Getting Data In

Discussions

Thread Info

Invalid key within a stanza?

Is there a way to get a list of valid keys for a stanza?For example: If you get "Invalid key in stanza" for something...

by Path Finder in

Why is Splunk_TA_nix generating a lot of DateParserVerbose - A possible timestamp match warnings

I'm using the Splunk TA for linux to collect serverlogs. Some background Looking in the "_internal" log I am sein...

by Builder in

How do I get Splunk to limit the Windows file path to under 260 characters?

Getting the following Error on one of our clustered indexers (and similar ones on the other indexers): 10-26-2016 ...

by Path Finder in

Universal Forwarder not sending Directory Service and other logs.

I have uploaded a Universal Forwarder to my Windows VM and configured both the inputs.conf and outputs.conf. I can co...

by New Member in

Extract Fields

Hi guys when I extract a selected event it doesn't show all data in event that I need to extracted

by Explorer in

rsyslog forwarding without header

hi ninjas im currently dealing with some logs beeing forwarded over syslog to a 3rd party system. The question her...

by Communicator in

How to handle multiple timezone when getting the paloalto firewall logs in?

Hello Guys, We have paloalto firewalls with different timezone settings. For the ones which is not in the same time...

by Path Finder in

Any S3 input could support parquet format?

Hi, I met an input issue about s3, which stays not in a aws security lake. Is that possible to use Splunk addon for a...

by Loves-to-Learn Lots in

enormous amounts of EventCode=4674

Hello everybody, i have a server that produces per minute 13000 security logs with the EventCode=4674 (An operatio...

by New Member in

Recomended B.W

Our deployment has indexers located in the main data center and multiple branches. We plan to deploy intermediate for...

by Path Finder in

How to modify the default value for the "host" field for the events getting in via HEC

Hello Guys, We are using Splunk Cloud and have created multiple HECs for different products. We noticed that even...

by Path Finder in

Monitoring of Java Virtual Machines with JMX

Hi all, Im trying to use this app by Baboon - Monitoring of Java Virtual Machines with JMXI get some error when i cli...

by Loves-to-Learn Everything in

integrating Splunk with Elasticsearch

Hello everyone, I hope you’re doing well. I need assistance with integrating Splunk with Elasticsearch. My goal i...

by Path Finder in

need help with spath for json Array

Hi, Need some help with the following JSON data. ModifiedProperties: [ [-] { [-] Name: Group.ObjectID NewVal...

by Builder in

Error pulling data from Cortex via API

I am trying to ingest data from Cortex via API, the API works 100% but getting the following script errors in splunkd...

by Splunk Employee in

Why are logs not getting in from Linux machine?

Logs are not getting in from Linux machine I am using Splunk cloud trial and in a Linux machine and installed univ...

by Explorer in

Splunk User of windows SplunkForwarder

Hello, I'm encountering an issue with Splunk Forwarder on a Windows Server OS. When it runs under the "SplunkForwar...

by Explorer in

Change source server hostname

Hello, There is an index named "linux" in our environment that needs to have the source universal forwarder changed...

by New Member in

Can we send the PaloAlto firewall logs to splunk CLOUD via HEC?

Hello, I'm wondering if we can send the PaloAlto firewall logs to splunk *cloud* via HEC? We've done that once whe...

by Path Finder in

Why this error, Unable to install Universal Forwarder on Windows Server 2022 (error 1603)?

Hi everybody, I've been struggling for hours to install splunks universal forwarder on windows server 2022. ...

by Loves-to-Learn in

trying to read a script out using UF

Hi Splunkers The idea is to pull any new file creations on a particular folder inside C:\users\<username>\appdata\l...

by Explorer in

Load balancing & failover between two heavy forwarders

Hi , My Splunk architecture is like this I have two data centers (DC) and one each heavy forwarder in them .In ...

by Path Finder in

Cloudflare integration with Splunk Enterprise (on-prem)

Hello, I want to integrate Cloudflare with our Splunk Enterprise via logpull method of Cloudflare. In this method, ...

by Observer in

Splunk Heavy Forwarder Transforms

Hi, I have a Splunk Heavy Forwarder routing data to a Splunk Indexer. I also have a search head configured that perfo...

by Engager in

Ingesting delay and batch data sending

Hello, I have problem with Linux UFs. I seem it is sending data in batches. The period between ba...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Invalid key within a stanza?

Why is Splunk_TA_nix generating a lot of DateParserVerbose - A possible timestamp match warnings

How do I get Splunk to limit the Windows file path to under 260 characters?

Universal Forwarder not sending Directory Service and other logs.

Extract Fields

rsyslog forwarding without header

How to handle multiple timezone when getting the paloalto firewall logs in?

Any S3 input could support parquet format?

enormous amounts of EventCode=4674

Recomended B.W

How to modify the default value for the "host" field for the events getting in via HEC

Monitoring of Java Virtual Machines with JMX

integrating Splunk with Elasticsearch

need help with spath for json Array

Error pulling data from Cortex via API

Why are logs not getting in from Linux machine?

Splunk User of windows SplunkForwarder

Change source server hostname

Can we send the PaloAlto firewall logs to splunk CLOUD via HEC?

Why this error, Unable to install Universal Forwarder on Windows Server 2022 (error 1603)?

trying to read a script out using UF

Load balancing & failover between two heavy forwarders

Cloudflare integration with Splunk Enterprise (on-prem)

Splunk Heavy Forwarder Transforms

Ingesting delay and batch data sending

Fall Into Learning with New Splunk Education Courses

Super Optimize your Splunk Stats Searches: Unlocking the Power of tstats, TERM, and ...

How Splunk Observability Cloud Prevented a Major Payment Crisis in Minutes

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025

Edge Processor Destination not showing up in Pipel...

Getting Data In

Are you a member of the Splunk Community?

Discussions