Getting Data In

Discussions

Thread Info

Metric event data with an invalid metric value cannot be indexed. How to troubleshoot

I'm trying to fetch windows perfmon data using below input stanza but not receiving any data and I could see the erro...

by New Member in

ServiceNow Add-on 'sys_updated_on' field error

Hi, Splunk server: 7.3.5 snow_ta version: 6.0.0 I'm trying to collect data from the snow cmdb input with the ta...

by Explorer in

Microsoft IIS - Remove 0#.w| with transforms.conf and props.conf

Hello everyone, I am trying to remove this string "0#.w|" with a transforms.conf file. To be sure that my regex is ...

by New Member in

Running multiply Powershell scripts at the same time

I have been working the past 2 weeks with getting powershell scripts and cron jobs stable. but find that when i run 6...

by Loves-to-Learn in

Create Saved Search with Rest API ->need working example

Hi, Does somebody have a working example of how to create a Saved Search using the Rest API with XML? Thanks Ma...

by New Member in

transforms.conf set hostname to current host

Hi, Is there a way to use environment variables within transforms.conf. I am trying to override the hostname to the...

by Builder in

Integrating Splunk with SpringBoot application

I need to integrate Splunk with a springboot application. The idea is having a form allowing user to enter keywords, ...

by New Member in

TA-nmon fifo_reader.py, fifo_reader.sh, nmon.fifo not running, permission denied

The TA-nmon is not sending data to 'nmon' index on my splunk instance. I was looking through the troubleshoot guide f...

by Explorer in

Splunk field transformations page UI

Hi , I have installed Splunk version 7.2.6 in some of the servers and I don't see the type dropdown in one of ...

by Builder in

how to input encrypted files like PGP encrypted files

Hello Everyone, Does anyone know if there is any method in Splunk to index encrypted input files like PGP encrypted...

by Explorer in

Ingest Esxi logs through vrealize into Splunk via syslog

Hi All, I want to ingest ESXi logs through vrealize in Splunk via syslog. Is there any app to get these logs parse ...

by New Member in

Get Teamcity database in Splunk

Hi,I want to integrate Teamcity with splunk so that I can fetch teamcity database in to splunk. What is the best poss...

by Contributor in

Splunk_TA_nix local inputs.conf not allowing multiple indexes

I created a Splunk_TA_nix/local/inputs.conf. I created 2 different indexes in indexes.conf. And then I created an ...

by Loves-to-Learn Lots in

ESET endpoint logs

Hi , i am currently integrating logs from ESET endpoint security server , we have configured ESET to send logs...

by Explorer in

Monitoring FIles from Diretories

Why my files that read from directories not showing the event?

by Explorer in

Oracle Cloud (OCI) WAF Logs Ingestion

Hi, Does anyone know how to ingest the WAF logs generated by the Oracle Cloud Web Application Firewall service? The...

by Path Finder in

Prevent events from ingesting

Hello, after connecting AWS add-on and configuration, I have this query which is filling my index with much unwa...

by New Member in

Is it possible to Mask or perform linebreaking on older data on Search Head??

Hi,We have a dataset that has improper line breaking on few of the events in it. We have added configuration to inges...

by New Member in

Props.confで、タイムスタンプに時間修正を加えて_timeに格納できない

複数の時間が入っているログから、特定のフィールドのタイムスタンプを一つを選択し、時間を変更した上で、タイムスタンプ（_time）に格納したいのですが、うまくできません。例えばログは以下の様なものです。 580 <158>1 202...

by Observer in

Sysmon App and Add-on installation failure

I wanted to install Sysmon App for Splunk (App) and Microsoft Sysmon Add-on (Add-on) on my development server (Splunk...

by Loves-to-Learn in

Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.

Getting Data In

Discussions

Metric event data with an invalid metric value cannot be indexed. How to troubleshoot

ServiceNow Add-on 'sys_updated_on' field error

Microsoft IIS - Remove 0#.w| with transforms.conf and props.conf

Running multiply Powershell scripts at the same time

Create Saved Search with Rest API ->need working example

transforms.conf set hostname to current host

Integrating Splunk with SpringBoot application

TA-nmon fifo_reader.py, fifo_reader.sh, nmon.fifo not running, permission denied

Splunk field transformations page UI

how to input encrypted files like PGP encrypted files

Ingest Esxi logs through vrealize into Splunk via syslog

Get Teamcity database in Splunk

Splunk_TA_nix local inputs.conf not allowing multiple indexes

ESET endpoint logs

Monitoring FIles from Diretories

Oracle Cloud (OCI) WAF Logs Ingestion

Prevent events from ingesting

Is it possible to Mask or perform linebreaking on older data on Search Head??

Props.confで、タイムスタンプに時間修正を加えて_timeに格納できない

Sysmon App and Add-on installation failure

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.

Share your experience in our
Career Survey Now!

Splunk Cloud (HF) w/ Azure SQL Audit

Would syslog-ng be the best option for ingesting O...

To ingest Palo Alto Traffic and Threat logs into S...

Can I use a _meta variable from inputs in a transf...

DBConnect 3.2.0 integration with MongoDB