Getting Data In

Community Activity

Why is the Universal forwarder executing regmon, powershells and others with out them being explicitly configured? Hi, why is my UF on Windows executing various splunk-* tools without them beeing configured in any input? Every few m... by afx Contributor in Getting Data In 02-20-2020 0 6	0	6
How to setup universal forwarder on linux Step by step setup for universal forwarder. by bhavya_shah Path Finder in Getting Data In 02-20-2020 1 5	1	5
What is included in Linux syslog? Hi, On Linux Splunk servers, my system admin set this record in remotesyslog.conf . @@syslog-zone40.uth.tmc.edu:1... by vnguyen46 Contributor in Getting Data In 02-20-2020 0 1	0	1
HTTP Event Collector in a distributed environment with load balanced Heavy Forwarders I have a pair of heavy forwarders that is load balanced by a round robin DNS record. I want to set them up as HTTP ... by morphis72 Path Finder in Getting Data In 02-20-2020 0 3	0	3
Has anyone indexed Azure Devops audit log? Hi. It seems Microsoft has exposed the audit log for Azure DevOps, https://docs.microsoft.com/en-us/rest/api/azure/d... by las Contributor in Getting Data In 02-20-2020 0 2	0	2
Index showing latest data as over a month ago but events are still coming in Hi, I have recently started looking at .conf files and configuring them to log specific site data. After I made m... by lkm93 Explorer in Getting Data In 02-20-2020 0 5	0	5
How to monitor network bandwidth at Windows and Linux host and then forward to Splunk server? Hi, I am trying to monitor bandwidth at computers (using Windows and Linux) in a network and send it to Splunkserver ... by lehoang47tin Engager in Getting Data In 02-20-2020 0 1	0	1
How to find non-json records I have a bunch of sourcetypes which are supposed to contain only valid JSON data. I've been asked to verify that in ... by ShagVT Path Finder in Getting Data In 02-20-2020 0 1	0	1
Universal Forwarder to report 2 Indexer What is the best way to route security events to Security Indexers and rest of the sourcetypes to operational indexer... by ansif Motivator in Getting Data In 02-20-2020 0 7	0	7
ログソースタイプについて \| About log source type 以下のログを取り込むときに推奨のソースタイプを教えていただけますでしょうか。 ◆ログ一覧・IIS -> ? ・MS Exchange -> ? ・gmail -> CSV形式？・Firewall-1 -> chackpointの... by Kayoko New Member in Getting Data In 02-19-2020 0 2	0	2
Splunk dummy data from classes Hello All Splunkers, I was wondering if someone have a dummy data for the access-combined source type. I am looking f... by ranjitbrhm1 Communicator in Getting Data In 02-19-2020 0 6	0	6
How to split the following JSON into different events? Hello All, Im a newbie to JSON and have pretty much no knowledge in programming. Can someone please assist in split... by ranjitbrhm1 Communicator in Getting Data In 02-19-2020 0 4	0	4
Recommended R-Syslog equivalent collector for Windows systems. Hello, We have a relatively small network on a remote location that needs to forward logs onto our Splunk Instance,... by offspringinc Engager in Getting Data In 02-19-2020 1 3	1	3
How to send data to different index if packet broker tags events Hi, i have a setup where a packet broker is sending multiple data streams to a universal forwarder. I need to unders... by damindragunatil Explorer in Getting Data In 02-19-2020 0 0	0	0
Need help in parsing the CPU info with REX I have been dumped with events what appears to be memory info. memTotalMB memFreeMB memUsedMB memFreePct memUs... by zacksoft Contributor in Getting Data In 02-19-2020 0 4	0	4
How to send data to HEC using Java SDK? I'm looking for sample code that I can use to send json from my java app into the HEC. I'm having trouble connectin... by lyndac Contributor in Getting Data In 02-19-2020 2 1	2	1
Forwarding data from Heavy forwarder to syslog server I setup syslog output forwarding per the Splunk docs, but am not seeing anything being sent out nor receiving it on t... by pavanae Builder in Getting Data In 02-19-2020 0 7	0	7
Can multiple wildcards be used in host:: stanza in props.conf? Is it possible to use multiple wildcards in the host:: stanza in the props.conf file? [host::svr--blah-] TRANSFORM... by edwardrose Contributor in Getting Data In 02-19-2020 0 1	0	1
Increase use core by splunk Hi all, I am using Heavy forwarder (splunk version 8.0.1 and os-windows) to ingest .zip log files but I could see ve... by ips_mandar Builder in Getting Data In 02-19-2020 0 3	0	3
Index a file according to the modify time only I have files uploaded to the NT share The file is indexed and will be updated daily by QC system Most of the time ... by rayar Contributor in Getting Data In 02-19-2020 0 1	0	1
how to find splunkd.log at windows server 2008 until 2016 server after restart splunk services few days later still happen not phone home between server to splunk Enterprise. ... by fethri New Member in Getting Data In 02-19-2020 0 0	0	0
How can I prevent reindexing events after a reinstall of universal forwarder I am working on a docker for a universal forwarder. The docker worked well until I reconfigured it for automatic rest... by gesa_behrens Path Finder in Getting Data In 02-18-2020 0 3	0	3
6.1.3 forwarder compatibility I have a 6.1.3 forwarder installed on Windows XP with a 6.5.3 Indexer installed on Windows 10. I am unable to receiv... by jgoodrow New Member in Getting Data In 02-18-2020 0 1	0	1
Automatic lookup to match hostnames with and without FQDN Hello, I need to generate an automatic lookup to match certain hosts for a project i'm working on. the thing is, I h... by 3DGjos Communicator in Getting Data In 02-18-2020 0 2	0	2
Compare The Actual Start Time to The Expect Start Time I need a query that will compare run statistics from a list of jobs (msg.jobName = RLMMTP*) that run everyday. The s... by tyhopping1 Engager in Getting Data In 02-18-2020 0 2	0	2