Getting Data In

Ask a Question

Discussions

Thread Info

Need to write a regex for time extraction

Need to write a regex for same as time and same as event given below in image

by Communicator in

Need Proper props configuration for extracting date-time information and breaking down events.

Need to know while am adding the data in splunk am getting the below error Same data would be like :-{"vers...

by Communicator in

Heavy Forwarder - Filtering Juniper events

Greetings, I have been reading through documentation and responses on here about filtering out specific events at the...

by Explorer in

HAProxy server client IP

I have a serious problem, please help me. We have an HAProxy server that receives logs from various clients and for...

by Explorer in

Manage engine ITSM

Hi Team, I need help with Manage engine ticketing tool integration with Splunk i have researched in Google did...

by Engager in

Connect Splunk to SAP Hana Database

Hi, We want to connect Splunk to SAP Hana Database. Have you some idea ? Do we use ngdbc.jar and Put that drive...

by Engager in

Setting _time when field is inconsistent in Json ingestion

I have a Json file which contains a "date" field. The date field in my data that can either be of format %Y-%m-%d %H:...

by Path Finder in

Using different certificates for TCP and HEC Input results in 'unknown CA' error

I recently started using the HEC with TLS on my standalone testing instance and now I am seeing some behavior that I ...

by Path Finder in

Why is User is not allowed to modify the job error?

Hi all. One of our users cannot upload files to splunk with the error "User is not allowed to modify the job". Th...

by Explorer in

Log retention with archiving in Splunk for a specific index

Hello, I'm looking to set up a log retention policy for a specific index, for example index=test. Here's what I'd...

by Communicator in

Outdated OS

Where can i get list of all outdated OS for my dashboard. Is there a site or something

by Path Finder in

Splunk Server logs to 3rd party using an Indexer

We have installed Splunk in windows and we want to send windows logs from Search Head, LM and CM to 3rd party using a...

by Loves-to-Learn Everything in

Splunk Slowness

What are the reasons for the slowness observed in the Splunk Mission Control incident review dashboard?

by Path Finder in

Unique universal forwarder to multiple destinations

Hello, Is it possible to have only 1 Universal Forwarder installed on a Windows server and this UF sends data to 2 ...

by Explorer in

Loosing logs for a specific host in several hours.

Hi All. Using Splunk for collecting logs from different devices. But logs from on devices on the network , is not...

by Observer in

Why is my log file sometimes ignored?

Self-answered question follows. Perhaps it will help someone else in the same boat. I have a file called portal-se...

by Influencer in

Extract key=value into field

[cmd_data=list cm device recusive] splunk auto extracts just [cmd_data=list] End result - be able to filter on cm...

by New Member in

ESXi and vSphere logs

Hello all, I am reviewing the Splunk add-on for vCenter Log and the Splunk add-on for VMware ESXi logs guides and h...

by Path Finder in

UF not in CMC

Newly installed Universal forwarders on windows servers are forwarding logs to Splunk Cloud but newly installed forwa...

by Path Finder in

Hybrid Login with SSO and Traditional Login in Splunk (SSO + Local Auth)

Hi Splunkers!!, We have recently configured SSO in Splunk using Keycloak, and it's working fine — users are able to...

by Motivator in

Microsoft Teams Add-on for Splunk Azure Subscription creation/update failing occasionally

Hi, we are currently experiencing reliability issues when using the Microsoft Teams Add-on for Splunk (https://sp...

by Observer in

SourceTypes being changed by GUI

Hi All, Help please. Can I get people to agree with me that the following is a bug/design flaw - as my splunk cas...

by Path Finder in

Ingest-time lookup

Hello, has anyone worked with ingest-time lookup and familiar with it? https://docs.splunk.com/Documentation/Splunk...

by Path Finder in

Does props.conf support wildcards?

All, I found myself writing this props.conf today. Say I have this: [tomcat:src:server] EXTRACT-springapp_...

by Builder in

Can I send windows security logs using UF over HTTP to Logstash ?

Hello Experts , I am trying to send windows security logs to logstash(http) receiver . Below is what I have based ...

by Builder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Need to write a regex for time extraction

Need Proper props configuration for extracting date-time information and breaking down events.

Heavy Forwarder - Filtering Juniper events

HAProxy server client IP

Manage engine ITSM

Connect Splunk to SAP Hana Database

Setting _time when field is inconsistent in Json ingestion

Using different certificates for TCP and HEC Input results in 'unknown CA' error

Why is User is not allowed to modify the job error?

Log retention with archiving in Splunk for a specific index

Outdated OS

Splunk Server logs to 3rd party using an Indexer

Splunk Slowness

Unique universal forwarder to multiple destinations

Loosing logs for a specific host in several hours.

Why is my log file sometimes ignored?

Extract key=value into field

ESXi and vSphere logs

UF not in CMC

Hybrid Login with SSO and Traditional Login in Splunk (SSO + Local Auth)

Microsoft Teams Add-on for Splunk Azure Subscription creation/update failing occasionally

SourceTypes being changed by GUI

Ingest-time lookup

Does props.conf support wildcards?

Can I send windows security logs using UF over HTTP to Logstash ?

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

How to integrate SentinelOne Singularity Enterpris...

Getting Data In

Are you a member of the Splunk Community?

Discussions