Getting Data In

Community Activity

O365 Duplicate events Hello All, I m getting duplicate events for my O365 logs.Have checked from my O365 side configurations and seems eve... by mailmetoramu Explorer in Getting Data In 07-10-2019 1 2	1	2
Can Universal Forwarders download .conf files from Deployment server? Hi All, Is there a way we could tell the Deployment server not to push the certain types of files to Clients, even th... by sanjeev543 Communicator in Getting Data In 07-10-2019 0 4	0	4
Splunk Universal forwarder Permission issue My splunk universal forwarder is not reading the logs from var/log directory , even not sending the splunkd logs to m... by ram254481493 Explorer in Getting Data In 07-10-2019 0 2	0	2
Windows Event filtering/truncation at IDX and HF Hey All, I currently have the below props and transforms on my HF's and my IDX's This works on dropping that extra ... by adalbor Builder in Getting Data In 07-10-2019 0 19	0	19
How to verify on the device (forwarder) end that it is indeed sending logs to a Splunk sever? I am currently in a situation where I don't have access to the actual Splunk server but have been provided the Splunk... by progress101 New Member in Getting Data In 07-10-2019 0 12	0	12
Events are indexed multiple times Hi Splunkers, we have a lot of files\folders inputs (established on heavy forwarders) and during the last days we'v... by evelenke Contributor in Getting Data In 07-10-2019 0 2	0	2
Sending data with HEC vs modular inputs vs raw port I'm trying to figure out the pros and cons of using each of these methods to send data to Splunk. Let's assume I have... by yvonnec New Member in Getting Data In 07-10-2019 0 2	0	2
Can Splunk Forward raw logs directly to AWS S3 Yes/No? Can a splunk forwarder send logs directly to an S3 bucket without any other intervention as well as send to the splun... by jurschel Loves-to-Learn in Getting Data In 07-10-2019 0 4	0	4
NFS share for frozen data we have soft link for Fronzen data which link to NFS share. Now storage team just want to change to other IP/hostname... by rashid47010 Communicator in Getting Data In 07-10-2019 0 1	0	1
How do I use the columns in a CSV file to create a bar graph on a dashboard? Hi, I'm new to Splunk and I'm trying to create some visualizations on a Splunk dashboard using some CSV data. My data... by angshul Path Finder in Getting Data In 07-10-2019 0 4	0	4
Data not coming from Kafka to Splunk Hi Splunker, We are trying to pull data from Kafka queues using Splunk Connect for Kafka at one of our customers. We... by p_gurav Champion in Getting Data In 07-10-2019 0 1	0	1
How to filter data coming through Splunk Rest modular input Hi All, I have created REST modular inputs to collect data from REST API. I am using delimiters,"impact=1" ,Polling ... by aritratony New Member in Getting Data In 07-10-2019 0 2	0	2
Filter data Hello , I need to filter data in a heavy forwarder , by discarding some of event : i have the field "id" in my data ... by aalaa Path Finder in Getting Data In 07-10-2019 0 3	0	3
How to get a specific result with stats latest when two events have the same timestamp? Hi, please consider this example.csv: device result _time apollo1 passed 2019-06-28 apollo1 failed 2019-06-... by russell120 Communicator in Getting Data In 07-09-2019 0 17	0	17
Scripted input permission denied Hello. I have a HF and I want it to download a .csv file from another internal server. Right now, I can download it... by DEAD_BEEF Builder in Getting Data In 07-09-2019 0 18	0	18
How to redirect some data coming into an indexer (HEC) to another indexer? I have Http Event Collector inputs defined on an indexer cluster. I need to send one of the tokens' data to a differe... by twinspop Influencer in Getting Data In 07-09-2019 0 4	0	4
How do I create visualizations using JSON data? I have some log files which I'm serializing into a JSON object and sending it to a Splunk App dashboard (through HTT... by angshul Path Finder in Getting Data In 07-09-2019 0 1	0	1
How much data is ingested by a single sourcetype from defined host/clientname How much data in MB/GB is ingested by a single sourcetype from defined host/clientname by gagandeep_arora Path Finder in Getting Data In 07-09-2019 0 3	0	3
Splunk UF Not reading logs. Hi , I am in a situation now , My splunk Universal forwarder is sometimes sending the logs and sometimes its not sen... by Prakash493 Communicator in Getting Data In 07-09-2019 0 2	0	2
Change source and sourcetype I have several thousand events that I want to change the source and sourcetype. I started putting them in the index ... by hartfoml Motivator in Getting Data In 07-09-2019 2 7	2	7
How can we normalize our syslog host names? Our syslog data looks like - # 2019 Jun 25 17:54:30 xxx-yyy-zzz-8 daemon info DataCollector. In transforms.conf we h... by ddrillic Ultra Champion in Getting Data In 07-09-2019 1 18	1	18
How to trim base domain from url I have several pieces of data that look like this: subdomain1.domain.com subdomain2.domain.com Question is how do ... by jgrantham Explorer in Getting Data In 07-09-2019 0 6	0	6
Not able to send csv data to splunk index via rest call - HEC curl -k "http://host:8088/services/collector/?sourcetype=csv& index=csv_data" \ -H "Authorization: Splunk < token key... by cbhattad1 New Member in Getting Data In 07-09-2019 0 2	0	2
How to change splunk search hed deafult hostname with some DNS? I have hostname tb1239905 and port 18000 ,I want to access my with test.splunk.in. When ever splunk send mail link ... by ajitshukla61116 Path Finder in Getting Data In 07-09-2019 0 1	0	1
What does the 'groupby_rank: "0" ' property in 'fields' member of job result response mean ? Hello, If I hit the url : services/search/jobs/[job id]/results in the API, I get a response like : { "preview":... by thepainfull Explorer in Getting Data In 07-09-2019 0 3	0	3