Getting Data In

Community Activity

Why are frozen buckets not going to frozen path? Hello, I'm trying to configure my indexes to store frozen buckets on an NFS share mounted to the Splunk Server. I ha... by dmitchell92 New Member in Getting Data In 10-10-2019 0 5	0	5
Combined logs, props.conf transforms.conf and inputs.conf I have a centralized syslog server which I forward all other server logs to. All of those logs are combined per log ... by bpgoodm New Member in Getting Data In 10-10-2019 0 2	0	2
Custom javascript being overwritten by default Splunk default view (common.js) I'm creating a new dashboard with custom layout/style in Splunk enterprise security app. I'm experiencing an issue wh... by sirajnp Path Finder in Getting Data In 10-09-2019 0 1	0	1
How to configure flow collector When I configure Flow collector on linux_web server for forwarding Flow collector to server Splunk_server , but I se... by outis New Member in Getting Data In 10-09-2019 0 1	0	1
Why does Splunk think my file is binary Hi, I'm trying to process a ".log" file on a Windows server, and Splunk keeps ignoring it, stating that it's a binar... by a212830 Champion in Getting Data In 10-09-2019 2 13	2	13
Does HEC provide guaranteed delivery, and if not, what are my options? I want to ensure that the messages sent to HEC make it to Splunk. What are my options? by hrottenberg_spl Splunk Employee in Getting Data In 10-09-2019 0 1	0	1
How to configure Splunk to read a csv file from a universal forwarder? Hi, I have one csv file at location /apps/data_splunk/.csv And this CSV file has data like below JAN-18 \| 31-JAN-201... by avni26 Explorer in Getting Data In 10-09-2019 0 3	0	3
Why does metadata command returns only one sourcetype? We've got over 50 sourcetypes, however, when I run the command below, I only see syslog under the sourcetype column. ... by dillardo_2 Path Finder in Getting Data In 10-09-2019 0 2	0	2
How to set up Indexes on Indexers HI We have installed a SH and 4 INDEXERS(Non Clustered). We have installed our app to the SH only with our indexers=... by robertlynch2020 Influencer in Getting Data In 10-09-2019 0 7	0	7
at index time, merge multiple lines with the same timestamp Hi there our customer have a custom app we cannot modifyfor each unique event, the app send a log with 2 or 3 linese... by psaminadin New Member in Getting Data In 10-09-2019 0 1	0	1
Idenitfying Common Value between Two Indexes and Exporting Results with a Mix of Fields Hi guys, Apologies for the long winded title! I'm struggling to extract a common value from two indexes and get out ... by danfinan Explorer in Getting Data In 10-09-2019 0 3	0	3
Splunk enterprise webserver is stuck My splunk enterprise webserver is stuck as below and starting: Splunk> 4TW Checking prerequisites... Checki... by vchennuri Engager in Getting Data In 10-09-2019 0 1	0	1
DMC ALert - Missing forwarder for zombie entry Hi, I am getting a DMC alert for a missing forwarder even though that one (at least by client name, but not UUID) exi... by afx Contributor in Getting Data In 10-08-2019 0 3	0	3
Can you index a certain sourcetype and forward the remaining? Hi I am new to Splunk and am trying to forward a specific sourcetype of data out. That part is successful but now I a... by mustafag1 Explorer in Getting Data In 10-08-2019 0 4	0	4
Why is Splunk enterprise webserver is stuck? My splunk enterprise is stuck below and not starting. Splunk> 4TW Checking prerequisites... Checking http p... by vchennuri Engager in Getting Data In 10-08-2019 0 3	0	3
Index some of a certain event code Follow-up (ish) to https://answers.splunk.com/answers/757315/why-isnt-my-transforms-working.html as I let it sit idle... by tmontney Builder in Getting Data In 10-08-2019 0 3	0	3
Search head looks at cluster and separate index In the middle of creating a new environment with an index cluster. On our current setup we have just one indexer. I... by jerrythoms Explorer in Getting Data In 10-08-2019 0 1	0	1
Is there a best practice guide for Splunk and Windows Event Collectors? Does anyone have a guide for load balancing among Windows Event Collectors? We have about 8 Windows Event Collector ... by itrimble1 Path Finder in Getting Data In 10-08-2019 0 1	0	1
Preferred distro for UF & Syslog-NG instance We have a requirement to run a Universal Forwarder that will act as an Intermediate Forwarder for our domain controll... by jlph Loves-to-Learn in Getting Data In 10-08-2019 0 1	0	1
Zip values from JSON. I want to get the total units by PartNumber. I tried using spath but it didnt work maybe I am doing something wrong, ... by sandeepmakkena Contributor in Getting Data In 10-08-2019 0 2	0	2
How to get the count for this JSON value pair I want to get the count for the key value pair and make it in a table. Could anyone please help me on this. My sampl... by muthu3006 New Member in Getting Data In 10-08-2019 0 1	0	1
Office 365 Security & Compliance Logs into Splunk Hi Team, We have a requirement to ingest Office 365 Security & Compliance data into Splunk Cloud. So kindly let us ... by anandhalagarasa Path Finder in Getting Data In 10-08-2019 0 5	0	5
Admin user accout delete on splunk Enterprise 7.0.1 Hi Splunker I have a question about splunk Enterprise 7.0.1 For security reason, my customer want to disable or de... by euimok Explorer in Getting Data In 10-08-2019 0 4	0	4
Universal Forwarder DNS resolution Good day to all, Since I didn't find an search results on this topic, does UF do any DNS resolution for the events (... by a_naoum Path Finder in Getting Data In 10-08-2019 0 2	0	2
How can i parse the value in this line I have the following line. I would like to parse the githash from it. [08/Oct/2019:05:08:31 +0000] 200 \"GET / HTT... by balash1979 Path Finder in Getting Data In 10-08-2019 0 2	0	2