Getting Data In

Start a Conversation

Discussions

Start a Conversation

Thread Info

Does Splunk have a timeline for releasing 7.2.9.1 or 6.6.12.1 to fix the Issues SPL-178915, SPL-171961

It seems like we have a fix in 7.3 for the splunk date-time issue since 2019-11-07 Not that long ago we were told to...

by Path Finder in

xyseries removes field line break

Hi, I have the following search where I create two fields which has a line break (Topic and value): index="example...

by Explorer in

AccountName disappears when I forward Windows Security Eventlogs

I have 5 computer who send security logs to a server. This server forward those logs to my splunk server so I can put...

by Engager in

How to dynamically route logs uto multiple indexes and sourcetypes based on file path and filename

Hi, I am working on OS log onboarding data under multiple hostname folders and these hostname folders are located at ...

by Builder in

On Windows, Forwarder crash - splunk_wmi.exe

Hello, I have installed the Forwarder on windows, and Forwarder works well for a period of time. But, forwarder c...

by New Member in

404 Client Error with Microsoft Office 365 Reporting Add-On for Splunk

Hi, we have a the Microsoft Office 365 Reporting Add-On for Splunk configured with an account which is a member of...

by Communicator in

Can UF send data to multiple indexes

I am using Splunk forwarder (not HEC) and want to know if I can send data to multiple indexes. If yes, how?

by Path Finder in

Can Splunk Ingest This?

Hi, can Splunk ingest .edb (Exchange Database) files?

by Communicator in

Ingest only rows containing certain text from log file

Have a very large log file (20,000+ lines per log file) and I only need the rows that contain "tell_group.pl" in them...

by Communicator in

How to configure props.conf and transforms.conf to index logs with a specific string and filter out all other events?

Hi Experts, I am getting logs / events from an application server to an indexer. I want to index logs with the str...

by Explorer in

How do you debug custom search command: Error in 'script'?

How do I debug following? I have custom search command generatereport that I have developed on Linux, I am using l...

by Path Finder in

Product Timestamp Issue: no existing datetime.xml in $SPLUNK_HOME/etc

for the Action Advisory: Product Timestamp Issue (https://docs.splunk.com/Documentation/Splunk/latest/ReleaseNotes/Fi...

by New Member in

Timestamp Issue Impacting Splunk Products

Hello, We are using Splunk Enterprise version 7.2.3. We do not use two digit time stamp, we use Linux style time sta...

by Loves-to-Learn Lots in

(beginner) how to use splunk universal forwarder?

Hello. I want to import some data(not kubernetes logs, metrics) to splunk (Enterprise). I've heard I should use sp...

by New Member in

Splunkforwarder - log to file?

Hi, Is it possible to forward logs to indexer and at the same forward logs locally to a new file? I mean forwarde...

by Loves-to-Learn in

On which Splunk Enterprise servers FixDatetimexml2020 patch needs to be applied?

Hi, Query regarding Patch for "Timestamp recognition of dates with two-digit years fails beginning January 1, 2020...

by Engager in

Ingesting Data into Splunk

Is there a way I could ingest performance metrics from other tools into splunk using java ti view the same in Splunk ...

by New Member in

Splunk USB Control

Hi, We use Splunk to manage usb devices. We write script which find usb's serial number and check in our database ...

by Explorer in

How can I parse 2 columns with text format together?

I have 2 columns with text format (data 1 and data 2). One of the two columns is empty. I want to parse the 2 columns...

by Path Finder in

AWS-RDS log parsing

Hi Folks, Can anyone help me on parsing of AWS-RDS logs. I don't find add-on for it.

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Does Splunk have a timeline for releasing 7.2.9.1 or 6.6.12.1 to fix the Issues SPL-178915, SPL-171961

xyseries removes field line break

AccountName disappears when I forward Windows Security Eventlogs

How to dynamically route logs uto multiple indexes and sourcetypes based on file path and filename

On Windows, Forwarder crash - splunk_wmi.exe

404 Client Error with Microsoft Office 365 Reporting Add-On for Splunk

Can UF send data to multiple indexes

Can Splunk Ingest This?

Ingest only rows containing certain text from log file

How to configure props.conf and transforms.conf to index logs with a specific string and filter out all other events?

How do you debug custom search command: Error in 'script'?

Product Timestamp Issue: no existing datetime.xml in $SPLUNK_HOME/etc

Timestamp Issue Impacting Splunk Products

(beginner) how to use splunk universal forwarder?

Splunkforwarder - log to file?

On which Splunk Enterprise servers FixDatetimexml2020 patch needs to be applied?

Ingesting Data into Splunk

Splunk USB Control

How can I parse 2 columns with text format together?

AWS-RDS log parsing

Splunk APM & RUM | Upcoming Planned Maintenance

Part 2: Diving Deeper With AIOps

User Groups | Upcoming Events!

Eventgen failing to parse csv- What am I doing wro...

SQS-Based-S3 Input for Cloudtrail black list event...

Splunk OTEL Forwarder- Is there a values.yaml file...

How to highlight the data in the Map for regions E...

Dashboard Studio - Adding a drop down to filter re...