Getting Data In

Community Activity

Issues with HTTP Status for HEC token Hey,I am facing following issues when sending data using HEC token. Connection has been established with no issue but... by SplunkDash Motivator in Getting Data In 11-18-2024 0 6	0	6
Trying to get eval to push multiple values to one field Currently trying to get eval to give multiple returns \| eval mitre_category="persistence,Defense_Evasion" \| eval apt... by doingathing Engager in Getting Data In 11-18-2024 0 2	0	2
Props and Transforms doubt I am new to Splunk admin and please explain this following stanzas:We have a dedicated syslog server which receives t... by Karthikeya Communicator in Getting Data In 11-18-2024 0 4	0	4
import Adaudit logs into Splunk I want to import Adaudit logs into Splunkbut I don't know howThe important thing is that I want to do this from the o... by fahimeh Explorer in Getting Data In 11-18-2024 0 1	0	1
integrate Group-ib DRP with Splunk. Hello members, i'm trying to integrate splunk wtih Group-ib DRP product but i'm facing issues with the application. I... by KhalidAlharthi Explorer in Getting Data In 11-17-2024 0 1	0	1
Network logs ingestion Hi all,Let me explain my infrastructure here. We have a dedicated 6 syslog servers which forwards data from network d... by Karthikeya Communicator in Getting Data In 11-15-2024 0 12	0	12
Need to give add data capability to user in splunk cloud Hello All,i have a request where users will add their data(csv) manually every day. we are using splunk cloud version... by Roy_9 Motivator in Getting Data In 11-15-2024 0 1	0	1
How do I set up Splunk DB Connect so I only get new log information every time I do a query instead of pulling the whole How do I set up Splunk DB Connect so I only get new log information every time I do a query instead of pulling the wh... by dennislevine New Member in Getting Data In 11-15-2024 0 1	0	1
Aruba Edgeconnect - Logging COnfiguration Hello, There is an app for Aruba Edgeconnect - https://splunkbase.splunk.com/app/6302 Is there any documentation on h... by raptraj2 Loves-to-Learn Lots in Getting Data In 11-15-2024 0 1	0	1
SplunForwarder Windows strange CPU usage grow on some servers Hello,I am facing strange issue with a Splunk Forwarder where on some servers of the same role is CPU usage 0-3% and ... by Peter95 New Member in Getting Data In 11-15-2024 0 1	0	1
SQL audit log not working when using event_time as indexing Hi,I am using the Db connect 3.18.1 to collect sql audit logs FROM sys.fn_get_audit_file function. When I use event_... by fl66 Observer in Getting Data In 11-15-2024 0 3	0	3
Sourcetype restricted access Hi all,We have specific AD group for specific application and we create index for that app and restrict access to tha... by splunklearner Communicator in Getting Data In 11-15-2024 0 5	0	5
Best practice to restrict access to view events by sourcetype? Is there a best practice to restrict access to events in Splunk by index and sourcetype? I have tested using the ... by myandow Path Finder in Getting Data In 11-14-2024 0 4	0	4
Props and Transforms doubt I am pretty new to Splunk and my project is also new. Can someone please explain the configurations given in our clus... by splunklearner Communicator in Getting Data In 11-14-2024 0 2	0	2
How to stop powershell running when the UF is restarted? Has anyone figured out how to run powershell only at scheduled time? In addition to scheduled time, it is running eve... by cpaulraj New Member in Getting Data In 11-14-2024 0 3	0	3
Powershell script input on a schedule Not sure if this is a bug or just weird behaviour, I don't seem to be able to work around it. I have loads of powers... by gavsdavs_GR Path Finder in Getting Data In 11-14-2024 1 8	1	8
What is the disadvantage of having a lot of small buckets and rotating them frequently? So I understand that the minimum timespan on a hot bucket is 1 hour, but bucket sizing defaults to a file size instea... by ltrand Contributor in Getting Data In 11-13-2024 0 11	0	11
Drop Windows Event Logs with EventID 5156 and not RFC 1918 HI All, So i wrote this in attempt to reject all RFC1918 TO RFC1918 logs for windows event logs with WID 5156. ba... by rtalcik Path Finder in Getting Data In 11-13-2024 0 4	0	4
Solution : index renaming not working when using _TCP_ROUTING Hello, if you are using _TCP_ROUTING and index rename on target platform, logs may go to "last chance index" by splunkreal Influencer in Getting Data In 11-13-2024 0 1	0	1
Configuring Splunk OTel Collector for Linux/Windows Log Collection (Splunk Cloud/Enterprise) As you may know, the Splunk OTel Collector can collect logs from Kubernetes and send them into Splunk Cloud/Enterpris... by jthurston Splunk Employee in Getting Data In 11-12-2024 0 0	0	0
TA for HP Storage Hei,We have onboarded data from HP Storage and I am not sure if there is any TA for this technology or how to extrac... by MadalinaT Engager in Getting Data In 11-12-2024 0 1	0	1
interval as a data input parameter I want my customer to be able to set the "interval" and control how frequent the module runs.I started with this:defa... by shai Explorer in Getting Data In 11-12-2024 0 4	0	4
Troubleshooting Slow Search Performance in Splunk with Large Datasets How can I troubleshoot slow search performance in Splunk when searching across large datasets?" by sajjadali1122 New Member in Getting Data In 11-11-2024 0 1	0	1
How can I find a listing of all universal forwarders that I have in my Splunk environment? Hello , Can you help me out How can I find a listing of all universal forwarders that I have in my Splunk environment... by Paramy Loves-to-Learn Lots in Getting Data In 11-11-2024 0 2	0	2
Upload failed with ERROR: Read Timeout I tried to upload a zip file. It showed "Upload failed ERROR: Read Timeout." I am using Windows. The file size is 191... by helpmesplunk Observer in Getting Data In 11-11-2024 0 0	0	0