Getting Data In

Discussions

Thread Info

Pie chart colors not changing when only one value

I have a query where I am counting the PASS and fail and displaying it as a pie-chart.Also I modified the search so t...

by Communicator in

Which resources are affecting Splunk Enterprise Data Pipeline?

When the index pipeline begins backing up at any stage, which resources are responsible for the bottleneck. Obviously...

by Explorer in

How can i integrate Workspace one logs into Splunk?

Can someone guide me on ingestion of Workspace one logs into splunk

by Explorer in

Specific index stopped receiving logs. the SH _internal logs had an error"Unable to read from raw size file"

Hello, We had an index that stopped receiving logs. Since we do not manage the host sending the logs I wanted to g...

by Explorer in

logs with no timestamp automatically show +15 hrs of time stamp

"CEF:0|Bitdefender|GravityZone|6.35.1-1|35|Product Modules Status|5|BitdefenderGZModule=modules dvchost=xxx Bitd...

by Path Finder in

splunk_hec exporter is failing "net/http: request canceled while waiting for connection

Trying to setup splunk otel collector using the image quay.io/signalfx/splunk-otel-collector:latest in docker desktop...

by New Member in

Missing Splunk Logs - same configuration in development and production enviroment

Hello, We have been investigating on missing 30% of Splunk logs in our production environment. I'm thinking it mayb...

by Engager in

Why is my LINE_BREAKER parameter not breaking properly with multiple capture groups?

Hello, I need help with perfecting a sourcetype that doesn't index my json files correctly when I am defining ...

by Motivator in

Unable to monitor a windows file.

What are some reasons why a UF wouldn't monitor a windows file assuming there is nothing wrong with any configs and t...

by Engager in

Memory Spike on Universal Forwarder when specific inputs.conf stanza is included

Hello, We have the universal forwarder running on many machines. In general, the memory usage is 200MB and below. ...

by Engager in

Data inputs details for each index

Hi, I'd lilke to create a detailed report with info including the type of forwarder, the average KB/s, the OS, the ...

by Engager in

Windows Eventlogs (Extract RAW from one splunk and import to another)

We are currently changing our splunk server to a new one and during the change there was a mix up and we got data sen...

by Observer in

regex error

Hi Team,While running the query I'm able see this error.but how to overcome this I have tried with spath command, but...

by Explorer in

CSV log unexpectedly breaking by lines

Hello to everyone!I have a Win server with Splunk UF installed that consumes MS Exchange logsThis logs is stored in C...

by Communicator in

How do I modify my rex command to remove directory location from path?

Here is my current rex command - EventCode=1004 | rex field=_raw "Files: (?<Media_Source>.+?\.txt)" | ...

by Explorer in

Trying to push slurm data logs to Splunk

How do I get slurm log content into Splunk?

by Engager in

transforms.conf: Need to ignore specific events.

I have a simply Splunk set-up. about 120 or so Linux servers (that are all basically appliances) w/ universal forwar...

by Explorer in

Indexed only Partial Contents of log file

Hi, We are monitoring whole file in index. As file is in huge in size. which indexed all the content of files. Bu...

by Contributor in

Catalogue Log/Data inputs details for each index

Hi, We have around 340 indexes and I need to know which universal/heavy forwarder forwards data to which exact inde...

by Engager in

Accept Commvault logs in on-prem Splunk servers

Question: We are using Commvault Metallic to backup our O365 cloud-based user data in the Microsoft GCC. How can we...

by New Member in

Azure DevOps Daily Commits Info in Splunk

Has anyone tried this add-on to pull the tfs commits into Splunk via Azure DevOps (Git Activity) - Technical Add-On. ...

by Explorer in

s2s negotiation failed between forwarder running host and indexers

Using splunkforwarder-9.0.2-17e00c557dc1.x86_64 on forwarder linux boxUsing splunk-9.0.4-de405f4a7979.x86_64 on index...

by Loves-to-Learn Lots in

HEC Token Authentication Failures

Dear Splunkers, If I could get an answer on how do I find which HEC token is causing authentication failures (num_...

by Engager in

Splunk Enterprise security Filters

I have installed the latest splunk with Splunk enterprise security on it. I have worked with enterprise security be...

by Path Finder in

Sending 2 logtypes to 2 different splunk environments

I have a few servers that have universal forwarders that need to be updated where I can send the Application data to ...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Pie chart colors not changing when only one value

Which resources are affecting Splunk Enterprise Data Pipeline?

How can i integrate Workspace one logs into Splunk?

Specific index stopped receiving logs. the SH _internal logs had an error"Unable to read from raw size file"

logs with no timestamp automatically show +15 hrs of time stamp

splunk_hec exporter is failing "net/http: request canceled while waiting for connection

Missing Splunk Logs - same configuration in development and production enviroment

Why is my LINE_BREAKER parameter not breaking properly with multiple capture groups?

Unable to monitor a windows file.

Memory Spike on Universal Forwarder when specific inputs.conf stanza is included

Data inputs details for each index

Windows Eventlogs (Extract RAW from one splunk and import to another)

regex error

CSV log unexpectedly breaking by lines

How do I modify my rex command to remove directory location from path?

Trying to push slurm data logs to Splunk

transforms.conf: Need to ignore specific events.

Indexed only Partial Contents of log file

Catalogue Log/Data inputs details for each index

Accept Commvault logs in on-prem Splunk servers

Azure DevOps Daily Commits Info in Splunk

s2s negotiation failed between forwarder running host and indexers

HEC Token Authentication Failures

Splunk Enterprise security Filters

Sending 2 logtypes to 2 different splunk environments

Explore the Latest Educational Offerings from Splunk [January 2025 Updates]

Developer Spotlight with Paul Stout

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

LOGSTASH DATA COMING IN SPLUNK ENTERPRISE

How to Execute a Python Script via a Button and Di...

No such file or directory: 'java' adding JMX acco...

WARN SSLCommon [53742 FwdDataReceiverThread] - Re...

Configuring Splunk OTel Collector for Linux/Window...