Getting Data In

Community Activity

Is there a dbconnect alternative that doesn't consume so much license? Is there an alternative to dbconnect for getting RDBMS data into Splunk? I'm having some errors due to moving the dat... by davel1333 Engager in Getting Data In 06-08-2019 3 5	3	5
How to parse out fields Hi, I have an XML-like (but not proper XML) feed that I need to parse. A sample is below, and I need to parse out eac... by a212830 Champion in Getting Data In 06-07-2019 1 13	1	13
Monitoring the content of a configuration file I have a client that wants to monitor a system configuration file and specifically the content of the configuration f... by u568675 New Member in Getting Data In 06-07-2019 0 4	0	4
How to calculate volume of syslog traffic on syslog-ng server I want to calculate the volume of Syslog data coming into Syslog-ng server. For example, I am forwarding proxy logs ... by jibin29 Engager in Getting Data In 06-07-2019 1 2	1	2
Why does outputlookup gives a different _time column compared to "export", in a .csv file? Hi I used SPL to get the number of logins by the hour for 1 month. The goal is to later import them into python using... by rosho Communicator in Getting Data In 06-07-2019 0 1	0	1
How to create a scheduled report for CSV export Hi All! I have following query, I want to schedule a report for this for every night. When I export this to CSV aft... by dmenon Explorer in Getting Data In 06-07-2019 0 1	0	1
How to mask sensitive data at index time? I am trying to mask PII data at index time. Here is an example of PII data I am trying to mask: RecipientSSNxxx-xx-4... by MWAKburns Engager in Getting Data In 06-07-2019 2 4	2	4
How to rename dynamic input results Sorry, I am new to Splunk. Now I use a dynamic dropdown to generate all the results, like below: index=dev-app host=... by lyf1995123 Engager in Getting Data In 06-07-2019 0 4	0	4
How to parse data for a table to display list This is what I have when I tried my search query. INFO: Found installations for 8 accounts [scheduler] "accou... by skphi13 New Member in Getting Data In 06-07-2019 0 2	0	2
Splunk Data Parse Verbose issue Hi, Currently I am having below issues : A possible timestamp match (Fri Aug 16 11:09:15 2013) is outside of the acc... by ram254481493 Explorer in Getting Data In 06-07-2019 0 5	0	5
Why are we unable to connect to Splunk Cloud from Mule? Hi, I tried using HEC and configured log4j as mentioned below in Mule, but I'm getting a connection timed out error... by mragavan New Member in Getting Data In 06-07-2019 0 2	0	2
How to count the number of duplicates detected? Hi, I want to know how many duplicates of a filename (in field Target_file) have been detected for events indexed da... by nickhaj New Member in Getting Data In 06-07-2019 0 2	0	2
Regex to pull Account Creator and Account Created from Windows Event From this Event log, I need to pull the Account Creator and Account Created as two separate tables. 6/6/19 9:2... by wilcoxj New Member in Getting Data In 06-07-2019 0 7	0	7
Is it possible to transform JSON events to be independent, then store them in another index? Hello community, once again, I need your help. I have a training source in json format in which transactions with 50... by splunksumman Explorer in Getting Data In 06-07-2019 0 3	0	3
Why are metrics producing the wrong value for host field? Hello, I deployed a Splunk APP that listens to TCP in port 7001, protocol starts with the following code: inputs.co... by diogoribeirosky New Member in Getting Data In 06-07-2019 0 8	0	8
Requests.Post CSV File contents into Splunk using HEC Hi all, I'm having issues with using the requests library in python to send the contents of a csv file to Splunk. I'... by vkannampuzha Explorer in Getting Data In 06-06-2019 0 1	0	1
How to create Search via REST api in verbose mode ? I'm firing search query via REST api to get notable events, but the search is not returning all fields available in t... by shravankumarkus New Member in Getting Data In 06-06-2019 0 19	0	19
Does the Universal forwarder collect historical windows event logs? I have installed the UF on a number of servers and I configured ti to monitor the winodws event logs (Application, Sy... by sjcoluccio67 Explorer in Getting Data In 06-06-2019 0 3	0	3
When installing Splunk UF to Solaris OS, error message: couldn't set locale correctly First time seeing this issue. Running: l locale -a l which whoami The result for this command would be as below... by 1000315118 New Member in Getting Data In 06-06-2019 0 2	0	2
Extract timestamp in Epoch (milliseconds) to date Hello, I am currently extracting a field from some event which looks like Start_Time_ms=1277221722297 My event has... by hiwell Explorer in Getting Data In 06-06-2019 3 8	3	8
How to forward logs by Index / SourceType, from Splunk to 3rd party? Is there a way to forward logs from Splunk to a 3rd Party collector by Index / SourceType? by jcolon68 Explorer in Getting Data In 06-06-2019 0 2	0	2
Splunk Cooked Data Hello, I am in the process of setting up a new TCP input to pull DNS/DHCP logs from a vendor product. This product ha... by arlombar Explorer in Getting Data In 06-06-2019 0 6	0	6
Filtering events from Docker Hello, we are successfully logging events from Docker hosts via Splunk adapter (HEC) into splunk. Problems arise wh... by JenWun New Member in Getting Data In 06-05-2019 0 2	0	2
When is old data deleted from indexes?How does frozenTimePeriodInSecs get applied Hi I have an index that has its frozenTimePeriodInSecs set to 90 days. When inspect that index with the rest command... by chris Motivator in Getting Data In 06-05-2019 0 7	0	7
Multiple Cloudwatch logs are coming into Splunk as one event I have set up logging AWS cloudwatch to Splunk using the firehose method from this Blog: https://www.splunk.com/blog... by bobmccoy Explorer in Getting Data In 06-05-2019 0 0	0	0