Getting Data In

Community Activity

event size limit Is there any limit from the event-size ? My events are truncated, one event is about 3Mo text. Is there a possibilit... by sbsbb Builder in Getting Data In 12-12-2019 1 2	1	2
Error message while parsing timestamp dated after 19-12-31 We are currently using Splunk version 7.2.7. As per the Splunk recommendation related to "Timestamp recognition of da... by sdkp03 Communicator in Getting Data In 12-12-2019 0 2	0	2
Handshaking issue with deployment server Hi, I am getting following error message on universal forwarder logs: 11-10-2013 17:43:38.750 +0530 INFO DC:Deploy... by rameshlpatel Communicator in Getting Data In 12-12-2019 0 11	0	11
user-seed.conf - does the file disappear after use? Hello, We have utilized the user-seed.conf correctly and it worked fine a couple months ago but we just noticed that ... by rewritex Contributor in Getting Data In 12-12-2019 0 1	0	1
Search result JSON all fields not being extracted I have a JSON within my search results whose fields are not being extracted all. More specifically, a single field w... by pdamjanovic New Member in Getting Data In 12-12-2019 0 6	0	6
Has anyone deployed ansible playbook for splunk forwarder? Hi all, I am trying to set up ansible playbook for splunk forwarder. Though github completely doesnot help. Has anyo... by chaga New Member in Getting Data In 12-12-2019 0 0	0	0
Can my Windows 2019 servers run a 7.3.3 forwarder and send to 7.1.4 Indexers? Can our 2019 Windows servers run a 7.3.3 forwarder pointing to 7.1.4 Indexers? I know forwarders are backwards compa... by zindain24 Path Finder in Getting Data In 12-11-2019 0 1	0	1
Running command: ../splunk list monitor - i get about 5 entries of "request for members failed failed!" After running the splunk list monitor command from a s390x sles12 machine, it runs the command fine but displays 8 ro... by rewritex Contributor in Getting Data In 12-11-2019 0 0	0	0
What is the max file size that a universal forwarder can input via a batch stanza? Splunk universal forwarder inputs.conf batch stanza is attempting to read CSV files that range in size from a 10MB to... by mdwecht Path Finder in Getting Data In 12-11-2019 0 2	0	2
How to send csv/report to a secure file transfer protocol server? Hi, I have a report/CSV which I want to send to a remote Secure File Transfer Protocol server. I am using Splunk ver... by Shashank_87 Explorer in Getting Data In 12-11-2019 0 3	0	3
How can we verify the patch that has been provided for the date time issue before 1/1/2020? we were notified there is an issue with the recognition of 2 digit years in the Splunk code that requires an immedia... by capesb Engager in Getting Data In 12-11-2019 2 11	2	11
Identify Two Digit Year Timestamp Events Query (2020 Timestamp Issue) We are trying to identify how much of our data is impacted by the latest timestamp bug. I was wondering if there was ... by jordanking1992 Path Finder in Getting Data In 12-11-2019 3 3	3	3
How to filter syslog event level? Hi, I've configured WTI device syslog to send to Splunk. I can see all the syslog activity is there in Splunk Event... by matoulas Path Finder in Getting Data In 12-11-2019 1 6	1	6
Input paths with wildcards for the sub-directories tree Hi, I haven't dealt a lot with wildcards in Paths for Inputs, so will appreciate your help. We need to monitor log... by mlevsh Builder in Getting Data In 12-11-2019 0 4	0	4
Reporting clients with the timestamp workaround (datetime.xml file) in place Is there a way to check which hosts (universal forwarders or splunk enterprise) have the updated datetime.xml install... by oliverj Communicator in Getting Data In 12-11-2019 0 4	0	4
Is it possible to add SQL logs without server add-on? Can I add SQL logs without the SQL server add-on? I need to add SQL logs. I've requested to do this on Splunk and al... by mhpapa62 New Member in Getting Data In 12-11-2019 0 3	0	3
Change query timezone Hi. I have the following query in splunk and I need it to look like gmt-3. index="raw_altitude_or8" "The counter to... by leandromatperei Path Finder in Getting Data In 12-11-2019 0 5	0	5
How to configure a heavy forwarder with Splunk Cloud Guys, I need to configure a heavy forwarder to work with Splunk cloud. There are no documents about it on the Splun... by marceloamorim New Member in Getting Data In 12-11-2019 0 7	0	7
Strange data comes out as field values. Same as the source path I have a strange problem. In the search header, the value of the field created in props.conf is the same as the sour... by nmnank Engager in Getting Data In 12-10-2019 0 2	0	2
How to extract identity.csv via ldapsearch on open ldap? Hi I'm wondering if it is possible to find a search to extract identities information from open ldap. Thanks. by asabatini85 Path Finder in Getting Data In 12-10-2019 0 2	0	2
Display user specific timezone in Dasboard I changed the user specific timezone through the Manager > Your Account management pane. Now I got a requirement to d... by basilarockiaedw Path Finder in Getting Data In 12-10-2019 0 3	0	3
Is it possible to use the oneshot command in a bash script without login prompt? bash-4.1# cat test_script #!/bin/bash sudo -H -u splunk bash -c '/opt/splunk/bin/splunk add oneshot /opt/splunk/etc/... by dajibade New Member in Getting Data In 12-10-2019 0 1	0	1
Events being indexed multiple times to different servers I'm looking for possible reasons a single event would be indexed numerous times on our main indexers from our heavy f... by chodgens Engager in Getting Data In 12-10-2019 0 2	0	2
Why is timestamp not selecting proper field in syslog data after upgrade to 7.3.3? My data is from a command system that is being sent over UDP connection direct to the indexer. It sends data to Splu... by scottrunyon Contributor in Getting Data In 12-10-2019 0 1	0	1
Rolled logs compressed immediately In most cases, each log is rolled to a file in the same directory, or even a nearby directory, either with the same n... by vbumgarner Contributor in Getting Data In 12-10-2019 1 11	1	11