Getting Data In

Community Activity

How to monitor same log file into different sourcetypes by ip ? Hello, I have logs from syslog server, my goal is to have events from the same log but these events will indexed wit... by hketer Path Finder in Getting Data In 02-24-2020 0 0	0	0
WinRegMon Blacklist specific Registry Hive Hi, i currently use the WinRegMon Stanza within the inputs.conf. Currently i monitor all changes within the User Sof... by DanielAmlung Path Finder in Getting Data In 02-24-2020 0 1	0	1
Create cleaner snmptrapd logs Hello All, I was wondering if there is a way to cleanup the key value pair logging inside of snmptrapd? I am ingesti... by _joe Contributor in Getting Data In 02-24-2020 0 2	0	2
Splunk bucketinnh Hello everyone I would like to know the steps to aches below questions can anyone please help me 1. How to move da... by itzkirankumar1 Explorer in Getting Data In 02-24-2020 0 4	0	4
Send data from file even if there is no change I have a file in a directory, whose timestamp is changed everyday using "touch" command. The contents might change af... by shreyasathavale Communicator in Getting Data In 02-24-2020 0 6	0	6
Time zone in TIME_FORMAT Given this timestamp: 01/Mar/2011:17:25:49.666+0000 What is the right format? I'm leaning towards: TIME_FORMAT = ... by vbumgarner Contributor in Getting Data In 02-23-2020 0 9	0	9
How to configure universal forwarder on Linux to send a log file to Splunk heavy forwarder? Hi, I installed and configured UF on a Linux server to send syslog to Splunk HF. I am now trying to send an applicati... by vnguyen46 Contributor in Getting Data In 02-21-2020 0 3	0	3
splunk datetime after January 2020 Hi, I want to know, I do not actually update my datetime.xml and I want to know if I update now for the data. Do I n... by snicol2017 New Member in Getting Data In 02-21-2020 0 1	0	1
Override sourcetype for custom logs Hi I am trying to override my current sourcetype to create multiple source types based on key matching patterns. But ... by sundarrajan Path Finder in Getting Data In 02-21-2020 0 6	0	6
How do i clone one sourcetype multiple times? HI Currently i copy a sourcetypes with TRANSFORMS-CLONE and it works, example below. But i want to use TRANSFORMS-CL... by robertlynch2020 Influencer in Getting Data In 02-21-2020 1 3	1	3
How to increase the event size which is limited to 10000 in Splunk cloud ? Hi, I am not able to fetch the full JSON payload using the scripted input in the Splunk cloud. Here, I have installe... by vasutiwari New Member in Getting Data In 02-21-2020 0 4	0	4
syslog server not receiving any events from a heavyforwarder. what could be the issue and how can it be resolved? I setup syslog output forwarding per the Splunk docs, but am not seeing anything being sent out nor receiving it on t... by pavanae Builder in Getting Data In 02-21-2020 0 2	0	2
Count values delimited by "," in a field Hi guys, I have the following exemple: Searching the "s" in Field B delimited by "," , my expected result is the fo... by habrhi Explorer in Getting Data In 02-21-2020 0 3	0	3
Event: Show source loading .... Hello, if I try to show the source of an event, splunk shows only "loading ...". I took care, that the result is fin... by chrisitanmoleck Path Finder in Getting Data In 02-20-2020 2 12	2	12
How to post to Http Event Collector with PHP? All, Anyone ever post to HEC using PHP? Got a working example? Or see where I am going wrong? <?php $ch = ... by daniel333 Builder in Getting Data In 02-20-2020 0 1	0	1
Splunk for Nix packages output wrong? All, I enabled the packages input on Splunk_TA_nix on my CentOS 7 box. I get 790 packages back. How ever when I get... by daniel333 Builder in Getting Data In 02-20-2020 0 0	0	0
Re-index all lines of a CSV file after any change? I have CSV files that are point-in-time snapshots of a configuration. If any part of the CSV changes, I'd like the co... by jamesklassen Path Finder in Getting Data In 02-20-2020 0 0	0	0
Why is the Universal forwarder executing regmon, powershells and others with out them being explicitly configured? Hi, why is my UF on Windows executing various splunk-* tools without them beeing configured in any input? Every few m... by afx Contributor in Getting Data In 02-20-2020 0 6	0	6
How to setup universal forwarder on linux Step by step setup for universal forwarder. by bhavya_shah Path Finder in Getting Data In 02-20-2020 1 5	1	5
What is included in Linux syslog? Hi, On Linux Splunk servers, my system admin set this record in remotesyslog.conf . @@syslog-zone40.uth.tmc.edu:1... by vnguyen46 Contributor in Getting Data In 02-20-2020 0 1	0	1
HTTP Event Collector in a distributed environment with load balanced Heavy Forwarders I have a pair of heavy forwarders that is load balanced by a round robin DNS record. I want to set them up as HTTP ... by morphis72 Path Finder in Getting Data In 02-20-2020 0 3	0	3
Has anyone indexed Azure Devops audit log? Hi. It seems Microsoft has exposed the audit log for Azure DevOps, https://docs.microsoft.com/en-us/rest/api/azure/d... by las Contributor in Getting Data In 02-20-2020 0 2	0	2
Index showing latest data as over a month ago but events are still coming in Hi, I have recently started looking at .conf files and configuring them to log specific site data. After I made m... by lkm93 Explorer in Getting Data In 02-20-2020 0 5	0	5
How to monitor network bandwidth at Windows and Linux host and then forward to Splunk server? Hi, I am trying to monitor bandwidth at computers (using Windows and Linux) in a network and send it to Splunkserver ... by lehoang47tin Engager in Getting Data In 02-20-2020 0 1	0	1
How to find non-json records I have a bunch of sourcetypes which are supposed to contain only valid JSON data. I've been asked to verify that in ... by ShagVT Path Finder in Getting Data In 02-20-2020 0 1	0	1