Getting Data In

Ask a Question

Discussions

Thread Info

Why is the null value in a JSON event not being parsed properly as NULL?

I have the following data coming into Splunk in JSON format and extracted at index-time: { administrativeStat...

by Path Finder in

Cisco ESA add-on (email security) extracting logs from a common syslog file

I'm using the Cisco ESA add-on (https://splunkbase.splunk.com/app/1761/) The documentation references files wh...

by Explorer in

splunk-perfmon.exe not run

I have a Splunk Deployment Server that pull the apps to UF. I have create an app WinPerfmon and inside of inputs.conf...

by Explorer in

Splunk Forwarder - OpenSSL version

Hi, I've deployed Splunk Forwarder on my machine and noticed it is installing an older version of OpenSSL (1.0.2t)....

by New Member in

High memory usage by Forwarders due to Indexer unavailability

Hello, We had a power outage after which our main Splunk instance (which serves as a Search Head and an Indexer) we...

by Engager in

How to configure batch file in inputs.conf of the TA-app to run every X seconds?

I have a batch file in the jar directory of a TA-app on all my forwarders. The batch file has the following struc...

by Path Finder in

Prevent events from ingesting

Hello, after connecting AWS add-on and configuration, I have this query which is filling my index with much unwa...

by Loves-to-Learn in

Getting error when using 'DATETIME_CONFIG = CURRENT' for a batch input.

Hi, I am using a batch input to ingest some huge files with a single line events that do not have a timestamp. ...

by Builder in

Universal forwarder upgrade

hi all, I need to upgrade the universal forwarder on a windows server. 1. Can I just download the latest version of...

by Path Finder in

How to change props.conf based on input/sourcetype

I have a couple .txt files that I want to parse differently than the rest of my data coming in from my forwarders. ...

by Path Finder in

Universal Forwarder doesn't forward specific log

Hello! It's my first time writing here so forgive me if my question may lack information. What I want to do: I...

by Explorer in

Sending MacOS logs to Splunk without involving another tool or agent

Trying to figure out a successful method for sending MacOS logs to Splunk without involving another tool or agent. We...

by Splunk Employee in

Splunk query output formating to Jason format

I have ingested some logs to Splunk which now looks like below when searching from search header. ...

by Engager in

Restart a UF via CLI / other remote means

Hi Is there a way to remotely restart a UF forwarder in splunk directly from within splunk e.g. using splunk cli ...

by Communicator in

Deployment of Universal Forwarder to Apple Mac fleet

Our company operates a fleet of Apple Macs. We would like to automate the deployment and configuration of the Univers...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Why is the null value in a JSON event not being parsed properly as NULL?

Cisco ESA add-on (email security) extracting logs from a common syslog file

splunk-perfmon.exe not run

Splunk Forwarder - OpenSSL version

High memory usage by Forwarders due to Indexer unavailability

How to configure batch file in inputs.conf of the TA-app to run every X seconds?

Prevent events from ingesting

Getting error when using 'DATETIME_CONFIG = CURRENT' for a batch input.

Universal forwarder upgrade

How to change props.conf based on input/sourcetype

Universal Forwarder doesn't forward specific log

Sending MacOS logs to Splunk without involving another tool or agent

Splunk query output formating to Jason format

Restart a UF via CLI / other remote means

Deployment of Universal Forwarder to Apple Mac fleet

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

Assistance Needed: Reformatting Provided Events to...

XML Regex Conversion

SC4S Initial setup error

Reports are not indexed correctly

Journald exclude specific services