Getting Data In

Community Activity

Multiple Indexes from single Firepower Management Center Hi Currently we have up to 20 eStreamer client/event indexes configured, one per FMC. We are looking at moving fro... by cybermonkey101 New Member in Getting Data In 02-14-2020 0 1	0	1
¿How can I configure the UF to take the hostname of the server from another path and not from the default? I have two manageable linux servers with universal forwarder, both have the same host name, when you check the "forwa... by vn0qhul New Member in Getting Data In 02-14-2020 0 0	0	0
Filtering out data (from a forwarder) on Indexer? hi, i have several universal forwarders deployed, and im getting lots of events i want to filter out. I understand ... by spunk311z Path Finder in Getting Data In 02-13-2020 0 4	0	4
Is it possible to regex a sourcetype on a per file basis One of our 3rd party apps has some pretty unfriendly logging. The app itself carries out somewhere between 20-30 jobs... by freern New Member in Getting Data In 02-13-2020 0 2	0	2
Installing the Java logging JAR I want to write some Scala that writes out to the Splunk logging API, so I went here to get started. It links here to... by shulmaniel New Member in Getting Data In 02-13-2020 0 2	0	2
Heavy Forwarder not receiving logs Hi, After migrated Splunk Enterprise to a new hardware, my HFs stop receiving logs over port 514/1514. It's verified ... by vnguyen46 Contributor in Getting Data In 02-13-2020 0 7	0	7
match_type wildcard not working for automatic lookup Please any help will be appreciated. We have a lookup test_pci_asset.csv with a field nt_host values of nt_host are ... by Bentash Explorer in Getting Data In 02-13-2020 0 7	0	7
Should we use heavy forwarders as an intermediate layer between the forwarders and the indexers? We had this severe issue last week - What can be done when the parsing and aggregation queues are filled up? Since i... by danielbb Motivator in Getting Data In 02-13-2020 0 3	0	3
Sending uncooked data from indexer level Hi all, I am sending data from intermediate forwarder to indexer and during indexing, I would like to send raw "unco... by gyarici Path Finder in Getting Data In 02-13-2020 0 9	0	9
How to log whole site content whilst excluding specific file extensions and file types (I am an absolute novice at this, the answer maybe obvious but I am still learning the trade please bear with me) Fo... by lkm93 Explorer in Getting Data In 02-13-2020 0 4	0	4
How to configure non domain account for WMI access Hello Everyone, I have a service account that I need to configure to collect WMI data from domain controllers. This ... by rahulkumarfgf Explorer in Getting Data In 02-13-2020 0 1	0	1
Does Universal Forwarded supports Server Name Indication (SNI)? Hi there folks, I would like to ask if Universal Forwarder can support Server Name Indication (SNI)? That is extensi... by tihomirstoyanov New Member in Getting Data In 02-13-2020 0 1	0	1
RHL version on all the UF HI All , Could you please help me in getting the query to get red hat linux version on the all UF , i have checked ... by deepakgaonkar Explorer in Getting Data In 02-13-2020 0 2	0	2
HTTP Event Collector and curl: How to pass the hostname variable in Chef? (BOUNTY!) Hi, (Not Splunk questions per say...) I'm setting up the HTTP Event Collector, so that our chef recipes can log to ... by a212830 Champion in Getting Data In 02-13-2020 0 11	0	11
Heavy Forwarder Slow to Start Forwarding Syslog Hello- My current setup: Device Syslog --> Syslog Server w/ Splunk HvyFwd --> Splunk Indexer When I restart my Heav... by DBattisto Communicator in Getting Data In 02-13-2020 0 4	0	4
How to input data via "TA for Nutanix Prism" add-on? As I read the guide from "TA for Nutanix Prism" on Splunk Base. There's some description of data input as below: "O... by lllidan New Member in Getting Data In 02-12-2020 0 0	0	0
Why is SSL on Universal Forwarder failing with error "WARN SSLCommon - Received fatal SSL3 alert"? Hi, I just followed the answer in the below post to configure SSL between my UF and the indexer: answers.splunk.com... by samhodgson Path Finder in Getting Data In 02-12-2020 1 6	1	6
WinEvent whitelist not working I'm trying to do whitelist on windows eventcode on my test environment before applying on production. after apply and... by SoknySplunk Loves-to-Learn Lots in Getting Data In 02-12-2020 0 4	0	4
DB Connect not able to process results I am able to test the connection in datalab using splunk db connect app. I am able to fetch results when I run the qu... by p0p00aj New Member in Getting Data In 02-12-2020 0 1	0	1
How to do XSD schema validation on JSON data Hello, I have complex JSON being written to Splunk and want to do XSD schema validation on the JSON, this is to ensur... by msrama5 Explorer in Getting Data In 02-12-2020 0 0	0	0
Install splunk forwarder in Linux servers Hi All; Is there way to push and install splunk forwarder to multiple Linux servers at same time? If you have scrip... by aalhabbash1 Path Finder in Getting Data In 02-12-2020 0 3	0	3
heavy forwarder multi core? Hi, I see a few similar questions in the past however I can't see an answer to date. Does anyone know if the splun... by danan5 Path Finder in Getting Data In 02-12-2020 0 2	0	2
Splunk inputs and whitelists --- how to? I've combed through inputs.conf and the various questions on answers but can't seem to get a definitive example in ho... by DEAD_BEEF Builder in Getting Data In 02-12-2020 0 2	0	2
Extracting ISO8601 timestamp Hello, I’m working on a powershell inputs and am stuck in regards to extracting the timestamp. An event is stdout f... by mbrownoutside Path Finder in Getting Data In 02-12-2020 0 8	0	8
Retention policy for 30 days (15 searchable + 15 frozen) Hello all, I'm trying to setup the following retention policy: 15 days of events to be searchable (hot/warm/cold - ... by dstoev Path Finder in Getting Data In 02-12-2020 0 8	0	8