Getting Data In

Discussions

Thread Info

Splunk not indexing text file

Hi all, i have a simple splunk app that monitors a folder and indexes a text file that is overwritten every hour. It ...

by Loves-to-Learn Lots in

Script

Hello Guys, I want one as shell script in which i want to extract only sourcetype name and TIME_FORMAT attribute fr...

by Communicator in

Re-index data

How do I get the data re-indexed to same sourcetype which I deleted using the delete command. for eg. let...

by Explorer in

Splunk Input from S3

I am quite new to the Splunk currently Working on getting data from S3 file into Splunk. File Constraints -> 1) F...

by Explorer in

uf install didn't create inputs.conf

Hi, I installed a UF on a windows server, and asked it to monitor Forwarding Events, but I don't see anything crea...

by Champion in

How do I set the CRON job for scripted inputs so that the timezone is not UTC?

Hello, I have a scripted input with a CRON set to 50 5-23 * * * so that it "sleeps" between the hours of midnight a...

by Builder in

Monitor twice the same directory

Hello, i have syslog-ng running and got all my syslog messages from my access points and cisco switches to the same...

by Path Finder in

Splunk TA Stream ipv6

Has anyone tested 'streamfwd' for ipv6 ? .. /opt/splunkforwarder/etc/apps/Splunk_TA_stream/linux_x86_64/bin/strea...

by Engager in

Monitor CPU cores of a Linux machine

Hi, I have a Linux machine running on Centos 6.10 with a quad-core processor (16 threads) On Spl...

by Explorer in

Field extraction for custom waf log

Hello everyone, I am struggling with extracting the fields of a custom WAF log file as there is no sourcetype that ...

by Path Finder in

How to determine you "host" name for an HEC endpoint

Sorry for the newbie question, but I can't seem to figure out how to use HEC. I am using a free cloud account. I firs...

by Explorer in

ssl module is not available

Hi, When trying to call some rest API's in a custom script using the request package, if the URL is https Splunk th...

by New Member in

How to ingest AWS RDS - MS SQL DB Audit logs in Splunk?

Hi, I am looking for a solution to ingest AWS RDS - MS SQL DB Audit logs in Splunk. This is for a production Datab...

by New Member in

Direct syslog forwarding from Isilon to Splunk

I am trying to setup syslog forwarding from Isilon Cluster to Splunk server ... I have done the following steps as pe...

by Observer in

why i am getting this error "The search you requested could not be viewed"

i am receiving the splunk alerts from the mail after that when i click on the "view result" i am getting this error...

by Engager in

Scripts Directory & upgrades

Do the scripts you place in opt/splunk/bin/scripts Remain persistent even after upgrades? Can someone provide docum...

by Builder in

How do I trigger the re-indexing of events from a locally collected Windows Event Log channel?

I would like to force the re-indexing of events in a local Windows Event Log channel, let's say "Security". I have tr...

by Splunk Employee in

Possible way to receive /consume Email in Splunk and interpret them as an event

Hi All, I am searching App/Add-on to consume or receive the Email in Splunk cloud. Here is my use case - I have a...

by Engager in

Event breaking does not work for SMS debug and SMPP debug logs

Hi , I am trying to break events which are merging for SMS and SMPP logs. only the events with binary codes are b...

by Observer in

TLS on HEC ends with RST every time.

Hello there. While troubleshooting a completely other issue I noticed that if I try to send data to HEC input, ever...

by Path Finder in

Getting Data In

Discussions

Splunk not indexing text file

Script

Re-index data

Splunk Input from S3

uf install didn't create inputs.conf

How do I set the CRON job for scripted inputs so that the timezone is not UTC?

Monitor twice the same directory

Splunk TA Stream ipv6

Monitor CPU cores of a Linux machine

Field extraction for custom waf log

How to determine you "host" name for an HEC endpoint

ssl module is not available

How to ingest AWS RDS - MS SQL DB Audit logs in Splunk?

Direct syslog forwarding from Isilon to Splunk

why i am getting this error "The search you requested could not be viewed"

Scripts Directory & upgrades

How do I trigger the re-indexing of events from a locally collected Windows Event Log channel?

Possible way to receive /consume Email in Splunk and interpret them as an event

Event breaking does not work for SMS debug and SMPP debug logs

TLS on HEC ends with RST every time.

Using Splunk Universal Forwarder and scripted inpu...

why Splunk is not able to index all the data from ...

Monitor Server Transaction Log File (.ldf) on Splu...

Collect Perfmon counters data for ASP.NET & Paging...

Splunk eStreamer for FMC version 4.011 setup page...