Getting Data In

Community Activity

How to find which Data Source an event is originating from Hello,I'm having a hard time trying to find what data source events from a search are originating from, the Search is... by mninansplunk Path Finder in Getting Data In 10-24-2024 0 1	0	1
Why UTC events suddenly started displaying as PST instead of Eastern Time? Hi,We have data from Change Auditor coming via HEC setup on a Heavy Forwarder. This HF instance was upgraded to Versi... by att35 Builder in Getting Data In 10-24-2024 0 11	0	11
Dual Forwarding \| INGEST_EVAL for new index names. I'm working on an environment with a mature clustered Splunk instance. The client wishes to start dual-forwarding to ... by NullZero Communicator in Getting Data In 10-24-2024 0 4	0	4
Reassigning / replacing a sourcetype based on source I am looking to replace a sourcetype using props.conf / transforms.conf so far with no luck. props.conf [original_so... by beataficek Explorer in Getting Data In 10-24-2024 0 2	0	2
jsonlinebreaker processing a valid json file I am forwarding some json files from a splunk forwarder on linux, example file below:{<!-- -->"dateTime" : "04/11/2021 08:22:... by kulrajatwal Explorer in Getting Data In 10-23-2024 0 2	0	2
JSON events sent to HEC are losing JSON data when then sent to collect I'm struggling to figure this one out. We have data coming in via an HEC endpoint that is JSON based, with the HEC en... by mburgoon New Member in Getting Data In 10-23-2024 0 4	0	4
Why are universal forwarders reporting "File will not be read, seekptr checksum did not match"? We're getting bunch of these exceptions on our Universal Forwarders...any help would be appreciated and I can provide... by prakash007 Builder in Getting Data In 10-23-2024 1 13	1	13
Handling file in custom commands How can we send a file as input to an API endpoint from custom spl commands developed for both Splunk Enterprise and ... by shub_loginsoft Explorer in Getting Data In 10-23-2024 0 8	0	8
Universal Forwarder on Raspberry Pi Wondering what the chances are of getting a Universal Forwarder compilation for an ARM device such as Raspberry Pi? h... by phoenixdigital Builder in Getting Data In 10-22-2024 4 7	4	7
Routing windows security logs to another index I am trying to route my windows security logs to another specified index but it has to meet certain criteria.EventCod... by lclayton95 Loves-to-Learn Everything in Getting Data In 10-22-2024 0 3	0	3
Can you change the admin user password on forwarder if you dont know the current? I have a forwarder in which we forgot the admin password. Right now it's causing the vmware app to only partially wor... by jbleich Path Finder in Getting Data In 10-22-2024 1 6	1	6
Vmware workspace one (mobile device management (MDM)) our Splunk received logs from Vmware workspace one (mobile device management (MDM)) as syslog messages.what is the so... by hazem Path Finder in Getting Data In 10-22-2024 0 3	0	3
App Certification criteria: I need help on the 644 and 755 settings My Waterfall Custom Visualization App fails App Inspect test which I am trying to build on Windows Machine. The only ... by niketn Legend in Getting Data In 10-22-2024 1 11	1	11
Splunk internal logs time not correct I have setup splunk, the machine has 15:26 as local time, but when I check splunkd.log time it is 20:26. why is there... by Nawab Communicator in Getting Data In 10-22-2024 0 2	0	2
How to check if the input.conf updated on Universal Forwarder or not Hello,I have a deployment server and deploy an app on an Universal Forwarder, like I usually do (Create an app folder... by tungpx Explorer in Getting Data In 10-21-2024 0 1	0	1
Event Breaking Incorrectly I am setting up a monitor on the log file for my Dolphin Gamecube emulator. Dolphin and Splunk Enterprise are both ru... by whunterj Explorer in Getting Data In 10-21-2024 0 2	0	2
server not listing data I have 5 forwarders forwarding data to my Splunk server but when I log into this server only two of them are listed t... by new2splunk21 Loves-to-Learn in Getting Data In 10-21-2024 0 6	0	6
Break single line of data. I have a question about breaking up a single line of data to send to the Splunk Indexer. We sending data which can ha... by BB2 Explorer in Getting Data In 10-21-2024 0 4	0	4
SH cluster I am trying to deploy SH cluster, but when I run below command ./splunk init shcluster-config -auth <username>:<pass... by Nawab Communicator in Getting Data In 10-20-2024 0 1	0	1
How to Ingest and Parse WSUS Logs from WID Database into Splunk? Hello,I have a WSUS server that is using the Windows Internal Database (WID). I would like to ingest WSUS service log... by refahiati Explorer in Getting Data In 10-19-2024 0 1	0	1
Incorrect timestamp when ingesting csv data Hi,I’m trying to ingest CSV data (without a timestamp) using a Universal Forwarder (UF) running in a fresh container.... by jg91 Path Finder in Getting Data In 10-18-2024 0 4	0	4
Does FIPS apply to forwarders? I have now re-installed Splunk on both my search head and indexer to enable FIPS, and after a maddening week of frust... by DaClyde Contributor in Getting Data In 10-18-2024 0 5	0	5
How to troubleshoot event code 4662 and why the event not showing on splunk?? (Event code needed for use case) Hi,I am trying to look up data related to EventCode="4662", but it does not show in Splunk.Additionally I checked inp... by ricardo_911 New Member in Getting Data In 10-18-2024 0 4	0	4
Combining the results of two sql queries from two databases using join command not working Hi Team, I am fetching unique "ITEM" values from first sql query running on one database. Then passing those values t... by BKDRockz Engager in Getting Data In 10-17-2024 0 1	0	1
How to monitor process scheduler jobs in peoplesoft using splunk? PeopleSoft SCM - Version 9.2 I am trying to figure how if the jobs that are scheduled through Process Scheduler in P... by iamboppana New Member in Getting Data In 10-17-2024 0 3	0	3