Getting Data In

Community Activity

AccountName disappears when I forward Windows Security Eventlogs I have 5 computer who send security logs to a server. This server forward those logs to my splunk server so I can put... by rmarietan Engager in Getting Data In 12-03-2019 0 0	0	0
How to dynamically route logs uto multiple indexes and sourcetypes based on file path and filename Hi, I am working on OS log onboarding data under multiple hostname folders and these hostname folders are located at ... by harshal_chakran Builder in Getting Data In 12-03-2019 0 2	0	2
On Windows, Forwarder crash - splunk_wmi.exe Hello, I have installed the Forwarder on windows, and Forwarder works well for a period of time. But, forwarder cra... by wangzhaoyu New Member in Getting Data In 12-03-2019 0 2	0	2
404 Client Error with Microsoft Office 365 Reporting Add-On for Splunk Hi, we have a the Microsoft Office 365 Reporting Add-On for Splunk configured with an account which is a member of t... by becksyboy Contributor in Getting Data In 12-02-2019 0 6	0	6
Can UF send data to multiple indexes I am using Splunk forwarder (not HEC) and want to know if I can send data to multiple indexes. If yes, how? by rashi83 Path Finder in Getting Data In 12-02-2019 0 3	0	3
Can Splunk Ingest This? Hi, can Splunk ingest .edb (Exchange Database) files? by itsmevic Communicator in Getting Data In 12-02-2019 0 1	0	1
How to configure props.conf and transforms.conf to index logs with a specific string and filter out all other events? Hi Experts, I am getting logs / events from an application server to an indexer. I want to index logs with the strin... by chanduira Explorer in Getting Data In 12-02-2019 0 4	0	4
How do you debug custom search command: Error in 'script'? How do I debug following? I have custom search command generatereport that I have developed on Linux, I am using log... by seva98 Path Finder in Getting Data In 12-02-2019 0 1	0	1
Product Timestamp Issue: no existing datetime.xml in $SPLUNK_HOME/etc for the Action Advisory: Product Timestamp Issue (https://docs.splunk.com/Documentation/Splunk/latest/ReleaseNotes/Fi... by erb_spuser New Member in Getting Data In 12-02-2019 0 1	0	1
Timestamp Issue Impacting Splunk Products Hello, We are using Splunk Enterprise version 7.2.3. We do not use two digit time stamp, we use Linux style time st... by sushainmagotra Loves-to-Learn Lots in Getting Data In 12-02-2019 0 3	0	3
(beginner) how to use splunk universal forwarder? Hello. I want to import some data(not kubernetes logs, metrics) to splunk (Enterprise). I've heard I should use splu... by horangs New Member in Getting Data In 12-02-2019 0 0	0	0
Splunkforwarder - log to file? Hi, Is it possible to forward logs to indexer and at the same forward logs locally to a new file? I mean forwarder... by panulpet Loves-to-Learn in Getting Data In 12-01-2019 0 3	0	3
On which Splunk Enterprise servers FixDatetimexml2020 patch needs to be applied? Hi, Query regarding Patch for "Timestamp recognition of dates with two-digit years fails beginning January 1, 2020" ... by pbadhe_2 Engager in Getting Data In 12-01-2019 0 7	0	7
Ingesting Data into Splunk Is there a way I could ingest performance metrics from other tools into splunk using java ti view the same in Splu... by rajashekarpatil New Member in Getting Data In 11-30-2019 0 2	0	2
Splunk USB Control Hi, We use Splunk to manage usb devices. We write script which find usb's serial number and check in our database if... by mesutu Explorer in Getting Data In 11-30-2019 0 10	0	10
How can I parse 2 columns with text format together? I have 2 columns with text format (data 1 and data 2). One of the two columns is empty. I want to parse the 2 columns... by mklhs Path Finder in Getting Data In 11-29-2019 0 4	0	4
AWS-RDS log parsing Hi Folks, Can anyone help me on parsing of AWS-RDS logs. I don't find add-on for it. by Inayath_khan Path Finder in Getting Data In 11-29-2019 0 1	0	1
how to set timestamp format for each event in a log file? Here is the scenario. We have a log file that comes in that we do some modification on the sourcetype to set it base... by gduggan1 Path Finder in Getting Data In 11-29-2019 0 2	0	2
Convert time in CSV upload I have a CSV file uploaded via "lookup Editor" and my "Scan Date" column has the following time format: 11/19/2019 1... by vulnfree Explorer in Getting Data In 11-29-2019 0 1	0	1
Search process did not exit cleanly, exit_code=-1, description="exited with code -1 I'm getting the following error in the Search head. How do I troubleshoot? Search process did not exit cleanly, exit... by aalaa Path Finder in Getting Data In 11-29-2019 1 1	1	1
Can Splunk index Windows Event Log(evt,evtx) files? Windows Server 2003, Windows XP and 2000 generate evt files, where Windows Vista, 2008 Server, Windows 7 generate evt... by Ledio_Ago Splunk Employee in Getting Data In 11-29-2019 5 10	5	10
WMI connect error I configured a splunk heavy repeater to use WMI to collect the security logs, application logs, and system logs of re... by molingxiu New Member in Getting Data In 11-29-2019 0 0	0	0
WMI connect error I configured a splunk heavy repeater to use WMI to collect the security logs, application logs, and system logs of re... by molingxiu New Member in Getting Data In 11-29-2019 0 0	0	0
How to calculate the time between events based on a field change grouped by another field? I'm attempting to generate a table which shows the time between two consecutive login events for a user when the IP a... by goodsellt Contributor in Getting Data In 11-28-2019 1 7	1	7
single indexer operation Hi, It may be a very simple question but i want to know how the indexing actually works when the indexer is down for... by surekhasplunk Communicator in Getting Data In 11-28-2019 0 3	0	3