Getting Data In

Community Activity

Running Splunk as a container in Azure Cloud I came across a blog post on running splunk as a container in AWS cloud - https://www.splunk.com/en_us/blog/cloud/run... by vengatesh New Member in Getting Data In 05-07-2020 0 0	0	0
How to get data from the AIX errpt into Splunk? How to get data from the AIX errpt into Splunk? by sbennacer_splun Splunk Employee in Getting Data In 05-07-2020 0 3	0	3
unable to install universal forwarder windows 10 Every time i try to install the universal forwarder on a windows 10 64bit machine it ends prematurely immediately. Wh... by isaacso Engager in Getting Data In 05-07-2020 0 10	0	10
Perfmon:CPU timestamp Hello! I'm trying to change the timestamp (_time) from Perfmon:CPU before index, to use my Splunk Heavy Forwarder da... by douglasmsouza Explorer in Getting Data In 05-07-2020 0 0	0	0
props.conf timestamp clarification I have json data that can vary greatly in size with the timestamp field coming at the end of each event. I'm able to ... by wwhite12 Path Finder in Getting Data In 05-07-2020 0 2	0	2
How to split JSON events to usable format? Good morning all, Complete novice with JSON workings, but essentially I have managed to configure a REST api that's ... by Barty Explorer in Getting Data In 05-07-2020 0 1	0	1
How to use wildcards and whitelists in monitor stanza (inputs.conf)? I'm using a deployment server to distribute a single inputs.conf file to a number of servers in a class. The location... by plunkingalex Explorer in Getting Data In 05-07-2020 0 8	0	8
universal forward different domain from where the Splunk is running When installing the universal forward into a trusted domain, do I need to add account from domain A into domain B? T... by jmp13 Explorer in Getting Data In 05-07-2020 0 0	0	0
I cant understand the buckets segrigation in Indexes.conf Question 1: In my org have Splunk ES 7.2.X with 4 VMs(win os) i.e., 1 Search Head, 1 Deployment server, 2 Indexers Se... by phanichintha Path Finder in Getting Data In 05-07-2020 0 3	0	3
Official support for Splunk 7.3 in Container We're considering setting up Splunk enterprise 7.3.0 (for heavy forwarding) in a docker container. https://docs.splu... by vengatesh New Member in Getting Data In 05-07-2020 0 3	0	3
Use hostname variables in index_time EVAL Hi everyone, I am trying to add a custom field on every events that coming from a Heavy-Forwarder, so that from sear... by season88481 Contributor in Getting Data In 05-06-2020 1 0	1	0
[Splunk HTTP Event Collector] Having trouble connecting to HEC port. We are often seeing the following error messages from HEC servers and users are complaining of failures connecting to... by sylim_splunk Splunk Employee in Getting Data In 05-06-2020 0 1	0	1
How to export CSV from Splunk to a third-party system in batch mode? We have a requirement to send Splunk processed data as a CSV to a third-party system. Currently the CSV file is sent ... by koshyk Super Champion in Getting Data In 05-06-2020 0 3	0	3
what is the minimum level of logging required for erex to output its regex in the search information icon in splunk? I'm trying to use splunk on a search head I don't manage but I noticed that whenever I try to use erex on the search ... by mjones414 Contributor in Getting Data In 05-06-2020 0 5	0	5
What is the difference between single-instance and multiple-instance modular inputs for REST API? Hi Dear Splunkers, I am trying to develop a Modular Input for our REST API which will ingest some data from our API ... by umairahmad3985 Path Finder in Getting Data In 05-06-2020 1 0	1	0
Monitor Windows Event Log for Critical/Error I want to monitor certain events and all Error/Critical level events. https://answers.splunk.com/answers/663023/how-... by tmontney Builder in Getting Data In 05-06-2020 0 1	0	1
Raspberry Pi Universal Forwarder Bug Report for splunkforwarder-8.0.3-a6754d8441bf-Linux-arm.tgz: On a Raspberry Pi 3 armv7l GNU/Linux, INDEXED_EXTRACTIONS=JSON in the props.conf file results in unrecoverable JSON S... by BongoTheWhippet Path Finder in Getting Data In 05-06-2020 0 2	0	2
HF different index names for each target group I have a Splunk enterprise cluster which also needs to forward some logs to a completely separate Splunk cluster. I ... by stephenmuss Engager in Getting Data In 05-06-2020 1 2	1	2
Export results to a file gives Invalid Json file When I export my results to a JSON file and then try to validate it with jsonlint.com I get an EOF error. Is there a... by MattZerfas Communicator in Getting Data In 05-06-2020 1 15	1	15
how to import some columns from csv I have a csv file to import by app data ->monitor i would to import some columns (not all) before to index. It's poss... by splunk6161 Path Finder in Getting Data In 05-06-2020 0 11	0	11
Forwarder tells me there's an "ERROR JsonLineBreaker ... had parsing error:Unexpected character: '5'" - but the error originates in the forwarder's own log? Hello good people of the Splunk Community. This one's got me foxed. I noticed this morning that the splunkd logs on ... by BongoTheWhippet Path Finder in Getting Data In 05-06-2020 0 8	0	8
Free Trial Instance issue Hi Team, i have opened an account for free trail on Splunk cloud, but the instances are not created. will it take so... by jonnalagaddaani New Member in Getting Data In 05-06-2020 0 2	0	2
Why am I receiving a "No such file or directory" error when trying to run the Splunk AppInspect tool on Windows? Followed all the installation steps from http://dev.splunk.com/view/appinspect/SP-CAAAFAN Only issue I had was with ... by simpkins1958 Contributor in Getting Data In 05-06-2020 0 3	0	3
Multiline Event with Values I have an event that is multiple lines: Mon May 4 22:06:47 PDT 2020 /dev/sdb1 13245631 12450471 127548 99... by trever Loves-to-Learn in Getting Data In 05-05-2020 0 2	0	2
How to forward logs from universal forwarders to heavy forwarders for filtering before routing to indexers? Hi Guies, We have multiple universal forwarders and 3 heavy weight forwarders. Currently all UFs are forwarding logs... by thezero Path Finder in Getting Data In 05-05-2020 3 11	3	11