Getting Data In

Community Activity

Send Mainframe logs to Splunk? Dear, I ask you guys for help on how to send Mainframe logs to Splunk? What events are more important collect the P... by jfeitosa Path Finder in Getting Data In 04-17-2019 1 19	1	19
New install of UF windows, splunkd.log says "sock_error = 10054. SSL Error = No error" I just installed a new UF on a Windows VM, and I'm getting an error that connection to the host failed, with "sock_er... by gregbo Communicator in Getting Data In 04-17-2019 0 1	0	1
How do I capture the output of a script from a scripted input? All, I have a script which I'd like to capture the output from. I assumed that as long as I had it started by my sp... by daniel333 Builder in Getting Data In 04-17-2019 0 3	0	3
Is there a way to index Avro files in Splunk? Hi Splunkers, I am in an odd pickle here. So, I am ingesting data from Amazon Web Services (AWS) to my Splunk ins... by djain Path Finder in Getting Data In 04-17-2019 0 1	0	1
Monitor bandwidth with Netflow I am newbie. I was config netflow on router, and then send netflow to logstash index netflow. Next, logstash send dat... by daoloan New Member in Getting Data In 04-17-2019 0 0	0	0
How to query a CSV file from another CSV file? Hi I have 2 CSV file in lookups directory : The first CSV is called "host.csv" and has a field called "host" which c... by jip31 Motivator in Getting Data In 04-17-2019 0 9	0	9
Splunk Universal Forwareder porformance impact Hello. Do you know if exist a table, web page, benchmark or paper where the impact to performance for the appliance... by aaronhernandez Explorer in Getting Data In 04-16-2019 0 2	0	2
How to use the timestamp from a file name at index time? hello I have log files that does not contain timestamp i want splunk to take the time stamp from the file name file ... by sarit_s Communicator in Getting Data In 04-16-2019 0 5	0	5
How to get comma separated list of values? Hi, Here's my query: index=uplynk slice_played isLive=1 channelID=8f88881faa334ab59484e999c6c5c318 \| stats dc(play... by moizmmz Path Finder in Getting Data In 04-16-2019 1 5	1	5
How to remove duplicate values based on condition Hi, I am getting duplicate values I want to remove duplicate values where the condition will match. Example date--... by Laya123 Communicator in Getting Data In 04-16-2019 0 3	0	3
Hostname and IP address,Hostname and IP to be sent to Splunk Hello, We are sending data to a 3rd party raw, they want the IP of the sending host not the hostname, does splunk h... by lukessi Path Finder in Getting Data In 04-16-2019 0 0	0	0
Is there an app for Splunk that onboard data from mailboxes? Hi, I know there is an Exchange app for Splunk, and it covers a few different use cases, such as performance, usage,... by RobertEttinger8 Explorer in Getting Data In 04-16-2019 0 1	0	1
Can you reload new inputs.conf stanzas on a UF without restarting the Daemon? I noticed you can reload the inputs stanzas on a forwarder via this API endpoint: /services/data/inputs/monitor/_rel... by thisissplunk Builder in Getting Data In 04-16-2019 0 2	0	2
How to use env variables usage in inputs.conf? Hello, I would like to use the Unix/Windows env variables in my inputs.conf, e.g. like below: ... ### App server # ... by damucka Builder in Getting Data In 04-16-2019 0 1	0	1
how to create a table to show port status of Cisco switch? Cisco has been configured and sent syslog to Splunk as follows: I would like a table to show port status of Cisco s... by splunkbeginner Engager in Getting Data In 04-16-2019 0 8	0	8
timeparsing issue for sourcetype I have data like below:- Log file created at: 2019/03/24 17:56:14 Running on machine: F8976GMac Log line format: [IW... by juhisaxena28 Explorer in Getting Data In 04-15-2019 0 5	0	5
What Windows Event Codes track WMI activity We are wondering if there is any Windows Event that captures execution of WMI from a remote host. Since you can remo... by wbfoxii Communicator in Getting Data In 04-15-2019 0 6	0	6
Can you give me some advice on expanding my Splunk systems? Hi all, I want to check if anyone has any experience on expanding your Splunk system. The below is my situation. No... by quahfamili Path Finder in Getting Data In 04-15-2019 1 9	1	9
How can we read from a mongoDB table? Can we read from a mongoDB table? We need to do it from within Splunk - is it possible? Preferably it should end up i... by ddrillic Ultra Champion in Getting Data In 04-15-2019 0 2	0	2
How to print multiple JSON root elements? Hi, I've data like this { "container_id":"0fce97fd907a806802eab9b27965dd35dd82bbe142d128294b34b8a8a2e42f23", "conta... by amirrachman Engager in Getting Data In 04-15-2019 0 9	0	9
How to install splunk app for linux without installing the universal forwarder? Can I use splunk app for linux without installing universal forwarder on each linux host I need their logs? by sabaKhadivi Path Finder in Getting Data In 04-15-2019 0 3	0	3
Collecting Windows Events via A Forwarder but Groups are not being resolved Hello I am collecting Windows Events using Windows Events Forwarding. On the Windows Event Collector I have a univer... by davidwaugh Path Finder in Getting Data In 04-15-2019 0 1	0	1
How to use date in filename as the timestamp for each event? I need to index files that are summaries of data for a particular day. The data within the file is basically csv for... by lyndac Contributor in Getting Data In 04-15-2019 0 9	0	9
Configuring udp with multiple ipaddress Hi, I would like to configure my inputs.conf with udp on port 514. Like below: udp://[remote_server]:[port_number] ... by santosh_hb Explorer in Getting Data In 04-15-2019 0 5	0	5
How to feed syslog of another Cisco device to Splunk? There are two Cisco devices; I call them “1st IP” and “2nd IP” hereafter. I have managed to configured and send sysl... by splunkbeginner Engager in Getting Data In 04-15-2019 0 0	0	0