Getting Data In

Community Activity

Multi-select input populate all users with a certain attribute. I have a Dashboard for viewing activity from suspicious accounts. I currently use a multi-select input where I am run... by michael_valenzu New Member in Getting Data In 03-28-2020 0 2	0	2
Run a Linux shell script with Alert Action in the standard Search app. I am running version 8.x. I want to add the capability to run a custom Linux bash script as Alert Action with the OOT... by konpa01 New Member in Getting Data In 03-27-2020 0 1	0	1
Issues Starting Splunk Universal Forwarder: /opt/splunkforwarder/bin/splunkd: error while loading shared libraries: libpcre2-8.so I'm trying to install a forwarder on a NAS box but everytime I try to start it I get the error: /opt/splunkforwarder/... by alucarddjin Path Finder in Getting Data In 03-27-2020 0 3	0	3
help with props.conf I have the following raw data and I am trying to break the individual events starting with timestamp and before anot... by vrmandadi Builder in Getting Data In 03-27-2020 0 5	0	5
Does Splunk Cloud use a self-signed certificate? I have found out that Splunk Cloud Trial uses a self-signed certificate for its HTTP Event collector input endpoint. ... by ragnaridentitys Engager in Getting Data In 03-27-2020 1 5	1	5
Can I set-up Splunk to replace a syslog server? We need to ingest syslog data. Rather then send to a syslog server, then read data from disk with a Forwarder, it see... by twinspop Influencer in Getting Data In 03-27-2020 0 1	0	1
Is it possible to use the same certificate for web UI access and data forwarding? As in title, I was wondering if it is possible to use the same certificate on Heavy forwarders for access to the web ... by konstr Path Finder in Getting Data In 03-27-2020 0 0	0	0
_time Issues with Monthly average I have data in a CSV with below format.. 2 columns Date & count All I want is monthly average .. \| timechart avg... by reverse Contributor in Getting Data In 03-27-2020 0 3	0	3
How to Set up Splunk Enterprise- Forwarders and Receivers? I am trying to understand how to set up Splunk for the first time. I have several Server VMs (exchange, DC, SCCM, Spl... by danielleedgingt Engager in Getting Data In 03-27-2020 0 2	0	2
Does Splunk provide updates when vulnerabilities are found in Add-Ons? Need to know if security vulns are patched in add-ons too. by aboschmann New Member in Getting Data In 03-26-2020 0 1	0	1
Splunk - Example external scripted lookup Hello Splunk Community: I'm trying to convert several stand alone Python scripts into splunk External Lookups and r... by jbabbin Explorer in Getting Data In 03-26-2020 1 1	1	1
How do you do a spath search that would search for multiple models with a variance of IOS levels? Hello, I am trying to acquire some input for SPL parsing a JSON file using the \|spath command. Here is an example... by bzsplunk54 New Member in Getting Data In 03-26-2020 0 3	0	3
Splunk Universal forwarder upgrade to 8.0.2 Hi , I tried to upgrade splunk universal forwarder from 7.0.2 to 8.0.2 and everything looks good , No error in splunk... by ram254481493 Explorer in Getting Data In 03-26-2020 0 2	0	2
Universal Forwarder vs Heavy FOrwarder Hi All, Is there any recent test,conf discussion or doc around mentioned below splunk blog 2016: https://www.splunk... by ansif Motivator in Getting Data In 03-26-2020 0 4	0	4
how to upload and monitor malicious website list. Hello, I have a list of malicious websites, which I would like to upload in SPLUNK and monitor if any users are tryin... by roko14 Engager in Getting Data In 03-26-2020 0 4	0	4
Symantec Cloud Scripted Input Evaluating Symantec EndPoint Protection Cloud product which has a technote for getting events into Splunk Enterprise ... by smaat11 Explorer in Getting Data In 03-26-2020 1 5	1	5
how to ignore the first and last line in json file Is there any way to ignore first and last line from my json files? {<!-- --> "hosts": {<!-- --> "sv-1000.local": [ ... by younes17 Explorer in Getting Data In 03-26-2020 0 1	0	1
parse csv content and header for fields Hi @ All, i´ve got problems to parse the following file / content: "CreationTime","LastWriteTime","LastAccessTime",... by pduvofmr Path Finder in Getting Data In 03-26-2020 0 1	0	1
Could someone help me find out whether i am getting data from universal forwarder to heavy forwarder? Hello, Please could someone help me find out whether i am getting data from the universal forwarder to the heavy forw... by vikkysplunk Path Finder in Getting Data In 03-25-2020 0 4	0	4
Data Ingestion into Phantom How do i ingest data into Splunk Phantom ? by avinash34 Engager in Getting Data In 03-25-2020 0 4	0	4
Help with props.conf for timestamp Hello All , I have a json data format , which I am trying to import into splunk .I want to extract the timestamp fr... by vrmandadi Builder in Getting Data In 03-25-2020 0 4	0	4
I've setup a forwarder on Windows. My receiver is enabled and running tcpdump shows connection. However, Splunk is not indexing data. one of my team has installed the forwarder on a Windows client. running tcpdump on the backend of splunk enterprise s... by bigfatyeastroll Path Finder in Getting Data In 03-25-2020 0 3	0	3
Log collection off network devices Hey All, Just curious if anyone is collecting logs from off network endpoints (workstations) using a Splunk UF and ho... by adalbor Builder in Getting Data In 03-25-2020 0 3	0	3
SEDCMD not replacing comment lines during indexing I'm monitoring hosts files on Windows machines, but I don't want the comment lines when I ingest the file. However, ... by 54638 Explorer in Getting Data In 03-25-2020 0 4	0	4
Splunk Universal Forwarder Upgrade Hi , I am looking for some information on Splunk Universal forwarder upgrade. We have 3000 + forwarders that needs a... by ram254481493 Explorer in Getting Data In 03-25-2020 0 4	0	4