Getting Data In

Discussions

Thread Info

Windows Last Logon against a .csv file

I am trying to search for a list of users Last Logon to Windows through SPLUNK... for an individual user I use the se...

by New Member in

How to merge and unmerge only specific cells, so that I can export results easily to Excel?

Can someone please help me in getting the search results query in above format which is needed? I had used stats comm...

by New Member in

Tutorialdata file is not uploading all files in the zip file. How to change that?

Hi there, I'm still in the early stages of setting up my Splunk. Once I have downloaded the tutorial data file, it...

by Explorer in

Splunk Integration with WorkDay

We are exploring integrating WorkDay (https://www.workday.com/) logs with Splunk Enterprise. Are there any documentat...

by Engager in

Splunk docker container limits

Hello- At dockercon I was made aware of the splunk docker container from the docker store. According to the documenta...

by New Member in

Extract single column from csv

I am trying to bring in a single column from a csv file. I also don't want to bring in any of the other columns. The ...

by Engager in

Using a Python script to call an API

Hi, I am trying to use the Sophos Central API. It uses a Python script to download the data into a file. I have su...

by New Member in

Stop Processing Long Query When No Results Found

Hello Splunk Gurus- We have noticed that a Splunk job does not end gracefully (version 6.6.3) if the post-pipe com...

by Path Finder in

what’s the best way to alert when a universal forwarder cant connect to the deployment server?

what’s the best way to alert when a universal forwarder cant connect to the deployment server? I am looking to build ...

by Contributor in

Monitoring Critical Events or Most Critical Events of Windows

Hello guys. It's maybe very stupid question. But what in your opinion, or maybe by your experience on the project/soc...

by Builder in

Symantec 14.0 and Splunk 7.0.0 (splunkd) not playing well together

Good afternoon, I have a problem with Symantec 14.0 and splunk 7 Universal Forwarder not playing well together. Whene...

by Path Finder in

Inputs hierarchy

Hello, I want to monitor a directory but within that directory is another directory which I want to index under a...

by New Member in

Bro Logs: How can I remove fields that an analyst accidentally created, and how do I fix a parsing error?

I have an analyst that was playing around trying to extract a new field. Unfortunately, he used the delimiter functio...

by New Member in

Is there an Event ID in Windows or ways to monitor privilege escalation?

To test this, I tried Control Panel > User Accounts > Change Account Type to and fro Standard account and Administrat...

by Path Finder in

Indexer hosts with shared storage

I am planning to build a Splunk 6.5.x indexer "farm" to balance the workload. The "farm" can be either a bunch of ind...

by Explorer in

Possible to retrieve all results of a completed search (by search id) using the REST api?

I'm hoping someone can prove me wrong... It looks to me as though it is not possible to retrieve all results of a ...

by Explorer in

How can I use sparkline for single value visualization?

I want to display the total event count for the current month and then compare it to the total event for the last mon...

by Contributor in

Which forwarder version should I install on Solaris 5.10?

I see the following on our server, which needs a forwarder - uname -a SunOS <hostname> 5.10 Generic_Virtual sun4v...

by Ultra Champion in

How to configure time zone settings for firewall data coming from a different timezone?

Hi All, Currently we got a request to adjust the time zone based on the Plant location from where the firewall logs a...

by Motivator in

Choosing an approach for sending metrics to Splunk

Hi, I have just started exploring Splunk. My requirement is to capture metrics from the a set of micro services...

by New Member in

Getting Data In

Discussions

Windows Last Logon against a .csv file

How to merge and unmerge only specific cells, so that I can export results easily to Excel?

Tutorialdata file is not uploading all files in the zip file. How to change that?

Splunk Integration with WorkDay

Splunk docker container limits

Extract single column from csv

Using a Python script to call an API

Stop Processing Long Query When No Results Found

what’s the best way to alert when a universal forwarder cant connect to the deployment server?

Monitoring Critical Events or Most Critical Events of Windows

Symantec 14.0 and Splunk 7.0.0 (splunkd) not playing well together

Inputs hierarchy

Bro Logs: How can I remove fields that an analyst accidentally created, and how do I fix a parsing error?

Is there an Event ID in Windows or ways to monitor privilege escalation?

Indexer hosts with shared storage

Possible to retrieve all results of a completed search (by search id) using the REST api?

How can I use sparkline for single value visualization?

Which forwarder version should I install on Solaris 5.10?

How to configure time zone settings for firewall data coming from a different timezone?

Choosing an approach for sending metrics to Splunk

Update sysmon config

Data flow/input question - see data being received...

Duplicate Siebel log events from Universal Forward...

Okta Rate Limit "skinny_users" warnings

Timezone configuration with daylight savings time