Getting Data In

Community Activity

	Filter columns from CSV while monitoring I am monitoring a folder with csv files with 400+ fields, out of which need only 50 fields for my dashboard. Can we d... by ankitarath2011 Path Finder in Getting Data In 09-01-2019 0 4	0	4
	Sourctype and fix jason field data when i run below search its extracting data from AWS bucket so how ican convert this to search time in splunk cloud a... by Splunk_rocks Path Finder in Getting Data In 09-01-2019 0 2	0	2
	How to figure out if forwarders are utilizing props or transforms? We have Universal Forwarder on our windows servers varying in version from 6.2.3 to 7.1.3. Our Splunk Enterprise ver... by tsheets13 Communicator in Getting Data In 09-01-2019 0 8	0	8
	how to write the props.conf stanze to test the transforms Regex? The following is transforms.conf in my search head [a_b] SOURCE_KEY = _meta REGEX = (logtype::A.*(id::(123\|456)\|(id:... by pavanae Builder in Getting Data In 09-01-2019 0 4	0	4
	Why are logs going into an unknown folder? I have logs going from the Universal Forwarder but are going to the Unknown Folder instead of uploading to the Cloud.... by cedmunds New Member in Getting Data In 09-01-2019 0 3	0	3
	How do I set a source type for this data I have a script that pulls the data at the bottom into a file and then splunk pull the files from the corresponding d... by maxd Engager in Getting Data In 09-01-2019 0 5	0	5
	track all active session (RDP) in network by user hello, I want to track all active session(RDP) in the network and see who login which server, what is the source IP a... by givehchin Path Finder in Getting Data In 09-01-2019 0 7	0	7
	Invalid key in stanza .. in props.conf to make the configuration more readable I use "\" to break long lines, which works fine: EVAL-user = case ( FOO="Act... by PavelP Motivator in Getting Data In 08-31-2019 0 3	0	3
	Getting a list of field extractions using the API There are 2 endpoints that seem to return extractions which are data/transforms/extractions and data/props/extraction... by joemaz95 Path Finder in Getting Data In 08-30-2019 0 10	0	10
	Trouble ignoring events I'm having some difficulty forcing Splunk to ignore events which start with a '#' character. The file is compressed, ... by _smp_ Builder in Getting Data In 08-30-2019 0 21	0	21
	per_sourcetype_thruput logging stopped For several UF's, I've noticed that the metrics.log 'per_sourcetype_thruput' entries have stopped completely, for day... by splunkjas1 Path Finder in Getting Data In 08-30-2019 0 1	0	1
	Filter data by condition on a heavy forwarder Hello , Please i need to filter data on the heavy forwrader to eliminate some logs , Exemple : i need to ingnore ... by aalaa Path Finder in Getting Data In 08-30-2019 0 2	0	2
	Multiple fields to filter against Single inputlookup file Hi Experts Actually I am searching on one index, where Userid is with multiple fields like user,userids,useridvalue,... by gopiven Explorer in Getting Data In 08-30-2019 0 2	0	2
	JSON log extraction at index time Hi, I am trying to extract a JSON log file at index time. The log structure has a nested key(key,value) pairs. Like f... by saiynv New Member in Getting Data In 08-30-2019 0 5	0	5
	Heavy forwarder - Could not send data to output queue (parsingQueue) Below is my use-case (Heavy Forwarders -> Indexers). Need expert assessment. 1) I have very huge log files. 2) So, I... by nareshinsvu Builder in Getting Data In 08-29-2019 0 8	0	8
	How do I forward and delete logs? I would like to be able to forward logs and then delete them using a UF. How can I do this? For the sake of the Splu... by nick405060 Motivator in Getting Data In 08-29-2019 0 2	0	2
	Why are JSON fields extracted and displayed twice? JSON fields are extracted twice. On Universal forwarder (7.0.3) the settings props.conf are like this [my_sourcetyp... by thirusama Path Finder in Getting Data In 08-29-2019 0 12	0	12
	Access /services/receivers/stream endpoint through Nginx proxy? We're running a Splunk indexer behind an Nginx proxy in order to apply HSTS headers. However, we recently noticed tha... by donaldson8 New Member in Getting Data In 08-29-2019 0 0	0	0
	No data from TCP input Hi All, We have a Splunk environment running on 6.2.2. We configured a TCP input to receive logs directly from netwo... by siva_cg Path Finder in Getting Data In 08-29-2019 0 9	0	9
	Feeds TOR network traffic Hello all. I'm now working out how to detect tor traffic. How better me do this? Maybe some articles, guides, some tr... by test_qweqwe Builder in Getting Data In 08-29-2019 0 6	0	6
	csv files with variable structure - how to input ? Hi, There is a task to index csv structured files where the structure depends on one or several fields. For example i... by flyingpiglet Engager in Getting Data In 08-29-2019 0 0	0	0
	How to export "Structured Logs" from Splunk to CSV file Hello. I am new with Splunk, I have the following question/issue: My goal is to parse a raw log file with Splunk an... by psychogyiokosta New Member in Getting Data In 08-29-2019 0 6	0	6
	How to forward Windows 2003 logs New to Splunk, I am trying to get logs forwarded from a 2003 server that we have, but having no luck. I installed a ... by kbakeragx New Member in Getting Data In 08-28-2019 0 5	0	5
	Why are logs forwarding from server to Splunk server but not in a readable format (-splunk-cooked-mode-v3)? The logs are forwarding to from our server to the Splunk server. But the logs are not readable format. (Attached scr... by rdevudra New Member in Getting Data In 08-28-2019 0 3	0	3
	Anonymize Multiple Data Points in Splunk Search I am trying to anonymize customer credit card data in splunk logs but when more than one card appears in the same eve... by markhvesta Path Finder in Getting Data In 08-28-2019 0 2	0	2