Getting Data In

Community Activity

How to send journal logs to splunk ? How do i send journal logs to splunk?? journalctl -u servicename Here journal logs are raw logs. Will splunk read ... by meenakande New Member in Getting Data In 04-13-2020 0 3	0	3
Setnull and Setparsing I am using SETNULL and SETPARSING to include and exclude log events. Here is the files - Props.conf [OktaIM2:log] T... by rashi83 Path Finder in Getting Data In 04-13-2020 0 3	0	3
Order of execution / precedence of multiple TRANSFORMS consider: Log: 2020-04-01 10:20:30 firstabc secondxyz props.conf [test] REPORT-a = report_a, report_b transfor... by PavelP Motivator in Getting Data In 04-13-2020 1 8	1	8
parsing mix of json and other type without Splunk query if the field is mix of json and some other type. is it possible to parse the field at index time or search time witho... by ekcsoc Path Finder in Getting Data In 04-13-2020 1 0	1	0
Can we index data to Splunk which is from custom search command? Hello all,I have an add-on with written a custom search command and I wanted to know in How can I push the results of... by loginsoftresear Explorer in Getting Data In 04-12-2020 0 3	0	3
REST API - Unauthorized error I am trying to connect with REST API and I am able to use this guide https://answers.splunk.com/answers/685730/can-i-... by av2214 New Member in Getting Data In 04-12-2020 0 11	0	11
Splunk Enterprise Trial version - Need to change the index name Hi, I have downloaded Splunk enterprise Trial version for Windows 64 bit. Only the Search Head is accessible?I create... by VijaySrrie Builder in Getting Data In 04-11-2020 0 4	0	4
What is the proper use of props.conf for timestamp conditional mapping Hello, I have the following data in plain text format that contains several datetime values, it looks like this : ... by dhtran Loves-to-Learn Lots in Getting Data In 04-11-2020 0 2	0	2
Number of events in logs after migrating to Exchange 2016 We recently added Exchange 2016 to our Exchange environment and moved all mailboxes/pubic folders to it. We have an ... by heathramos Path Finder in Getting Data In 04-10-2020 0 3	0	3
Which props.conf for my .csv ? Hi I have a .csv file without header but with fixed fields which i would like to send to my Splunk server with the u... by hattori_hanzo New Member in Getting Data In 04-10-2020 0 3	0	3
Problem with log reception using syslog PFSENSE and splunk Hello, I'm new on reddit and I'd like a little help, I will try to be the clearest as possible. I have 2 Pfsense 2.... by albertdu93 New Member in Getting Data In 04-10-2020 0 0	0	0
Splunk Cloud on-boarding logs Hello, I deployed a free trial of Splunk Cloud instance to learn how to onboard logs into Splunk. I tried for hours b... by superuser88 Engager in Getting Data In 04-10-2020 0 2	0	2
How to set up time properly? I use TIME_PREFIX and TIME_FORMAT to recognize the timestamp of my logs. There is a field, named timezone. It is the ... by cdp_fap Observer in Getting Data In 04-10-2020 0 3	0	3
How to edit my configuration files to index nginx data in Splunk? I have set up a new server, and I'm trying to get nginx access logs into splunk. This is not working. These are my c... by marcrsplunk New Member in Getting Data In 04-10-2020 0 3	0	3
Best practices - Syslog-ng to splunk Hi, I know this topic isn't the first here, but I have some problem to get a good anwser for this specific problem.... by gamsecurity Explorer in Getting Data In 04-10-2020 0 6	0	6
Error while creating new index while trying to create a new index in search head getting error like Invalid apply cluster-bundle error="Bundle valid... by VijaySrrie Builder in Getting Data In 04-09-2020 0 5	0	5
How to get the OS version in which Splunk UF is running? Hi Everyone, My Splunk UF's are installed on Linux. How do I get the OS version. (Not OS type). I am using Splunk App... by Sidharda Path Finder in Getting Data In 04-09-2020 0 2	0	2
I need Help with properly breaking up events Hello, I'm having an issue where clam av logs aren't breaking the events correctly. I'm confident the line_breaking ... by Jarohnimo Builder in Getting Data In 04-09-2020 0 4	0	4
Questions about Universal Forwarder. If any one could help me clarifying these ...that would help. UniversalForwarder can send data at a time to "One" in... by zacksoft Contributor in Getting Data In 04-09-2020 0 3	0	3
Multiple Time Sources in Event Log I have an event in my log that contains the following information * Event Time * Post Event Time 1 * Post Event Time... by willadams Contributor in Getting Data In 04-09-2020 0 2	0	2
Create an alert based on CPU being at X% for a span of X minutes Hi Everyone! I have researched this issue and found a few solutions, though not completely. I followed this link: htt... by rahulkumarfgf Explorer in Getting Data In 04-08-2020 0 3	0	3
Use VSS Shadow Copy to Back Up Warm Buckets I have a cluster of Windows indexers. I need to backup my new warm buckets every day and cannot afford to wait until ... by sjcoluccio67 Explorer in Getting Data In 04-08-2020 0 0	0	0
AWS logs push to on-premise splunk with universal forwarder Hi Everyone, I am new to splunk configuration. So looking for guidance and step by step configuration. I need to co... by sid1987 New Member in Getting Data In 04-08-2020 0 3	0	3
Issues with Parsing JSON Hello everyone, I having issues using Splunk to read and extract fields from this JSON file. I would appreciate any ... by dvmodeste New Member in Getting Data In 04-08-2020 0 3	0	3
Windows 2016 updates Powershell input not working? All, I enabled in powershell input in Splunk_TA_nix for windows update logs on Win2016 and all I get it this. 160... by daniel333 Builder in Getting Data In 04-07-2020 0 0	0	0