Getting Data In

Community Activity

Why did ingestion slow way down after I added thousands of new forwarders and/or sources and sourcetypes? My Splunk environment was humming right along until I had a need to very quickly add several thousand new FWDs and a ... by davidpaper Contributor in Getting Data In 11-07-2024 3 3	3	3
Linux Onboarding -Private AWS VPC Few servers are hosting in private VPC which are not connected to organisation IT network how can we onboard those L... by splunkingsplk Explorer in Getting Data In 11-07-2024 0 1	0	1
TCP routing and change target index on secondary Splunk platform Hello,We have two clustered Splunk platforms.Several sources are sent to both platforms (directly to clustered indexe... by splunkreal Motivator in Getting Data In 11-07-2024 0 1	0	1
Trying to collect data through HEC with json event containing empty values Hello, I obtain a "Failed processing http input" when trying to collect the following json event with indexed fields... by davidlg Explorer in Getting Data In 11-07-2024 0 2	0	2
DB_Connect I have an index in which data is coming DB_connect , but it showing NO EVENTS as it is showing this error"Invalid dat... by Siddharthnegi Contributor in Getting Data In 11-07-2024 0 3	0	3
How to create reset in the dashboard Hi All I would like to add reset button in the dashboard however i am not able to see the option to add in dashboard ... by jaibalaraman Path Finder in Getting Data In 11-07-2024 0 2	0	2
Is there a specific license needed to support indexing on a heavy forwarder? Please advise as to whether a specific license is needed to support indexing on a heavy forwarder; Like an indexing l... by dharris_splunk Splunk Employee in Getting Data In 11-07-2024 0 3	0	3
SEDCMD not working in Splunk Cloud I have syslogs coming into Splunk that need some cleaning up - it's essentially JSON with a few extra characters here... by best-west Explorer in Getting Data In 11-06-2024 0 7	0	7
Cannot View Logs in Splunk after Integrating with Google Workspace This is regarding the integration between Splunk and Google Workspace.I have followed the documentation below to conf... by ShuKinTa Engager in Getting Data In 11-06-2024 0 2	0	2
What are best practices for logging to splunk? We have logs that are written to/var/log /var/log/audit We need to keep these for 365 days, and want to ensure that w... by shanemhartley New Member in Getting Data In 11-05-2024 0 1	0	1
Way to set up GUI setup for automatic install on multiple devices My office has deployed around 120 devices that they have now requested splunk be added to. We have been unsuccessful ... by mwgrant21 New Member in Getting Data In 11-05-2024 0 1	0	1
Field string incorrectly showing post onboarding Hi, F5 team is sending logs to our splunk syslog server as comma seperated values. Post onboarding we see some of fie... by splunklearner Communicator in Getting Data In 11-05-2024 0 2	0	2
Line Breaking Issue - text and Json Hello,Below is my log file and I want to break as two log events in splunk using props.conf(regex) 2024-07-31T01:38:0... by arunsoni Explorer in Getting Data In 11-04-2024 0 11	0	11
Differences between on prem and cloud I am pretty new to Splunk. What is the difference between Splunk on premises vs Splunk cloud vs AWS splunk? Please en... by splunklearner Communicator in Getting Data In 11-04-2024 0 4	0	4
Onboarding F5 WAF logs to Splunk I am deployed to new project in splunk. We have logs coming from F5 WAF devices sent to our syslog server. Then we wi... by splunklearner Communicator in Getting Data In 11-04-2024 0 2	0	2
Ingesting Log Files in Windows - Some Logs Being Ingested and Some Failing Hi team,I have been experiencing issues with log ingestion in a Windows Server and I was hoping to get some advice.Th... by victorcorrea Path Finder in Getting Data In 11-04-2024 0 4	0	4
Splunk onboarding field values mistake We are trying to onboard data from F5 WAF devices to our splunk. F5 team sending it by key value pairs. And one of th... by splunklearner Communicator in Getting Data In 11-04-2024 0 1	0	1
Problem with timestamp extraction and props.conf I have the following props which works fine in the "Add Data" GUI and a test file of logs:EVENT_BREAKER = ([\r\n]+)\<... by alferone Explorer in Getting Data In 11-02-2024 0 3	0	3
Just in time admin access Does Splunk on Prem or cloud have a solution that allows users to be an Analyst when doing that role and sign in or e... by Wardy1380 New Member in Getting Data In 11-02-2024 0 3	0	3
Splunk not ingesting all logs with xml ... Only ingesting 1 out of every 3 Hi, I am dealing with an issue where I am ingesting some logs that contains a few regular line then followed by xml d... by Strangertinz Path Finder in Getting Data In 11-02-2024 0 3	0	3
Moving indexers from centos to redhat8 Hi Folks, currently we have 4 physical indexers running on CentOS but since CentOS is EOL , plan it to migrate OS fro... by sbhatnagar88 Path Finder in Getting Data In 11-02-2024 0 15	0	15
How to send OpenCTI data to Splunk Hi there, i got issue when setting connector Splunk in OpenCTIWhen i check logs, it says terminatedi follow guide fro... by zksvc Contributor in Getting Data In 10-31-2024 0 4	0	4
How to filter specific logs and send it as syslog to a third-party host Hi all,I want to send logs (which are part from our sourcetype [kube_audit]) from my HeavyForwarder to a third-party ... by LittleFatFish Engager in Getting Data In 10-31-2024 0 3	0	3
Splunk HTTP Event Collector support for custom metadata(tags) fields/routing fields. Splunk version 9.0.8/9.1.3/9.2.x and above has added capability to process key value pairs that will be added at inde... by hrawat Splunk Employee in Getting Data In 10-30-2024 2 6	2	6
UF in AIX stops after some time. Hi, a few days ago, I installed the UF in an AIX server but it had some details, such as the service running, but the... by Aresndiz Explorer in Getting Data In 10-30-2024 0 1	0	1