify that logs from a certain source coming from a UF are UTC. This should be pretty straightforward...

by Path Finder in

Making API Call to Splunk from Squarespace (splunk-sdk-JavaScript)

I’m trying to implement api calls on my website hosted on Squarespace - has anyone had any success using splunk-sdk-j...

by Engager in

Find IN does not OUT

Hi I have log file like this: 09:04:04.042 module1: F[6]L: IN 09:04:01.417 module1: F[6]L: OUT 09:04:01.418 m...

by Motivator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to get the desired results using Splunk Text Input?

How to pick multiple value which has same key name

Why are logs are being cut off?

Can't feed data into Splunk

How do I add additional performance counters to the Splunk UF Collector?

How does monitor:// handle windows shortcuts to directories containing logs?

query azure ad sign-in logs

archiving an index, moved to cold, remaining folders and files in db

Total users logged in at any given time to a Windows machine

Tutorial data upload error

How to put multiple heavy forwarder or indexer name in collectd.conf for matrices data

Selective Filtered Indexing and Forwarding to 3rd party syslog

Monitor syslog-ng status

How to ingest Strava GPX (XML) data...

How to get data from SharePoint to Splunk

Decomissioning indexers

Running splunk container and getting apt-get not found

How to set time zone of logs by source?

Making API Call to Splunk from Squarespace (splunk-sdk-JavaScript)

Find IN does not OUT

Dashboard Studio Challenge - Learn New Tricks, Showcase Your Skills, and Win Prizes!

Introducing Edge Processor: Next Gen Data Transformation

Take the 2021 Splunk Career Survey for $50 in Amazon Cash

Why am I receiving warning in Splunk log for timed...

Why are AWX and HEC not working?

Why are source/host/sourcetype fields dropping thr...

How do I get Windows server cipher data into Splun...

Splunk Add on for Microsoft Azure Secure Score- Ho...