Getting Data In

Discussions

Thread Info

Windows: Sending Splunk logs to third party server

I need to send Windows Event logs to the third party syslog solutions. Logs from Windows Universal Forwarder is sent ...

by Explorer in

Feature of Splunk: Auto detect user client (PC/Notebook) time zone?

Hi all, Any Splunk features able auto detect current login user client time zone, maybe detect on operating system...

by New Member in

How can we find out which HTTP Event Collector tokens are not being used?

We have numerous input stanzas like - [http://<name>] disabled = 0 token = xxxxxxxx-xxxx-xxxxx-xxxx-xxxxxxxxxxxxx ...

by Ultra Champion in

Event Time Stamp: Day and Month Switched by Splunk

Hi, I have 1 months worth of logs I am uploading to Splunk cloud manually as a trial for when our Enterprise license ...

by New Member in

Event filtering on Heavy-Forwarder

Hi guys I have a multi tier Splunk implementation as following : Syslog ----> Heavy-Forwarder ----> Indexer Univ...

by Loves-to-Learn in

How to re-index data in to splunk with different source type?

I am using universal forwarder I indexed data into Splunk with a source type now I want to re-index same data with di...

by Explorer in

Forwarder not starting

I have forwarder down since past two months, when i brought it up it generated errors. No Splunkd logs have been ...

by Explorer in

How to send a dictionary or a json as an extraData with Splunk mint iOS SDK

I have an iOS project where I send analytics logs. I have a dictionary ( [String: Any] ) that I am able to send to S...

by New Member in

Correct Daemon configuration for the splunk logging driver for docker? No events are being ingested

I'm trying to configure the splunk logging driver in docker to ingest the docker logs into splunk to be able to monit...

by New Member in

Venafi logs have stopped ingesting into Splunk

Venafi logs stopped ingesting into Splunk. We have appropriate role created and capabilities(edit_tcp) also attach...

by Engager in

Monitoring Host/client connectivity

Hello, I'd imagine someone's already had this issue and solved it but I can't find it in Answers and hope someone can...

by Path Finder in

How to I trigger reload of authentication configuration programmatically?

There is a button in the GUI which triggers a reload of authentication configuration (see screenshot below). Is there...

by Communicator in

sedcmd - replace multiple asterisk with single asterisk

on the Linux server command line I tested sed like below and it works. echo \"SMSESSION\", \"Value\": \"**********...

by Engager in

Is there a security reason to upgrade Splunk Universal Forwarder?

I subscribe to a RSS feed for Splunk CVEs and diligently keep my security team in the loop regarding Splunk vulnerabi...

by Motivator in

Timestamp not showing up as set time input

Hi, I am facing a timestamp issue. I have created one sample dashboard below <form> <label>test</label> <fiel...

by Builder in

How do i configure Remote Host Monitoring?

Good day everyone, How are you? Im using Splunk Enterprise 6.3.2 for the first time. after installing it, i set up 3 ...

by New Member in

How to set up a stanza batch to index same file?

Hello, I set up my batch stanza to delete the file once indexed, but sometime, the file can't be due to permission...

by Explorer in

Mass intermittent logout issues

I have intermittent logout issues about 14 times daily. We have a lot of wall screens and Splunk logs out everyone ra...

by Explorer in

How to POST data to specific Splunk index via REST API

My Python script generate some results (Success/Failure output for certain services) which I want to send to a specif...

by New Member in

Why is the time difference not evaluating correctly?

I am working to find the difference between two events and have the following: | stats earliest(_time) as startTim...

by Contributor in

Does data indexed and forwarded from a heavy forwarder to indexer would charge twice?

Is changing indexAndForward=true at heavy forwarder and forwarding to an indexer will charge twice?

by Path Finder in

Splunk api to get all the indexes from all the indexer masters from search head

Hi, I want to know if there is an api to retrieve all the indexes from all the indexer masters from search head. we h...

by New Member in

Compare Usernames from Search with Lookup (csv)

So I read a few answer from here, but I could't ge this to work. My Seach: search.... | dedup user | tab...

by Engager in

Forwarder is active - indexer no data

Forgive me for bringing this up. The problem is forwarding and receiving. At one time I had this working. Now, nothin...

by Builder in

How splunk UF handle windows EventLog rotation?

We have a file sever which generates about 7G windows Event Log a day. Windows Event Log is rotated as soon as the si...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Windows: Sending Splunk logs to third party server

Feature of Splunk: Auto detect user client (PC/Notebook) time zone?

How can we find out which HTTP Event Collector tokens are not being used?

Event Time Stamp: Day and Month Switched by Splunk

Event filtering on Heavy-Forwarder

How to re-index data in to splunk with different source type?

Forwarder not starting

How to send a dictionary or a json as an extraData with Splunk mint iOS SDK

Correct Daemon configuration for the splunk logging driver for docker? No events are being ingested

Venafi logs have stopped ingesting into Splunk

Monitoring Host/client connectivity

How to I trigger reload of authentication configuration programmatically?

sedcmd - replace multiple asterisk with single asterisk

Is there a security reason to upgrade Splunk Universal Forwarder?

Timestamp not showing up as set time input

How do i configure Remote Host Monitoring?

How to set up a stanza batch to index same file?

Mass intermittent logout issues

How to POST data to specific Splunk index via REST API

Why is the time difference not evaluating correctly?

Does data indexed and forwarded from a heavy forwarder to indexer would charge twice?

Splunk api to get all the indexes from all the indexer masters from search head

Compare Usernames from Search with Lookup (csv)

Forwarder is active - indexer no data

How splunk UF handle windows EventLog rotation?

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Parsing Multimetric Logs

SC4S Syslog server update fails during download wi...

SplunkForwarder flooding splunkd.log with reconnec...

Event break multiline PowerShell Transcript Log

uberAgent

Getting Data In

Are you a member of the Splunk Community?

Discussions