Getting Data In

Community Activity

how can we send the data from splunk Heavy forwarder to Elastic search directly without sending to logstash in middle how can we send the data from splunk Heavy forwarder to Elastic search directly without sending to logstash in middle... by benazir Explorer in Getting Data In 02-24-2020 0 0	0	0
How do you retrieve custom logs from an Azure web app using Splunk Light Cloud? Hi, I have an Azure website where I have custom logging for user action. The logs are saved in a database. How shoul... by remusmuresan New Member in Getting Data In 02-24-2020 0 3	0	3
How to monitor same log file into different sourcetypes by ip ? Hello, I have logs from syslog server, my goal is to have events from the same log but these events will indexed wit... by hketer Path Finder in Getting Data In 02-24-2020 0 0	0	0
WinRegMon Blacklist specific Registry Hive Hi, i currently use the WinRegMon Stanza within the inputs.conf. Currently i monitor all changes within the User Sof... by DanielAmlung Path Finder in Getting Data In 02-24-2020 0 1	0	1
Create cleaner snmptrapd logs Hello All, I was wondering if there is a way to cleanup the key value pair logging inside of snmptrapd? I am ingesti... by _joe Contributor in Getting Data In 02-24-2020 0 2	0	2
Splunk bucketinnh Hello everyone I would like to know the steps to aches below questions can anyone please help me 1. How to move da... by itzkirankumar1 Explorer in Getting Data In 02-24-2020 0 4	0	4
Send data from file even if there is no change I have a file in a directory, whose timestamp is changed everyday using "touch" command. The contents might change af... by shreyasathavale Communicator in Getting Data In 02-24-2020 0 6	0	6
Time zone in TIME_FORMAT Given this timestamp: 01/Mar/2011:17:25:49.666+0000 What is the right format? I'm leaning towards: TIME_FORMAT = ... by vbumgarner Contributor in Getting Data In 02-23-2020 0 9	0	9
How to configure universal forwarder on Linux to send a log file to Splunk heavy forwarder? Hi, I installed and configured UF on a Linux server to send syslog to Splunk HF. I am now trying to send an applicati... by vnguyen46 Contributor in Getting Data In 02-21-2020 0 3	0	3
splunk datetime after January 2020 Hi, I want to know, I do not actually update my datetime.xml and I want to know if I update now for the data. Do I n... by snicol2017 New Member in Getting Data In 02-21-2020 0 1	0	1
Override sourcetype for custom logs Hi I am trying to override my current sourcetype to create multiple source types based on key matching patterns. But ... by sundarrajan Path Finder in Getting Data In 02-21-2020 0 6	0	6
How do i clone one sourcetype multiple times? HI Currently i copy a sourcetypes with TRANSFORMS-CLONE and it works, example below. But i want to use TRANSFORMS-CL... by robertlynch2020 Influencer in Getting Data In 02-21-2020 1 3	1	3
How to increase the event size which is limited to 10000 in Splunk cloud ? Hi, I am not able to fetch the full JSON payload using the scripted input in the Splunk cloud. Here, I have installe... by vasutiwari New Member in Getting Data In 02-21-2020 0 4	0	4
syslog server not receiving any events from a heavyforwarder. what could be the issue and how can it be resolved? I setup syslog output forwarding per the Splunk docs, but am not seeing anything being sent out nor receiving it on t... by pavanae Builder in Getting Data In 02-21-2020 0 2	0	2
Count values delimited by "," in a field Hi guys, I have the following exemple: Searching the "s" in Field B delimited by "," , my expected result is the fo... by habrhi Explorer in Getting Data In 02-21-2020 0 3	0	3
Event: Show source loading .... Hello, if I try to show the source of an event, splunk shows only "loading ...". I took care, that the result is fin... by chrisitanmoleck Path Finder in Getting Data In 02-20-2020 2 12	2	12
How to post to Http Event Collector with PHP? All, Anyone ever post to HEC using PHP? Got a working example? Or see where I am going wrong? <?php $ch = ... by daniel333 Builder in Getting Data In 02-20-2020 0 1	0	1
Splunk for Nix packages output wrong? All, I enabled the packages input on Splunk_TA_nix on my CentOS 7 box. I get 790 packages back. How ever when I get... by daniel333 Builder in Getting Data In 02-20-2020 0 0	0	0
Re-index all lines of a CSV file after any change? I have CSV files that are point-in-time snapshots of a configuration. If any part of the CSV changes, I'd like the co... by jamesklassen Path Finder in Getting Data In 02-20-2020 0 0	0	0
Why is the Universal forwarder executing regmon, powershells and others with out them being explicitly configured? Hi, why is my UF on Windows executing various splunk-* tools without them beeing configured in any input? Every few m... by afx Contributor in Getting Data In 02-20-2020 0 6	0	6
How to setup universal forwarder on linux Step by step setup for universal forwarder. by bhavya_shah Path Finder in Getting Data In 02-20-2020 1 5	1	5
What is included in Linux syslog? Hi, On Linux Splunk servers, my system admin set this record in remotesyslog.conf . @@syslog-zone40.uth.tmc.edu:1... by vnguyen46 Contributor in Getting Data In 02-20-2020 0 1	0	1
HTTP Event Collector in a distributed environment with load balanced Heavy Forwarders I have a pair of heavy forwarders that is load balanced by a round robin DNS record. I want to set them up as HTTP ... by morphis72 Path Finder in Getting Data In 02-20-2020 0 3	0	3
Has anyone indexed Azure Devops audit log? Hi. It seems Microsoft has exposed the audit log for Azure DevOps, https://docs.microsoft.com/en-us/rest/api/azure/d... by las Contributor in Getting Data In 02-20-2020 0 2	0	2
Index showing latest data as over a month ago but events are still coming in Hi, I have recently started looking at .conf files and configuring them to log specific site data. After I made m... by lkm93 Explorer in Getting Data In 02-20-2020 0 5	0	5