Getting Data In

Community Activity

Issues with Parsing JSON Hello everyone, I having issues using Splunk to read and extract fields from this JSON file. I would appreciate any ... by dvmodeste New Member in Getting Data In 04-08-2020 0 3	0	3
Windows 2016 updates Powershell input not working? All, I enabled in powershell input in Splunk_TA_nix for windows update logs on Win2016 and all I get it this. 160... by daniel333 Builder in Getting Data In 04-07-2020 0 0	0	0
Direction on how to troubleshoot this perfmon issue? All, I have the stock Splunk_TA_Windows 6.0.0 installed 6.0.0 with default inputs.conf enabled. Since pushing it ou... by daniel333 Builder in Getting Data In 04-07-2020 2 3	2	3
JSON Data Query We are ingesting JSON data similar to the following: { "Id":"987654321", "data":[ { "answer":"1... by kenmcgarrahan Explorer in Getting Data In 04-07-2020 1 5	1	5
what would be the Host IP address of Forward data under Forwarding and receiving I have installed splunk enterprise and wanted to configure receiving and forwarding. For receiving I know the default... by gauravreva New Member in Getting Data In 04-06-2020 0 2	0	2
incomplete log for overwriting log file Our system is generating log files named stdout.{pid}.log, the 'pid' here is the process id of current login session,... by zhengzhi163 New Member in Getting Data In 04-06-2020 0 0	0	0
Unable to access /configs/conf-server endpoint when validating modular input configuration I would like to pull the proxy configuration from server.conf when validating my modular input so I can validate the ... by defaziom Explorer in Getting Data In 04-06-2020 1 0	1	0
Understanding props.conf and when it gets used. Hello All, as far as i know splunk merges all probs.conf (All TAs, Apps, Add-ons) in one single probs.conf. Like the... by vessev Path Finder in Getting Data In 04-06-2020 0 4	0	4
size and timestamp of lookup files The lookup table files view only shows some basic info about the file. I often like to know the size and the age of t... by mmol Explorer in Getting Data In 04-06-2020 0 5	0	5
How to output a file in CSV format with maxresultrows in it, using curl? I'm trying to output a file in CSV format with maxresultrows in it, using curl. It works the way I want: $(curl -s ... by breakinho New Member in Getting Data In 04-06-2020 0 0	0	0
Swagger definition for HEC Endpoint REST API Hi, I need a definition of the HEC Endpoint REST Api in Swagger so that a gateway that will nbe used to pass on data ... by afx Contributor in Getting Data In 04-06-2020 1 2	1	2
windows citrix Hello, At the moment, don't have access to the Citrix logs; only Windows Logs (Sec/App/Sys). Does anyone know how I c... by genesiusj Builder in Getting Data In 04-06-2020 0 4	0	4
New SourceType and pushing out I have a requirement to duplicate a default SPLUNK sourcetype. The duplicate sourcetype is based on the JSON sourcet... by willadams Contributor in Getting Data In 04-06-2020 0 1	0	1
my python output with Json format is enclosed with Unicode character and so splunk is not parsing properly the fields I have python script configured in the HF , the script output are enclosed with unicode character U' in the output so... by DataOrg Builder in Getting Data In 04-06-2020 0 4	0	4
How to send some syslog messages to nullQueue - naive config not working Running Enterprise 8.0.2.1. Data is coming in from a universal forwarder with index=syslog sourcetype=syslog and I'm ... by danbah New Member in Getting Data In 04-06-2020 0 15	0	15
Splunk not showing the records of Salesforce Custom Object I added a custom object as one of the inputs but I am not able to see the records in Splunk. It is not visible in the... by sanjax90 New Member in Getting Data In 04-05-2020 0 0	0	0
Not able to add monitor a directory. I'm getting Parameters must be in the form '-parameter value' error. I tried two ways1). C:\Program Files\SplunkUniversalForwarder\bin>splunk add monitor -source C:\Program Files\Atlassi... by druvakumar Path Finder in Getting Data In 04-05-2020 0 6	0	6
Route and filter universal forwarder for two apps Hope everyone is keeping safe. I'm following this document https://docs.splunk.com/Documentation/Splunk/latest/Forwa... by MicMoo Explorer in Getting Data In 04-05-2020 0 4	0	4
HTTP Event Connector and Histogram metrics I am trying to pull Historgram metrics into Splunk 8.0 (local) and the http_event_collector_metrics.log seems to say ... by JimDMillerSPLUN New Member in Getting Data In 04-05-2020 0 0	0	0
In Indexing phase, once data is written to disk, it cannot be changed In Indexing phase, once data is written to disk, it cannot be changed, I think the answer is YES. Kindly explain more... by palisetty Communicator in Getting Data In 04-05-2020 1 2	1	2
mvexpand & split command not working on JSON data Hi, I have JSON data, which seems to be properly prased. I have a field which holds multiple IPs in a new lined when... by ashish9433 Communicator in Getting Data In 04-04-2020 0 3	0	3
How to prevent a Splunk forwarder from passing passwords from auditd? I've got a Splunk forwarder installed on a server. This server is also logging its commands via auditd. When I do... by gregcain Explorer in Getting Data In 04-04-2020 1 21	1	21
Extract Json from a log Hi at all, I'm finding problems extracting fields from a json log using spath, I cannot use regexes because I have to... by gcusello SplunkTrust in Getting Data In 04-03-2020 1 2	1	2
Silent Install options Hello, I'm trying to prepare a silent install of Splunk Universal Forwader, but i'm having difficulty finding the op... by bscahill Observer in Getting Data In 04-03-2020 0 1	0	1
Why is the Splunk universal forwarder dropping from deployment server? Splunk UF's are having different versions 6.0.0, 6.3 and 6.5.2 are connecting to Deployment server with 7.2.6 server.... by rameshtdp New Member in Getting Data In 04-03-2020 0 2	0	2