Getting Data In

Community Activity

How do I blacklist events with a field containing a specific value? I have a set of JSON data and I would like to ignore (blacklist) all events where the field "id.orig_h" contains the ... by dbuehler Loves-to-Learn Everything in Getting Data In 05-04-2020 0 1	0	1
CSV date being replaced/not parsed correctly Let's say I have a CSV with the following spanning 10 years: Date \| Time \| Value 2020-05-01 4:00:00 PM 49.88 If I... by jaware_splunk Splunk Employee in Getting Data In 05-04-2020 0 7	0	7
Including log events from Microsoft Direct Access Hi, We would like to forward log events from a Microsoft Direct Access server into Splunk. I've installed the univer... by annebeate Path Finder in Getting Data In 05-04-2020 0 4	0	4
How to tell when it's safe to query the API about a newly created user? When using SSO with clustered search heads, users who lose SSO access leave behind knowledge objects and directories ... by krisreeves Path Finder in Getting Data In 05-04-2020 0 5	0	5
Frozen Index Management Is there an app/script/mechanism out there that would allow you to list your available frozen indices by their human ... by adalbor Builder in Getting Data In 05-04-2020 0 5	0	5
universal fowarder I am not finding universal fowarder that supports windows 2012 , NT 6.2 version ?? by punithjigali Explorer in Getting Data In 05-04-2020 0 1	0	1
No data from indexes in cloud search head Hi everyone, I could really use some input from you all. I am using Splunk cloud in my environment, with a deploymen... by mysicksi Path Finder in Getting Data In 05-04-2020 0 7	0	7
perfmon issue with %ProcessorTime scaling/max for a specific process I am using the Universal Forwarder to collect information on a Java Process. When monitoring "% Processor Time" for a... by j_star New Member in Getting Data In 05-04-2020 0 1	0	1
sizing cluster Good afternoon I know that there is official information regarding the maximum number of concurrent searches, sch... by efaundez Path Finder in Getting Data In 05-04-2020 0 1	0	1
Best Practice for Creating New Sourcetype - Splunk Cloud Hi All, I'm a new Splunk admin working inside of a pretty large Splunk Cloud environment. Historically, the folks on... by dfurtaw Path Finder in Getting Data In 05-04-2020 0 1	0	1
Forwarder only reads file if i save it, ignores when script saves it Hello everyone, I have Splunk Universal Forwarder running on a server watching a few files for changes. Log data is ... by LAcioffi Explorer in Getting Data In 05-04-2020 0 3	0	3
How can I monitor hidden file and folder creation on a windows host/server ? I am looking for a query that will help me monitor hidden file and folder creations on Linux/Win boxes. Can the comm... by itrimble1 Path Finder in Getting Data In 05-04-2020 0 0	0	0
REST API Saved Searches POST Duplicating Searches I'm trying to use the REST API to update a large number of alerts/saved searches across multiple environments. Specif... by stranjer Loves-to-Learn Lots in Getting Data In 05-04-2020 0 0	0	0
Has anyone successfully gathered logs from WSUS? HI all, Just wondering if anyone here has been successful in getting logs out of WSUS that shows: number of hosts w... by lwass Explorer in Getting Data In 05-04-2020 4 6	4	6
Data is not flowing Data is not flowing continuously from forwarder to indexer. Please suggest what are possible ways of troubleshooting. by monawwer Loves-to-Learn in Getting Data In 05-03-2020 0 4	0	4
Find actual time of the server as _time is a converted time to a different timezone Hello Gurus! The _time is 2020-05-02 21:20:17 but the actual server time is 9h30m behind. How to find the actual ser... by pvbharath New Member in Getting Data In 05-03-2020 0 5	0	5
Compare current events with events in csv I have a csv file which has fields say _time success_count failed_count. Every 5 min we have data in these fields. Th... by ksharma7 Path Finder in Getting Data In 05-03-2020 0 8	0	8
Need to parse or eliminate ----------------------------------------------------------------- Hi, Out of 100 logs one of my log is -------------------------------------------------------- How to parse or elimin... by VijaySrrie Builder in Getting Data In 05-02-2020 0 5	0	5
how to export results from a saved search by name and not by job_id using Splunk's REST API? I have a saved search that runs every day. I want to get the results with the Splunk REST API. I found that I can ge... by shacham Explorer in Getting Data In 05-02-2020 1 3	1	3
How to edit my inputlookup search to filter based on time difference? I'm attempting to filter my inputlookup command based on the amount of time that has passed between "now" (when the j... by goodsellt Contributor in Getting Data In 05-02-2020 0 5	0	5
Splunk corrupts incoming JSON Lines by introducing bogus \x-prefix escape sequence? I was curious to see how Splunk (7.3.1) handles escape sequences in JSON strings, so I created a test file of JSON Li... by Graham_Hanningt Builder in Getting Data In 05-01-2020 0 1	0	1
Filter/search Rows based on Current date I have 3 rows like below. I need to filter rows that equals current date. Current date being may 1. Plan Start Time... by ashanka Explorer in Getting Data In 05-01-2020 0 6	0	6
Changing UF outputs.conf using deployment server I was wondering if I can use our deployment server to change the outputs.conf on our windows universal forwarders so ... by clymbouris Path Finder in Getting Data In 05-01-2020 3 8	3	8
Ingesting a Json format data in Splunk Hi, I am trying to upload a file with json formatted data like below but it's not coming properly. I tried using 2 wa... by Shashank_87 Explorer in Getting Data In 05-01-2020 0 9	0	9
How to group the list under one catogery/checkbox instead of displaying the entire list in drop down? Hi , I have the following sources in splunk , so I wanted to group similar ones under one category/checkbox instead o... by navd New Member in Getting Data In 04-30-2020 0 3	0	3