Getting Data In

Community Activity

How to blacklist data containing specific words I have found that there are lots of syslog contains "Log statistics", which is log statistic data of syslog. Splunk ... by bli_scs New Member in Getting Data In 06-13-2019 0 1	0	1
How to trigger script with arguments from Splunk search? I was able to make splunk send alert to my abc_pythonscript correctly after configuring commands.conf \| makeresults... by koshyk Super Champion in Getting Data In 06-13-2019 1 8	1	8
Virtual Hard disk for Indexer Hello Splunkers I have an Indexer Cluster setup on Azure(Splunk Enterprise) Platform. My indexer VM instance has 100... by aruncp333 Explorer in Getting Data In 06-12-2019 0 1	0	1
How does WinNetMon determine RemoteHostName i'm trying to figure out how/when/where Splunk resolves the RemoteHostName field in WinNetMon. I assume this is done... by templets Path Finder in Getting Data In 06-12-2019 0 0	0	0
Is anyone using splunk to monitor NIFI logs in AWS? I have a few nifi nodes (on EC2 instances) running in AWS. I use nifi to process data into s3. I am looking for a wa... by Log_wrangler Builder in Getting Data In 06-12-2019 0 2	0	2
How to index same source to multiple indexes Hi there. I have a great problem with Splunk 7.x.x. What I need: indexing the SAME SOURCE to 2 or more indexes... NO ... by verbal_666 Builder in Getting Data In 06-12-2019 0 8	0	8
How can I keep an event AND get a metric at index time? All, I see a few examples on convert an event received into a metric. Is there a way to say keep an apache log and ... by daniel333 Builder in Getting Data In 06-12-2019 0 2	0	2
hot/warm buckets hi all, I have seperate drive for my hot/warm and cold data. The hot/warm drive is near capacity. Looking to find a... by pbrinkman Path Finder in Getting Data In 06-12-2019 0 2	0	2
Can you migrate Indexes to a new Splunk environment and give them a new name? Hi I'm about to migrate data from an old stand alone indexer, to a new one. Is it possible to migrate the data to i... by Stokers_23 Explorer in Getting Data In 06-12-2019 0 1	0	1
Create alert to show possible shared passwords Need to create a query to be able to pull data and show when someone has either swiped in from key card reader, logge... by dmws New Member in Getting Data In 06-12-2019 0 3	0	3
Docker container Splunk unable to assign or use privileged ports under 1024, ignore NET_BIND_SERVICE ? Splunk 7.3.0 docker -v Docker version 18.09.6, build 481bc77156 cat /etc/centos-release CentOS Linux release 7.6.181... by deodion Path Finder in Getting Data In 06-11-2019 1 0	1	0
Splunk_TA_Windows 6.0.0 Metrics index? All, I am currently a Splunk_TA_windows 4.8x customer and source="Perfmon:Process" is just destroying my disk space... by daniel333 Builder in Getting Data In 06-11-2019 0 1	0	1
Why is Splunk not extracting all fields in JSON? Hi, I don't understand why Splunk show the field tag in List view and not in view Raw and Table. Also, this field i... by LordSnooz Explorer in Getting Data In 06-11-2019 0 8	0	8
How to ingest Cyberark logs in Splunk? Is there a published method or documentation on how to ingest Cyberark logs? Thanks, Jan Clairmont 302-669-9972 by janclairmont New Member in Getting Data In 06-11-2019 0 5	0	5
How to avoid "ERROR WinEventLogChannel - saveCheckpointStr: Failed to rename checkpoint file" when monitoring a folder with .evtx files? I have a folder with some .evtx files from another machine that I need to get forwarded and indexed into splunk. The ... by cas_systems New Member in Getting Data In 06-11-2019 0 2	0	2
Compare/calculate with current date Hi, I want to create automatic obsolecance reports in Splunk. I grab the info from a database. There is a collum tha... by quadealexander Explorer in Getting Data In 06-11-2019 0 2	0	2
How to eliminate events with ">Debug" Trying to eliminate logs that start with ">Debug". Must be missing something with my logic. All the data has a sour... by joesrepsolc Communicator in Getting Data In 06-11-2019 0 13	0	13
Data validation across multiple deployments Hi, We have old Splunk architecture which we will be retiring. New architecture is in place. We have configured data... by mbasharat Builder in Getting Data In 06-11-2019 0 2	0	2
splunk stress test Hello i want to perform performance testing to my splunk environment is there a good way to make stress tests ? i w... by sarit_s Communicator in Getting Data In 06-11-2019 0 3	0	3
Extract date from Filename source Hi in my events I am getting time which is extracted correctly by Splunk for _time timestamp and for date extraction ... by ips_mandar Builder in Getting Data In 06-10-2019 0 11	0	11
Can the HTTP Event Collector provide the channel identifier in the Splunk events We are sending data to the HTTP Event Collector raw endpoint from multiple systems, but we have no control over the d... by redbugz New Member in Getting Data In 06-10-2019 0 1	0	1
Reference values in CSV versus hardcoding search query for desired results It is possible to have Splunk reference values inside a CSV file at search time? This is much needed as I'm currently... by orion44 Communicator in Getting Data In 06-10-2019 0 5	0	5
How to use line breaking for sample data? Hi, How to use line breaking to break events before TBD, new event starts with TBD. sample data: ABC11231~ CFFG... by knalla Path Finder in Getting Data In 06-10-2019 0 2	0	2
How to parse out a single line following a static line in a java stack trace? Hello, I am new to Splunk and attempting to parse and display a single line of text from a java stack trace captured... by enkidu999 New Member in Getting Data In 06-10-2019 0 4	0	4
Reconfigure how timestamps appear in raw data I have a date in a column with the name of Date and Time. The current format is 02/04/19 12:50:49, but it really sho... by sheaross Explorer in Getting Data In 06-10-2019 0 13	0	13