Getting Data In

Community Activity

Rsyslog configuration with Splunk Please help me in configuring rsyslog to Splunk. Our rsyslog server will receive the logs from network devices and ou... by Karthikeya Communicator in Getting Data In 11-21-2024 0 3	0	3
TCP-SSL on heavy forwarder (Checkpoint) Hello,could you tell me how to properly have dedicated server certificate for specific tcp-ssl in inputs.conf (Checkp... by splunkreal Motivator in Getting Data In 11-21-2024 0 7	0	7
How do I configure Universal Forwarder to not send INFO Metrics over TCP? My ouputs conf looks like this: [tcpout] defaultgroup = logstash disabled = false forwardedindex.0.whitelist = .* f... by markdixon Explorer in Getting Data In 11-21-2024 1 8	1	8
SentinelOne Applications Channel No Longer Populating Events We've been collecting data with the inputs add-on (Input Add On for SentinelOne App For Splunk) for several years now... by ericnewman Explorer in Getting Data In 11-21-2024 0 1	0	1
Custom datetime.xml for x12 format Trying to get datetime.xml configured to recognize a timestamp in x12 file format with no success... Here are the po... by hogan24 Path Finder in Getting Data In 11-21-2024 1 3	1	3
How to Assign Values for _time at Index Time for Future Searching? I have a CSV file that I would like to index one time only. There are two fields (Date, Time) that I want to be able... by _gkollias Builder in Getting Data In 11-21-2024 0 11	0	11
forwarder manager stopped after upgrade from 9.1 to 9.2.0.1 Linux, RHEL 8.9. Splunk 9.2.0.1 Had a forwarder manager running (for years) with 2,000+ clients connecting. Did the u... by mykol_j Communicator in Getting Data In 11-20-2024 0 7	0	7
TA-pps_ondemand Error: KV Store is disabled In Splunk Cloud for one of my client environment, I'm seeing below message.TA-pps_ondemand Error: KV Store is disable... by chandrag Explorer in Getting Data In 11-20-2024 0 2	0	2
Data filtering location Hello, let me explain my architecture.Multi site cluster (3 site cluster)...2 indexers, 1 SH, 2 syslog servers (UF in... by splunklearner Communicator in Getting Data In 11-20-2024 0 7	0	7
Getting Print Spooler Logs into Splunk We need to get Windows Print Spooler logs into splunk but not sure where to start. The specific event codes are gener... by rmakjr0318 New Member in Getting Data In 11-19-2024 0 2	0	2
Splunk Add-on Builder: Global Account settings Hi,Is it possible when using Global Account to customise the fields? i.e. add other fields than only Username and Pas... by nvonkorff Path Finder in Getting Data In 11-19-2024 3 7	3	7
How can I use wildcards (*) for the source stanza in props.conf? Hi, In my live splunk environment, I have a syslog receiver on a Linux machine putting all incoming logs in /opt/spl... by jonatanjosefson New Member in Getting Data In 11-19-2024 0 10	0	10
Ingested time for csv file on windows background -the designed windows log flow is Splunk Agent of Universal forwarder -> Splunk Heavy Forwarder-> Splunk I... by hahhhaxin Loves-to-Learn Lots in Getting Data In 11-19-2024 0 9	0	9
Issues with HTTP Status for HEC token Hey,I am facing following issues when sending data using HEC token. Connection has been established with no issue but... by SplunkDash Motivator in Getting Data In 11-18-2024 0 6	0	6
Trying to get eval to push multiple values to one field Currently trying to get eval to give multiple returns \| eval mitre_category="persistence,Defense_Evasion" \| eval apt... by doingathing Engager in Getting Data In 11-18-2024 0 2	0	2
Props and Transforms doubt I am new to Splunk admin and please explain this following stanzas:We have a dedicated syslog server which receives t... by Karthikeya Communicator in Getting Data In 11-18-2024 0 4	0	4
import Adaudit logs into Splunk I want to import Adaudit logs into Splunkbut I don't know howThe important thing is that I want to do this from the o... by fahimeh Explorer in Getting Data In 11-18-2024 0 1	0	1
integrate Group-ib DRP with Splunk. Hello members, i'm trying to integrate splunk wtih Group-ib DRP product but i'm facing issues with the application. I... by KhalidAlharthi Explorer in Getting Data In 11-17-2024 0 1	0	1
Network logs ingestion Hi all,Let me explain my infrastructure here. We have a dedicated 6 syslog servers which forwards data from network d... by Karthikeya Communicator in Getting Data In 11-15-2024 0 12	0	12
Need to give add data capability to user in splunk cloud Hello All,i have a request where users will add their data(csv) manually every day. we are using splunk cloud version... by Roy_9 Motivator in Getting Data In 11-15-2024 0 1	0	1
How do I set up Splunk DB Connect so I only get new log information every time I do a query instead of pulling the whole How do I set up Splunk DB Connect so I only get new log information every time I do a query instead of pulling the wh... by dennislevine New Member in Getting Data In 11-15-2024 0 1	0	1
Aruba Edgeconnect - Logging COnfiguration Hello, There is an app for Aruba Edgeconnect - https://splunkbase.splunk.com/app/6302 Is there any documentation on h... by raptraj2 Loves-to-Learn Lots in Getting Data In 11-15-2024 0 1	0	1
SplunForwarder Windows strange CPU usage grow on some servers Hello,I am facing strange issue with a Splunk Forwarder where on some servers of the same role is CPU usage 0-3% and ... by Peter95 New Member in Getting Data In 11-15-2024 0 1	0	1
SQL audit log not working when using event_time as indexing Hi,I am using the Db connect 3.18.1 to collect sql audit logs FROM sys.fn_get_audit_file function. When I use event_... by fl66 Observer in Getting Data In 11-15-2024 0 3	0	3
Sourcetype restricted access Hi all,We have specific AD group for specific application and we create index for that app and restrict access to tha... by splunklearner Communicator in Getting Data In 11-15-2024 0 5	0	5