Getting Data In

Discussions

Thread Info

Excluding Special Characters from OTEL Splunk Format

We are having difficulty getting exclusions of logs that have fields in Camelcase or have entries that have special c...

by Engager in

Why Am I getting these errors in my Heavy Forwarder? It's not sending anything

Hello, I am receiving these errors and my HF is not working properly. I think that it is something related to...

by Engager in

Windows events filtering not working

Hello, I'having some problem when filtering standard Windows events. My goal is to send the events coming from my U...

by Communicator in

Is AIX 6.1 supported backward compatible with the latest universal forwarder ?

When I want to download the latest forwarder, version listed as AIX 7.1 and AIX 8.1. What happen if I have AIX 6.1...

by New Member in

Need to Split the events before parsing into Splunk

This below mentioned lines are coming as a single event and not as separate events. So we want to get them splitted i...

by Contributor in

rsyslog + apache access logs : How to parse correctly ?

Dear splunkers, I need to ingest some apaches log files. Those log files are first sent to a syslog server ...

by Loves-to-Learn Everything in

Filter events to nullQueue

Hi! I am faced with the following problem. I need to filter the logs that I receive from the source. I get the logs...

by Explorer in

SC4S: parsing_err="Incorrect index, index='main'"

Hi all, I've setup am SC4S just to forward nix:syslog events. In local/context/splunk_metadata.csv: nix_syslog,...

by Loves-to-Learn Lots in

Unable to Receive Data from universal forwarder to splunk server

Dear All, I have recently deployed Universal forwarder on Ubuntu and and the server on other Linux machine. I a...

by Loves-to-Learn in

Monitoring Cisco FlexVPN Tunnels

There seems to be a lot of information about other Cisco VPN technologies (ASA/Firepower/Anyconnect) but I am not fin...

by Loves-to-Learn in

Splunk Priority

Hi All, Just wanted to know we have splunk ES and we use servicenow to triggered alert now my question is if th...

by Path Finder in

Splunk Add-on for Cisco ASA

hi, after installing this plugin, i have errors on every search, realted to cisco or not... Always see this errors: C...

by Explorer in

Firewall logs validation in SPlunk

We have multiple firewalls and different locations and each location we have syslog collector server and its forward ...

by Explorer in

Windows event logs not sending to splunk log collector

Hello Freinds, Current setup - we have multiple locations in Europe, and each location we have multiple windows ser...

by Explorer in

Splunk Data Model Data, To combine or to segregate

Hello, I have been working on Splunk for a few months now, and we are using Splunk mainly for Cyber Security monito...

by Explorer in

No 100% results

I have a report with a table where I am showing uptime availability of various products. Currently the table is retu...

by Explorer in

Using Custom option for ingesting VPC flow logs into Splunk

Hello there, We are looking to use the Custom option to send vpc flow log data to Splunk Cloud. Previously we were...

by Explorer in

Splunk UF ingestion errors - cannot open some files

Hello to everyone!I have many FlexEngine.log files in different directories that are ingested by Splunk UF 9.0.8The p...

by Communicator in

Log file with CRLF not producing multiple indexed events

I'm using Splunk Enterprise 9 on Windows Server 2019 and monitoring a simple log file that has CRLF lines endings and...

by Contributor in

How to search with time specified in milliseconds

I have two timestamps in milliseconds: start=1710525600000, end=1710532800000. How can I search for logs between t...

by Explorer in

UF on DC+DNS Server not forwarding Dynamic DNS Update events

I have the following stanza in etc\system\local\inputs.conf. However I don't see dynamic DNS update events being forw...

by Loves-to-Learn Everything in

Indexing issue- Why is data going on and off?

Hi Team, We are ingesting data from syslot to splunk using Cyberark App . Data is going ON and OFF even thoug...

by Path Finder in

Adding text file into splunk

I have a script containing ip and value. Sh basic.sh>>sample.out Know to get the logs i need to add this sample.out f...

by Explorer in

Unable to get SEDCMD to mask SSNs (on Indexer)

Hello, I am testing using SEDCMD on a single Splunk server architecture.Below is the current configuration which is p...

by Explorer in

Splunk query to find systems with wireshark installed

Is there a way to use Splunk to find out if wireshark is installed on any of the systems? Is there a query for this

by Engager in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Excluding Special Characters from OTEL Splunk Format

Why Am I getting these errors in my Heavy Forwarder? It's not sending anything

Windows events filtering not working

Is AIX 6.1 supported backward compatible with the latest universal forwarder ?

Need to Split the events before parsing into Splunk

rsyslog + apache access logs : How to parse correctly ?

Filter events to nullQueue

SC4S: parsing_err="Incorrect index, index='main'"

Unable to Receive Data from universal forwarder to splunk server

Monitoring Cisco FlexVPN Tunnels

Splunk Priority

Splunk Add-on for Cisco ASA

Firewall logs validation in SPlunk

Windows event logs not sending to splunk log collector

Splunk Data Model Data, To combine or to segregate

No 100% results

Using Custom option for ingesting VPC flow logs into Splunk

Splunk UF ingestion errors - cannot open some files

Log file with CRLF not producing multiple indexed events

How to search with time specified in milliseconds

UF on DC+DNS Server not forwarding Dynamic DNS Update events

Indexing issue- Why is data going on and off?

Adding text file into splunk

Unable to get SEDCMD to mask SSNs (on Indexer)

Splunk query to find systems with wireshark installed

Video | Welcome Back to Smartness, Pedro

Detector Best Practices: Static Thresholds

Expert Tips from Splunk Education, Observability in Action, Plus More New Articles on ...

Splunk File Monitoring Line Breaking not working

No such file or directory: 'java' adding JMX acco...

WARN SSLCommon [53742 FwdDataReceiverThread] - Re...

Configuring Splunk OTel Collector for Linux/Window...

Upload failed with ERROR: Read Timeout