Getting Data In

Community Activity

	Event breaking not working properly with the regex ([\r\n]+) Event breaking not working properly with the below regex... props.conf LINE_BREAKER=([\r\n]+) My Log data : ('Hi-S... by soumdey Path Finder in Getting Data In 07-29-2019 0 9	0	9
	Is Deployment Client (Universal Forwarder) 6.0 and below is still compatible with Splunk Deployment Server (Splunk Enterprise) 7.0? Hi All, Just want to ask if Deployment Client (Universal Forwarder) 6.0 and below is still compatible with Splunk De... by dantimola Communicator in Getting Data In 07-28-2019 0 2	0	2
	How to create Alert for monitoring splunk forwarder that events is not fetched within the last 5 minutes Hello, I have multiple scripts in each host which send availability,memory,space details of servers to splunk in ever... by avni26 Explorer in Getting Data In 07-28-2019 0 5	0	5
	What does the number of files in the data inputs, files and directories page indicate? Hi Everyone, I was wondering what the number of files in the data inputs, files and directories page indicate? I ha... by paduka Path Finder in Getting Data In 07-28-2019 0 5	0	5
	Question on indexes and retention policy I have 5 indexers in a cluster environment with replication factor 3 . We have a license of 350 GB and our daily aver... by vrmandadi Builder in Getting Data In 07-28-2019 0 6	0	6
	Ingest XML files, fields not being created Hi, i am trying to ingest XML files and split the elements in fields, my log files are; <?xml version="1.0" encodin... by ssaenger Communicator in Getting Data In 07-27-2019 0 4	0	4
	splunkclouduf.spl failed login Receiving this error below... C:\Program Files\SplunkUniversalForwarder\bin>splunk install app splunkclouduf.spl -a... by tthonest New Member in Getting Data In 07-27-2019 0 2	0	2
	Time/Date Stamp errors Hello I have empty log files that get monitored and I keep getting the following warnings: Failed to parse timesta... by edwardrose Contributor in Getting Data In 07-27-2019 0 6	0	6
	filtering logs before indexing I have json type of data and below is the sample events .I want to filter out the events which have the field called ... by vrmandadi Builder in Getting Data In 07-27-2019 0 5	0	5
	Timezone change TZ not working. Hi, We are getting logs in UTC format, I tried using TZ=UTC on Heavy forwarder, but its not working for all events. ... by knalla Path Finder in Getting Data In 07-27-2019 0 6	0	6
	Monitoring multiple servers/paths with a single inputs.conf app Trying to setup an "intelligent" inputs.conf that uses the system name of the forwarder then uses the correct path fo... by joesrepsolc Communicator in Getting Data In 07-27-2019 0 2	0	2
	Need a help on Line Breaking and Time Prefix, Time_Format on props.conf ? Hi All, Need a help on Line Break Regex and TIME_FORMAT on props.conf, I am ingesting sonarqube logs in to splunk fo... by Hemnaath Motivator in Getting Data In 07-26-2019 0 4	0	4
	Splunk filter search to show only multi-value fields I'm working on a splunk search head that was set up my someone else at work and I'm not very familiar with the datase... by brinley Path Finder in Getting Data In 07-26-2019 0 4	0	4
	What is the admin account for on a Universal Forwarder? I have UFs on some "sensitive" servers and the owners - that did the install are questioning the purpose of the Admin... by Glasses Builder in Getting Data In 07-26-2019 0 2	0	2
	Coverting raw IIS logs timestamp from GMT to EST Hello All, I'm working in a windows environment ingesting IIS logs from windows servers. The logs are written in GMT... by Jarohnimo Builder in Getting Data In 07-26-2019 0 4	0	4
	How to configure Splunk Heavy Forwarder and Splunk Searchhead on the same machine? Hi @gcusello (tagging u because i have seen many of your answers in this context  ) , Is it possible to configure Sp... by sarvesh_11 Communicator in Getting Data In 07-26-2019 0 2	0	2
	how to use source stanza in props.conf with spefic regex? i'm trying yo use below source stanza in props.conf file to break the events. my source pattern will be ""xxx/messea... by rajasekhar14 Path Finder in Getting Data In 07-25-2019 0 2	0	2
	Timestamp issue I have below sample events in log file- 2019-07-19\|23:02:24.213\|TEST\|XYZ\|Test1 2019-07-19\|23:02:24.213\|TEST\|XYZ\|Test... by ips_mandar Builder in Getting Data In 07-25-2019 0 7	0	7
	Is it possible to provide upload option in dashboard? Hi, I have a requirement of where i need to provide the uploading button in dashboard and user will upload the log f... by prabaac05 New Member in Getting Data In 07-25-2019 0 6	0	6
	What is aggregation in Splunk? The instruction of my project is: All local event logs must be duplicated to Splunk for events aggregation. In additi... by eitherlucas Engager in Getting Data In 07-25-2019 0 1	0	1
	Monitoring file on unix and alerting based on some condition on the same file I have set file monitoring, file is placed on the Unix . I am able to see the events being indexed in the Splunk howe... by abhijitsaoji Explorer in Getting Data In 07-24-2019 0 2	0	2
	Sending Post to HEC (Splunk Cloud) not working Hi, I've created my Data Input, enabled what needs to be enabled. The PUT works, and I get a Success response. Howev... by codysysdig New Member in Getting Data In 07-24-2019 0 7	0	7
	logview vs Logevent API method Case1: Whenever we are loading a page/screen we use Splunk API method called “logview(“Splash Screen”)” Case 2: W... by siddurocks57 New Member in Getting Data In 07-24-2019 0 0	0	0
	Match 2 Windows Events around the same time I am trying to write a simple rule that correlates 2 events that would occur at the same time. For example an account... by willadams Contributor in Getting Data In 07-24-2019 0 1	0	1
	Want to get data from Connexall Server to Splunk Hi All, I am new to splunk and I want to pull data from Connexall to Splunk, is it achievable using DB Connect or is ... by mohammedk01 Explorer in Getting Data In 07-24-2019 0 1	0	1