Getting Data In

Discussions

Thread Info

Data upload from splunk ui is successful, but data is not appearing in search

Hi, I have uploaded the data to splunk, but while searching the data doesnt appear, I have shared the screenshots as ...

by Explorer in

Linux Forwarders not talking to Deployment Server

I have a lab setup in VMWare Workstation that has both Linux and Windows servers setup to talk to a Linux deployment ...

by Path Finder in

Non-admin user can't see all the owners in the filter dropdown

Hi, We have Splunk Enterprise. and recently migrated from LDAP TO SAML. And we started observing that non-admin us...

by New Member in

Json line breaking issue

Hi, I have exactly same issue as below https://answers.splunk.com/answers/513703/json-breaking-single-string-into...

by Communicator in

How to write to reverse DNS lookups in Splunk Cloud?

Is there a way to reverse query IP addresses in Splunk Cloud? If so how? Please share the documentation.

by New Member in

How to connect to apigee edge free account using Splunk

Apigee Edge is API management platform. It is both http and tcp based and it sends to syslogs. Can I install Splun...

by Explorer in

Splunk Windows Registry Monitor not showing any events

Hey, I want to monitor the changes in my Windows Registry. I have did the needed procedures and steps however the ...

by Engager in

Windows Forwarded Events from UF on WEC are not being ingested

Hi I have a Windows Server Collecting WinEventLogs from a number windows host endpoints. I was told the Server was a...

by Path Finder in

Indexer Discovery Error (IndexerDiscoveryHeartbeatThread)

Hi, I have Splunk 8.0.0 on AWS with a clustered indexer set up (1 Master and 4 indexers) and I have deployed custo...

by New Member in

Universal Forwarder - Repeating message TcpOutputProc - Found currently active indexer...

I am getting the following messages on my forwarder running on Windows 10: 04-06-2020 18:05:52.171 -0700 INFO TcpO...

by Path Finder in

REST GET request to get list of AD users

Hello, I'm trying the following request in Postman to send a request to get the list of Active Directory users: http:...

by New Member in

csv headers are not getting listed

Hello, I have clonned the CSV source type in Splunk and created a new CSV sourcetype as Alpha_csv and configured ...

by New Member in

could not use strptime to parse timestamp

Feb 18 18:36:20 smtp2 sm-mta[17872]: l1J0a3fO017872: discarded I have one sample event. when I this it gives me "...

by Path Finder in

change date of import data

hi i'm copy log of my application to splunk server with script (i don't use forwarder here) now problem is log se...

by Explorer in

How does splunk reassamble chunks of data coming from UFs in an indexer cluster ?

By default, UFs are sending chunks of 64kB data and spread these over multiple indexers. But indexers are supposed to...

by Contributor in

How can I get more than 10,000 lines into a single event?

I want more than 10,000 lines to merge and show in a single event. [tally_nightly_prd] SHOULD_LINEMERGE=true NO_BI...

by Path Finder in

Rex pattern to extract unc path from xml

I like to extract the UNC path from a log, below a portion from the file : ;<soa:FileSystem identifier="8ec65285-1...

by Engager in

Error Message; The search for datamodel 'abc_123' failed to parse, cannot get indexes to search?

I have two indexers in peer that share 1 index, and 1 data model. Both indexers are configured identically. Both data...

by Communicator in

how to force all data to go to a different index?

How do I force all data to go to a different index without inserting index=foo for all input stanzas?

by Splunk Employee in

500 Internal Server Error out of splunklib/binding.py

I'm seeing this error message stream when the TA-ObserveIT tries to get what I think is the configuration information...

by Communicator in

Getting Data In

Discussions

Data upload from splunk ui is successful, but data is not appearing in search

Linux Forwarders not talking to Deployment Server

Non-admin user can't see all the owners in the filter dropdown

Json line breaking issue

How to write to reverse DNS lookups in Splunk Cloud?

How to connect to apigee edge free account using Splunk

Splunk Windows Registry Monitor not showing any events

Windows Forwarded Events from UF on WEC are not being ingested

Indexer Discovery Error (IndexerDiscoveryHeartbeatThread)

Universal Forwarder - Repeating message TcpOutputProc - Found currently active indexer...

REST GET request to get list of AD users

csv headers are not getting listed

could not use strptime to parse timestamp

change date of import data

How does splunk reassamble chunks of data coming from UFs in an indexer cluster ?

How can I get more than 10,000 lines into a single event?

Rex pattern to extract unc path from xml

Error Message; The search for datamodel 'abc_123' failed to parse, cannot get indexes to search?

how to force all data to go to a different index?

500 Internal Server Error out of splunklib/binding.py

Unable to index Windows registry monitoring (Certa...

WinRegMon - Inputs.conf works on localhost but not...

Onboard logs from McAfee EPO Cloud

serverclass.conf whitelist from pathname not worki...

Connect to your Azure Storage account with the Spl...