Getting Data In

Discussions

Thread Info

Splunk - How to convert Logs to Metrics (SQL Add on)?

Hi, I am trying to get SQL Performance monitoring logs into our environment for one of our ITSI use cases The ...

by Engager in

Does Splunk Windows installer generates any logs during the install process?

Splunk Windows installer, the msi package, is used to install new Splunk instances or upgrade/update existing Splunk ...

by Splunk Employee in

Is there any timezone conversion function in splunk to convert timezone in search string?

by New Member in

504 Gateway Time-out

We are hosting Splunk enterprise on AWS EC2 instances, the flow goes as follows: ALB>Apache Reverse proxies>ALB>SHC...

by Observer in

Issue with accepting splunk_hec as exporter for OpenTelemetry Collector

Hello. I'm trying to transfer metric collected from Prometheus to my cloud instance. According to https://docs.s...

by Path Finder in

AggregatorMiningProcessor - Breaking event because limit of 256 has been exceeded

Splunk has warning log: WARN AggregatorMiningProcessor [10530 merging] - Breaking event because limit of 256 has be...

by Engager in

dealing with UF user change (linux)

I haven't upgraded UF in a while, and I'm having some trouble figuring out how I should proceed with bringing it up t...

by Path Finder in

Filter Logs

I have XML input logs in Splunk. I have already extracted the required fields, totaling 10 fields. I need to ensu...

by Explorer in

How to connect Apigee Edge to Splunk

Need help configuring a secure connection between Google Apigee Edge and Splunk. What parameters need to be set on t...

by Splunk Employee in

Syslog forwarding

I have an appliance that can only forward syslog via UDP. Is there a way for me to forward the udp syslog to a machin...

by New Member in

How to find which Data Source an event is originating from

Hello, I'm having a hard time trying to find what data source events from a search are originating from, the Search...

by Path Finder in

Why UTC events suddenly started displaying as PST instead of Eastern Time?

Hi, We have data from Change Auditor coming via HEC setup on a Heavy Forwarder. This HF instance was upgraded to Ve...

by Builder in

Dual Forwarding | INGEST_EVAL for new index names.

I'm working on an environment with a mature clustered Splunk instance. The client wishes to start dual-forwarding to ...

by Path Finder in

Reassigning / replacing a sourcetype based on source

I am looking to replace a sourcetype using props.conf / transforms.conf so far with no luck. props.conf [origi...

by Engager in

jsonlinebreaker processing a valid json file

I am forwarding some json files from a splunk forwarder on linux, example file below: {"dateTime" : "04/11/2021 08:...

by Explorer in

JSON events sent to HEC are losing JSON data when then sent to collect

I'm struggling to figure this one out. We have data coming in via an HEC endpoint that is JSON based, with the HEC en...

by New Member in

Why are universal forwarders reporting "File will not be read, seekptr checksum did not match"?

We're getting bunch of these exceptions on our Universal Forwarders...any help would be appreciated and I can provide...

by Builder in

Handling file in custom commands

How can we send a file as input to an API endpoint from custom spl commands developed for both Splunk Enterprise and ...

by Explorer in

Universal Forwarder on Raspberry Pi

Wondering what the chances are of getting a Universal Forwarder compilation for an ARM device such as Raspberry Pi? h...

by Builder in

Routing windows security logs to another index

I am trying to route my windows security logs to another specified index but it has to meet certain criteria.EventCod...

by Loves-to-Learn Everything in

Can you change the admin user password on forwarder if you dont know the current?

I have a forwarder in which we forgot the admin password. Right now it's causing the vmware app to only partially wor...

by Path Finder in

Vmware workspace one (mobile device management (MDM))

our Splunk received logs from Vmware workspace one (mobile device management (MDM)) as syslog messages. what is the...

by Path Finder in

App Certification criteria: I need help on the 644 and 755 settings

My Waterfall Custom Visualization App fails App Inspect test which I am trying to build on Windows Machine. The only ...

by Legend in

Splunk internal logs time not correct

I have setup splunk, the machine has 15:26 as local time, but when I check splunkd.log time it is 20:26. why is...

by Communicator in

How to check if the input.conf updated on Universal Forwarder or not

Hello, I have a deployment server and deploy an app on an Universal Forwarder, like I usually do (Create an app fol...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Splunk - How to convert Logs to Metrics (SQL Add on)?

Does Splunk Windows installer generates any logs during the install process?

Is there any timezone conversion function in splunk to convert timezone in search string?

504 Gateway Time-out

Issue with accepting splunk_hec as exporter for OpenTelemetry Collector

AggregatorMiningProcessor - Breaking event because limit of 256 has been exceeded

dealing with UF user change (linux)

Filter Logs

How to connect Apigee Edge to Splunk

Syslog forwarding

How to find which Data Source an event is originating from

Why UTC events suddenly started displaying as PST instead of Eastern Time?

Dual Forwarding | INGEST_EVAL for new index names.

Reassigning / replacing a sourcetype based on source

jsonlinebreaker processing a valid json file

JSON events sent to HEC are losing JSON data when then sent to collect

Why are universal forwarders reporting "File will not be read, seekptr checksum did not match"?

Handling file in custom commands

Universal Forwarder on Raspberry Pi

Routing windows security logs to another index

Can you change the admin user password on forwarder if you dont know the current?

Vmware workspace one (mobile device management (MDM))

App Certification criteria: I need help on the 644 and 755 settings

Splunk internal logs time not correct

How to check if the input.conf updated on Universal Forwarder or not

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

Data Persistence in the OpenTelemetry Collector

Thanks for the Memories! Splunk University, .conf25, and our Community

Teams add-on for Splunk - missing call records

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Forwarding all logs from HF to third-party using s...

Splunk Observability Cloud/SignalFx - Related Cont...

Getting Data In

Are you a member of the Splunk Community?

Discussions