Getting Data In

Community Activity

How does Splunk handle gzip'd logs? Suppose I have `/var/log/nginx/access.log` and then a dozen files in the same directory named like `access.log-<date>... by jm_tesla Engager in Getting Data In 09-05-2024 0 5	0	5
How do I debug syslog that dont get into splunk whereas I can see the log when I use tcpdump Hi everyone,I’m currently sending vCenter logs via syslog to Splunk and have ensured that the syslog configuration an... by ryanf Engager in Getting Data In 09-05-2024 0 1	0	1
Change Splunk user from root to Splunk user Hi, The Splunk Heavy Forwarders and Deployment Servers were running under Splunk user. Unfortunately, during the upgr... by Ricco19 Loves-to-Learn in Getting Data In 09-05-2024 0 1	0	1
VMware Hosts logs do not show up in new Splunk server We have been using Splunk on a Windows server without issue. It ingested logs from Vmware hosts, networking hardware... by rweales Explorer in Getting Data In 09-04-2024 0 9	0	9
Splunk Windows Events to Third Party System Hello all, implementing some routing at the moment in order to forward a subset of data to a third party syslog syste... by solman07 New Member in Getting Data In 09-04-2024 0 1	0	1
Federated Search -How do I create lookup file with results? We are working with several remote datasets that are combined to give our end user a specific result. Federated Sear... by discenzadoe Explorer in Getting Data In 09-04-2024 0 3	0	3
Checkpoint events are not being parsed properly Hello, We are ingesting Checkpoint logs through an Edge Processor to our SCP. We have deployed Splunk Add-on for Chec... by adrifesa95 Engager in Getting Data In 09-04-2024 0 2	0	2
How to call a Rest/Json service on HTML button click action from dashboard search Hi,I have a splunk search which give back the testcase_id's.I need a button which call a rest API request.Rest API in... by kig121 Loves-to-Learn Lots in Getting Data In 09-03-2024 0 5	0	5
Routing Metric events to null queue I am trying to route metric type events to a null queue to avoid indexing them but they are still coming through. An... by markhvesta Path Finder in Getting Data In 09-03-2024 0 6	0	6
issue for _time I have events from Trellix Hx appliance and i need to adjust _time of the log events because it coming as 9/3/20 and ... by KhalidAlharthi Explorer in Getting Data In 09-03-2024 0 2	0	2
How to blacklist specific events on universal forwarder? Hello, community, I need help reducing Events containing 4688 and ParentProcessName=*splunkd.exe There is an excerpt ... by DanAlexander Communicator in Getting Data In 08-30-2024 0 2	0	2
I can not see and add forwarder in Splunk enterprise. Hello,This is my first experience with Splunk as I am setting up a lab.in VirtualBox I have:VM1: Act as server: Ubunt... by Dyrock Engager in Getting Data In 08-29-2024 0 1	0	1
Additional Windows Event Logs Hello! I am trying to collect 3 additional Windows Event logs and I have added them in the inputs.conf, for example [... by UnsuperviseLeon Loves-to-Learn in Getting Data In 08-29-2024 0 5	0	5
Universal Forwarder and multiline events containing timestamps BackgroundI have a very legacy application with bad/inconsistent log formatting, and I want to be able to somehow col... by gchappel Observer in Getting Data In 08-29-2024 0 2	0	2
Are Smartstore buckets uploaded to S3 immutable? Are Smartstore buckets uploaded to S3 immutable? We've been using Smartstore for almost a year and I have never seen... by thormanrd Path Finder in Getting Data In 08-29-2024 0 4	0	4
Request for Documentation on Integrating Splunk with Azure Virtual Desktop Hello,I am currently working on project that involves integrating Splunk with Azure Virtual Desktop (AVD). Could you ... by BRFZ Communicator in Getting Data In 08-29-2024 0 0	0	0
REST input JSON event break Hello,Need an urgent help.I am using REST API Modular input and the problem is i am not able to set the parameter for... by zubairsp Explorer in Getting Data In 08-29-2024 0 4	0	4
TCP output processor has paused the data flow Hi all, hoping someone can help me. We have a number of Windows servers with the Universal Forwarder installed (9.3.0... by northernchap Observer in Getting Data In 08-29-2024 0 1	0	1
Need help with custom response handler for REST API Modular input We have below data in json format, i need help with a custom json response handler so splunk can break every event se... by zubairsp Explorer in Getting Data In 08-29-2024 0 1	0	1
Multiple Inputs on the same File Hi there,i have a file monitoring stanza on a universal forwarder where i filter using transforms.conf to only get lo... by TheEggi98 Path Finder in Getting Data In 08-29-2024 0 5	0	5
How to disable system default INDEXED_EXTRACTIONS setting on 6.x Universal forwarders? Hi, recently we upgraded all of our Universal forwaders (UFs) from various versions of 5.x to 6.1.4 We discovered th... by t9445 Path Finder in Getting Data In 08-28-2024 0 4	0	4
How to override default for INDEXED_EXTRACTIONS? According to documentation here, under the title "Clear a setting":https://docs.splunk.com/Documentation/Splunk/8.0.5... by lumpymilk Explorer in Getting Data In 08-28-2024 1 3	1	3
Ingesting csv files via inputs.conf Hi,Im currently working on ingesting 8 csv files from a path using inputs.conf on a UF.And the data is getting ingest... by Dayalss Engager in Getting Data In 08-28-2024 0 4	0	4
Fetching logs from Elasticsearch Hi,I have an Elastic DB that receive logs from various services directly and I want to send these logs to Splunk Ente... by Mojal Engager in Getting Data In 08-27-2024 0 5	0	5
From my inputs.conf not all logs are being ingested (for all the linux UFs) I have a Splunk 9.1.2 server running RHEL 8 with about 50 clients. This is airgapped environment.I have bunch of Lin... by jkamdar Communicator in Getting Data In 08-27-2024 0 7	0	7