Getting Data In

Community Activity

What is the best practice for forwarding events to splunk cloud? In a typical splunk cloud environment do logs get forwarded from onprem directly to the cloud indexer or is best prac... by trojan_81 Path Finder in Getting Data In 03-16-2020 0 4	0	4
configured the Home Monitor app - only firewall statiscics. No bandwidth data I'm able to push my syslog info from my asus (RT-AC88U) to a splunk server running Ubuntu 18.04 in my network. I rece... by wluca New Member in Getting Data In 03-16-2020 0 0	0	0
Problem with scripted alert Hello plp, I am making an alert, that export a csv , the problem here is when this .csv is exported, only have rw p... by tinpelayee Engager in Getting Data In 03-16-2020 0 7	0	7
Can some one explain what are aggregation issues? we on-boarded an application recently, Now we are seeing there are 100K aggregation issues(Log level= WARN) and 30k t... by snallam123 Path Finder in Getting Data In 03-16-2020 0 5	0	5
How to setup splunk on home wireless network? I want to learn splunk. How can I setup splunk on my home WiFi network to learn and practice? I have Verizon router.... by splunkdavidh Explorer in Getting Data In 03-16-2020 0 7	0	7
need to consider special format in csv as same field value Is there a way to let splunk know when ever the format like "32770": ALL_REQ:2 \| CT_FLAG(32768) keep it as a single... by anwar114 Explorer in Getting Data In 03-16-2020 0 4	0	4
I noticed script alert action is officially deprecated. No easy way to setup a script triggered by log keyword? The run a script alert action is officially deprecated. Create a custom alert action to package a custom script inste... by NakatsuKinichi Engager in Getting Data In 03-16-2020 0 1	0	1
Multi field combination for JSON file question I'm totally new to splunk, I have this JSON file already indexed: {"EventType":2,"EventData":{"Values":[{"Status":1,... by darkelfaxe New Member in Getting Data In 03-15-2020 0 1	0	1
Forward raw syslog to third party server from Splunk Enterprise instance Hi, I have an all in one splunk enterprise environment with only Universal Forwarders. My requirement is to send all... by mkpmilestone New Member in Getting Data In 03-15-2020 0 0	0	0
JSON file event breaking parsing on universal forwarder I have a JSON file. Once I upload the file on the search head using the below stanza in props.conf it's indexed prop... by rayar Contributor in Getting Data In 03-15-2020 0 2	0	2
issue with Splunk batch input Hello All, I am ingesting compressed(.gz) log files into Splunk by putting it in $SPLUNK_HOME/var/spool/splunk folde... by bharat097 New Member in Getting Data In 03-14-2020 0 1	0	1
web gateway filter activity to urls i have 117 sites listed from homeland security. i need to check if any of our machine have visited them. We have McAf... by daveevad New Member in Getting Data In 03-13-2020 0 12	0	12
What are the pros and cons of running thousands of UFs as root We have thousands of UFs running as Unix root and we have discussions whether to keep it like that or run the UFs as ... by danielbb Motivator in Getting Data In 03-13-2020 0 1	0	1
How to group multiple machines and user session time into a readable chart Hi all! I am currently working on a dashboard metrics project that involves me attempting to create a dashboard pane... by earonwilliams12 New Member in Getting Data In 03-13-2020 0 2	0	2
Service item.update causes modular input to restart In my modular input I want to update a configuration setting between runs so I don't poll for the same data again and... by aronsemle New Member in Getting Data In 03-13-2020 0 0	0	0
Help with converting epoch to human readable at index time I have json format data with a field called uploadDate .This has values like /Date(1584037059228)/ , /Date(15840332... by vrmandadi Builder in Getting Data In 03-13-2020 0 4	0	4
How to send a specific index from one indexer to another without a heavy forwarder So we have a client system that has their own Splunk indexer. For certain reasons they do not want their splunk univ... by troyfred Explorer in Getting Data In 03-13-2020 1 3	1	3
How to assign "source" during a search after a conditional statement? I am creating a dashboard to show all Linux command line history per user and I would like to create an input where y... by ricotries Communicator in Getting Data In 03-12-2020 0 7	0	7
Is it possible to install multiple Universal Forwarders on Windows? Can I install multiple Universal Forwarders on Windows? by joey18684 Engager in Getting Data In 03-12-2020 1 7	1	7
Splunk Cloud: How to ingest data using API? Is there a way to ingest data in Splunk using API (and without universal forwarder) if data is captured by native age... by snigdhasaxena Communicator in Getting Data In 03-12-2020 1 3	1	3
Why does service.export REST API fail when _raw is not excluded? Using Java API and requesting a streaming export from Splunk a search like this: search index="client_ndx" sourcetyp... by dsmith14 New Member in Getting Data In 03-12-2020 0 2	0	2
Support for multiple CA for universal forwarder to heavy forwarder connections We are working with mutiple platforms that will send log data to heavy forwarders. We want to encrypt and if possible... by thscheidegger Explorer in Getting Data In 03-12-2020 0 2	0	2
Power consumption logging logger Hello, everyone! I need to understand how much power usage my pc,servers,network devices (consumption). I want to mon... by sh_bolatbekov New Member in Getting Data In 03-12-2020 0 0	0	0
Time Range Picker doesn't apply to search, but modifiers work Hello everyone, I'm faced with an issue of using Time Range Picker. When I put into search bar with this "sourcetype... by stonelzhangh Observer in Getting Data In 03-11-2020 0 0	0	0
Monitoring Polycom syslog with Splunk Hi all, We are trying to analyze the Syslog from Polycom, such as server.log, access.log, etc. However, we don't u... by xzou_splunk Splunk Employee in Getting Data In 03-11-2020 0 4	0	4