Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

Can we monitor .accdb file in Splunk?

Hello Splunkers!! Can anyone please share your thoughts on whether we can monitor .accdb files via Splunk i.e. Int...

by Explorer in

Why can I not see logs in splunk

Hi All, I got a request to monitor a log files in splunk. below are the log file name pattern: abc_uat_cpe_2...

by Explorer in

How to Monitor latest folder only?

Hi All, I have a set of folders which are created by the job which runs in the backend and the names of the folder...

by Explorer in

Where do I configure my various Splunk settings?

I can never remember where I need to configure my various Splunk settings. Some need to be on the forwarder side, som...

by Splunk Employee in

WinEventLog:Security EventCode 4732 Name instead of SID in Splunk- How can I view the account or username?

Hello, I have all auditing enabled via GPO and I am getting WinEventLog:Security logs in Splunk. I am attempting ...

by Loves-to-Learn Lots in

Generate PDF from View in REST API

I am using Splunk 6.1.1 and currently have a form that takes an integer input (foo) and timerange. The URL for this v...

by Path Finder in

Sourcetype confusion over IIS logs- Help to find a cogent Spec and Select

I have been doing testing and planning out my Splunk deployment. I have set up a Universal Forwarder on one of our pr...

by Communicator in

How to monitor privileged commands in Windows?

Meow~!How to monitor privileged commands in Windows?For example, in Linux I can by AuditD but what about Windows?

by Builder in

Azure AD Add-on for MS Office 365 questions

I am in the process of trying to configure a Tenant in this add-on. Some of the required values are available in the...

by Path Finder in

How to compare json file and find the difference in log file?

How to compare difference in the json file. If there is no difference we are good. But in my case i need to find comp...

by Contributor in

How to add Python modules into Splunk environment for network path monitoring?

Hi All, I am trying to monitor files and folders in network path using a basic (only the outline) Python script sh...

by Loves-to-Learn in

Correlation-Indexed Fields, Indexed Time Field Extraction, HF/UF, Deployment Server, and Performance

Hello, I was trying to find out the correlation among Indexed Fields, Indexed Time Field Extraction, HF/UF, Deploym...

by Builder in

Firewall log summarization before indexing

Hello, In our environment we are dealing with hundreds of GB/day of logs coming from Firewalls. Despite having al...

by Contributor in

How to achieve multiple timestamps in single log file?

I am onboarding data from trend micro portable security via HEC. As per the documentation of trend micro it needs 5 i...

by Engager in

How do you filter windows logs by level?

Is there any way to get only critical and error logs from Windows? I mean, Windows generates logs using different ...

by Explorer in

How are Splunk passwords encrypted in inputs.conf and outputs.conf?

Could someone please document how the Splunk passwords are encrypted (in inputs and outputs.conf) so that we can setu...

by Explorer in

Updated DB Connect, now my connections don't work; MS-SQL Server Using MS Generic Driver With Kerberos Authentication

Splunkers, I just updated my app db_connect. Now all my connections are broken. I think they are forcing ssl now an...

by Engager in

Does anyone knows how to map the field values from Splunk to Siemplify?

We use Siemplify add-on to ingest alerts from Splunk to Siemplify however, the fields in Siemplify come really horrib...

by Explorer in

Can not extract value with whitespace at index time

Hello, I have a not ideal log, looking like this, for example: "field1=value1" "field2=val ue 2" "field3=val...

by Engager in

What is the time stamp the syslog daemon writes to the syslog file?

When the syslog daemon writes to the syslog file, what is the time stamp it writes? is it the host date/time or the e...

by Motivator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Can we monitor .accdb file in Splunk?

Why can I not see logs in splunk

How to Monitor latest folder only?

Where do I configure my various Splunk settings?

WinEventLog:Security EventCode 4732 Name instead of SID in Splunk- How can I view the account or username?

Generate PDF from View in REST API

Sourcetype confusion over IIS logs- Help to find a cogent Spec and Select

How to monitor privileged commands in Windows?

Azure AD Add-on for MS Office 365 questions

How to compare json file and find the difference in log file?

How to add Python modules into Splunk environment for network path monitoring?

Correlation-Indexed Fields, Indexed Time Field Extraction, HF/UF, Deployment Server, and Performance

Firewall log summarization before indexing

How to achieve multiple timestamps in single log file?

How do you filter windows logs by level?

How are Splunk passwords encrypted in inputs.conf and outputs.conf?

Updated DB Connect, now my connections don't work; MS-SQL Server Using MS Generic Driver With Kerberos Authentication

Does anyone knows how to map the field values from Splunk to Siemplify?

Can not extract value with whitespace at index time

What is the time stamp the syslog daemon writes to the syslog file?

Improve Your Security Posture

Maximize the Value from Microsoft Defender with Splunk

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Why is there an issue with Sourcetype Log2jmetrics...

Splunk 8.2.1 and 7.3.1, data not onboarded

Data not showing after upgrading to 8.1.10 from 7....

Issues with HEC

Why logstream field from Cloudwatch is being rejec...