Getting Data In

Discussions

Thread Info

How to extract this data from the log?

Hello, I am fairly new to using splunk. I am having some trouble understanding how to extract the fields. My sam...

by New Member in

How to set timing/interval when pulling event in WinEventLog using universal forwarder?

We install Universal forwarder in Windows Server for us to pull data from [WinEventLog://Microsoft-Windows-TaskSchedu...

by Explorer in

Splunk Add on for McAfee DAM (Database Activity Monitor)

Can someone help me with an ADDON for extracting fields out of the syslog data of McAfee DAM (Database Activity Monit...

by Explorer in

How to setup to whitelist and blacklist in inputs.conf to pull data from WinEventLog?

Hi, we are trying to pull a specific data from [WinEventLog://Microsoft-Windows-TaskScheduler/Operational] but th...

by Explorer in

How to avoid influence of equal sign in text string when Splunk HEC parses JSON?

I was tring to ingest data into Splunk via HEC. One field of my data is: myKey1 = " This is my Application message...

by New Member in

Is there any other way for our Splunk environment to receive Nessus data?

Hello, I've recently upgrade from Splunk 7.0 to Splunk 9.0. One of the things that ended up breaking is the Splunk...

by Explorer in

How to calculate Percentage and Percent difference week by week?

Hi community, I am stuck on a problem where i have to calculate percentage and Percent Difference. I have...

by Path Finder in

Ignoring path="x" due to: Bug: tried to check/configure STData processing but have no pending metadata.

Hello Splunkers! Receiving the below error under splunkd.log for the UFs 08-02-2022 12:41:53.695 +0200 ERROR TailRe...

by Explorer in

How do I apply regex to filter the events in the logs?

Hi , I have logs with below format X.X.X.X. - - [02/Aug/2022:10:31:18 +0200] "GET /api/mc/v0.1/agendas/view/ba...

by Path Finder in

Help with search query

i have a list of string lets say "abc" "bcd" "def" "efg" "fgh". I want to search each of these string against a q...

by Engager in

eStreamer is sending about 12 logs per minute and each log is about 30 mg- How can I reduce the number and size of logs?

eStreamer sending about 12 logs per minute and each log is about 30 mg this is causing an issue with the license cons...

by Path Finder in

Are there any good/recent guides on setting up Sonicwall reporting?

Hello, I have a Sonicwall TZ600 with both Syslog on 514 and log autmation over to an ftp folder on the Splunk serv...

by New Member in

Help with rex- How do separate this event that came at the same time but different values?

I have an event that came in the same time but have different data values that I need to separate. Example _timeex...

by Path Finder in

Help with Field Extraction from raw data

Below is the sample input for my search BusinessIdentifier : 09 ***** MessageIdentifier : 3308b7dd-826c-4e98-...

by Explorer in

How to monitor SFTP logs on windows server using Splunk Stream?

Hi All, I'm trying to get the SFTP network data protocol logs from an SFTP server (windows server) that has a univ...

by Explorer in

Config Files location

where will i find props.conf, transforms.conf, and fields.conf. in my windows server?

by Path Finder in

Why does event timestamp appear AFTER another date?

This is my example log file: -- Daily Prod Started 7/28/2022 12:36:05 PM 0.762 sec -- BegMo='06/01/2022' 7/28/2...

by New Member in

Can we have one connect to Azure Commercial while the other connects to Azure Government event hubs?

I have been asked to check with Splunk Support on whether we can run 2 different Splunk add-ins for "Splunk Add-on fo...

by Path Finder in

How to upload CSV from UI?

Hi All, We have a requirement where the end user would be uploading CSV to our HF, and from there, jobs would...

by Path Finder in

Getting Cisco Ironport ESA data into the Common Information Model

I am having a tough time understanding how anyone is getting Cisco Ironport ESA data to map to the CIM for use in thi...

by Explorer in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to extract this data from the log?

How to set timing/interval when pulling event in WinEventLog using universal forwarder?

Splunk Add on for McAfee DAM (Database Activity Monitor)

How to setup to whitelist and blacklist in inputs.conf to pull data from WinEventLog?

How to avoid influence of equal sign in text string when Splunk HEC parses JSON?

Is there any other way for our Splunk environment to receive Nessus data?

How to calculate Percentage and Percent difference week by week?

Ignoring path="x" due to: Bug: tried to check/configure STData processing but have no pending metadata.

How do I apply regex to filter the events in the logs?

Help with search query

eStreamer is sending about 12 logs per minute and each log is about 30 mg- How can I reduce the number and size of logs?

Are there any good/recent guides on setting up Sonicwall reporting?

Help with rex- How do separate this event that came at the same time but different values?

Help with Field Extraction from raw data

How to monitor SFTP logs on windows server using Splunk Stream?

Config Files location

Why does event timestamp appear AFTER another date?

Can we have one connect to Azure Commercial while the other connects to Azure Government event hubs?

How to upload CSV from UI?

Getting Cisco Ironport ESA data into the Common Information Model

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

SSL: UNKNOWN_PROTOCOL Error with Gitlab Auditor TA

Help with MSSQL JDBC driver incompatibility error?

How to configure Azure functions to pass the loggi...

Is it possible to send Jenkins custom logger to Sp...

Why do I receive SSL alert number 40 with selfsign...