Getting Data In

Community Activity

	how to apply the props and tranforms ? Hi all,How to apply props.conf and transforms.confSample Log Data2024-09-01 12:10:22 student=Alice subject=Math score... by _Raj Explorer in Getting Data In 10-15-2025 0 2	0	2
	Parsing linux events from syslog to SC4S and Splunk Cloud. Hello,Due to the requirements of the project I am working on, all events will arrive at Splunk Cloud from SC4S. They ... by Rescudero Engager in Getting Data In 10-15-2025 0 3	0	3
	Can we perform ingest rules on cooked data? We have cooked data coming from HFs, is there a way to perform ingestion rules on this cooked data? by danielbb Motivator in Getting Data In 10-13-2025 0 2	0	2
	DNS lookup failed for "$decideOnStartup": Host not found (authoritative) When 'tail -f /opt/streamfwd/var/log/streamfwd.log' is executedWhy do I get the following message?WARN [1406107101283... by beginne_Splunk Explorer in Getting Data In 10-13-2025 0 4	0	4
	Dell PowerScale Add-on for Splunk - Configuration I am trying to fetch the Dell PowerScale metrics data into splunk via HF. I have installed the Add-On on the HF, but ... by viku7474 Explorer in Getting Data In 10-13-2025 0 2	0	2
	KVstore failed to upgrade to 7.0 from 4.2 in Splunk enterprose version 9.4.1 This is what we are getting KVStore Upgrade Status:Upgrade Status: kvstore_upgrade_abortedStart Time: Mon Oct 6 21:52... by debsili05 New Member in Getting Data In 10-11-2025 0 3	0	3
	5 year data retention bucket setup We have a requirement to have a 5 year data retention. Unfortunately, we discovered that Splunk has not been configur... by Hiattech Explorer in Getting Data In 10-10-2025 0 8	0	8
	Persistent Queue on Intermediate Heavy Forwarder Hi All,I would like to confirm whether a persistent queue can be used on an Intermediate Heavy Forwarder that receive... by tech_g706 Path Finder in Getting Data In 10-10-2025 0 1	0	1
	Opencti addon on Splunk cluster Hello, is Splunk opencti addon compatible on Splunk cluster (shc)?From 2/3 search heads we are getting this error: "2... by splunkreal Motivator in Getting Data In 10-09-2025 0 2	0	2
	Legacy windows (XP, Server 2000) log onboarding to Splunk (without UF) Hi team,Is there any way to onboard legacy windows (XP, Server 2000) logs to Splunk, without UF? Specifically non dom... by Anit_Mathew Engager in Getting Data In 10-08-2025 0 6	0	6
	Standalone SH pulling data from Indexer Clustering - but indexer time settings not being applied by default. Existing Env :1. Indexer Clustering2. Search head Clustering.For testing an Issue. I have a a standalone searchhead i... by gnagasri Observer in Getting Data In 10-08-2025 0 3	0	3
	TA-MS-AAD Signin logs missing - help! Hey gang, I'm using the Splunk Add on for Microsoft Azure to ingest AAD signin logs to Splunk under the azure:aad:sig... by KendallW Contributor in Getting Data In 10-07-2025 0 4	0	4
	Forcing sourcetype on Heavy Forwarder Hi,So I have a HF instance, which receive multiple types of syslog on many different ports. Ideally, you would have a... by Na_Kang_Lim Path Finder in Getting Data In 10-06-2025 0 17	0	17
	Universal Forwarder installation on remote host We need to install UF on remote application servers (linux/windows) but as a splunk admin, I don't have direct access... by maheshnc Path Finder in Getting Data In 10-06-2025 0 8	0	8
	we have daily ingestion of 7 TB but how do i know which source is sending how much data splunk query to find how much data is coming via hec , how much data is coming via dbconnect , how much data is comin... by deepthi5 Path Finder in Getting Data In 10-05-2025 0 3	0	3
	Db connect HTTP 400 Error I am getting below error on my dbconnect, every thing was working fineHTTP Error 400, HEC response body: {"text":"Inv... by Nawab Communicator in Getting Data In 10-05-2025 0 3	0	3
	Splunk licensing pool warning not clearing Hi,I accidentally uploaded too much data on one day (a jsonl file) and violated the 500mb limit in place for the splu... by Ghostoverflow25 Engager in Getting Data In 10-05-2025 0 5	0	5
	Splunk File Monitoring Hello Splunkers,I have a question around Monitoring a same File from different server, The situation is Server1, Serv... by mohsplunking Path Finder in Getting Data In 10-05-2025 0 2	0	2
	Integration of MS Exchange server with splunk Dear All,I need your assistance in fetching Microsoft Exchange Server logs using the Splunk Universal Forwarder.I can... by I_B New Member in Getting Data In 10-02-2025 0 2	0	2
	Issue with my search query Greeting,I am trying to identify users who have not had any activity in O365 for over 180 days, however my search is ... by GattyBiggz Loves-to-Learn in Getting Data In 10-01-2025 0 1	0	1
	Using different indexes in splunk app for jenkins Hi all;Regarding the Splunk App for JenkinsWe have multiple jenkins instances in our environment; Each project is in ... by ivohechmann Explorer in Getting Data In 09-30-2025 0 3	0	3
	How to set the _time in SC4S events to the current time/time event was recieved? Some data would be mistagged as a different time zone, or would come in very late and would miss our alarms, since th... by davidoff96 Path Finder in Getting Data In 09-29-2025 0 1	0	1
	Forwarding all logs from HF to third-party using syslog and discard tcp output to indexers My goal is to:1. Default send everything from UF agent (excluded syslog source) to syslog group: chron-autolb group.2... by frank_yin Loves-to-Learn Lots in Getting Data In 09-26-2025 0 1	0	1
	AD & DC Logs Hello Splunkers,Appreciate if anyone can help me here, I'm after a Best practices guide/ article for Windows Server L... by mohsplunking Path Finder in Getting Data In 09-26-2025 0 2	0	2
	syslog-ng configuration I need to onboard CISCO IOS switch logs with splunk, we have a syslog-ng installed on HF, could somebody explain the ... by maheshnc Path Finder in Getting Data In 09-26-2025 0 4	0	4