Getting Data In

Community Activity

Universal Forwarder and multiline events containing timestamps BackgroundI have a very legacy application with bad/inconsistent log formatting, and I want to be able to somehow col... by gchappel Observer in Getting Data In 08-29-2024 0 2	0	2
Are Smartstore buckets uploaded to S3 immutable? Are Smartstore buckets uploaded to S3 immutable? We've been using Smartstore for almost a year and I have never seen... by thormanrd Path Finder in Getting Data In 08-29-2024 0 4	0	4
Request for Documentation on Integrating Splunk with Azure Virtual Desktop Hello,I am currently working on project that involves integrating Splunk with Azure Virtual Desktop (AVD). Could you ... by BRFZ Communicator in Getting Data In 08-29-2024 0 0	0	0
REST input JSON event break Hello,Need an urgent help.I am using REST API Modular input and the problem is i am not able to set the parameter for... by zubairsp Explorer in Getting Data In 08-29-2024 0 4	0	4
TCP output processor has paused the data flow Hi all, hoping someone can help me. We have a number of Windows servers with the Universal Forwarder installed (9.3.0... by northernchap Observer in Getting Data In 08-29-2024 0 1	0	1
Need help with custom response handler for REST API Modular input We have below data in json format, i need help with a custom json response handler so splunk can break every event se... by zubairsp Explorer in Getting Data In 08-29-2024 0 1	0	1
Multiple Inputs on the same File Hi there,i have a file monitoring stanza on a universal forwarder where i filter using transforms.conf to only get lo... by TheEggi98 Path Finder in Getting Data In 08-29-2024 0 5	0	5
How to disable system default INDEXED_EXTRACTIONS setting on 6.x Universal forwarders? Hi, recently we upgraded all of our Universal forwaders (UFs) from various versions of 5.x to 6.1.4 We discovered th... by t9445 Path Finder in Getting Data In 08-28-2024 0 4	0	4
How to override default for INDEXED_EXTRACTIONS? According to documentation here, under the title "Clear a setting":https://docs.splunk.com/Documentation/Splunk/8.0.5... by lumpymilk Explorer in Getting Data In 08-28-2024 1 3	1	3
Ingesting csv files via inputs.conf Hi,Im currently working on ingesting 8 csv files from a path using inputs.conf on a UF.And the data is getting ingest... by Dayalss Engager in Getting Data In 08-28-2024 0 4	0	4
Fetching logs from Elasticsearch Hi,I have an Elastic DB that receive logs from various services directly and I want to send these logs to Splunk Ente... by Mojal Engager in Getting Data In 08-27-2024 0 5	0	5
From my inputs.conf not all logs are being ingested (for all the linux UFs) I have a Splunk 9.1.2 server running RHEL 8 with about 50 clients. This is airgapped environment.I have bunch of Lin... by jkamdar Communicator in Getting Data In 08-27-2024 0 7	0	7
Trouble with Azure AD SSO to F5 SP- Issue with 150 group limit We are trying to get Azure AD SSO to Splunk working but we have AD users that contain more than 150 group memberships... by davidstuffle Path Finder in Getting Data In 08-27-2024 2 10	2	10
Problem with indexes except main I installed cisco network add-on, but only main index work and I cannot store log in another index by RezaET Observer in Getting Data In 08-27-2024 0 6	0	6
SendGrid Implementation We are on Splunk Cloud 9.1Has anyone successfully been able to ingest data from sendgrid into splunk? It looks like t... by Vosstro Observer in Getting Data In 08-26-2024 0 0	0	0
splunk didn't ingested all json-objects I have a json-File with with 23.904 objects in it. They are all like: { "1.Entry": "1.Data", ... "44.Entry": "4... by a101755 Explorer in Getting Data In 08-26-2024 0 7	0	7
Is there a way to have splunk filter read values externally? We want to limit the ingestion of data that is coming from some sources (in this case the value would be in Propertie... by salavi Observer in Getting Data In 08-26-2024 0 6	0	6
Invalid key within a stanza? Is there a way to get a list of valid keys for a stanza?For example: If you get "Invalid key in stanza" for something... by jaburke1 Path Finder in Getting Data In 08-26-2024 0 5	0	5
Why is Splunk_TA_nix generating a lot of DateParserVerbose - A possible timestamp match warnings I'm using the Splunk TA for linux to collect serverlogs.Some backgroundLooking in the "_internal" log I am seing a lo... by fatsug Builder in Getting Data In 08-26-2024 0 6	0	6
How do I get Splunk to limit the Windows file path to under 260 characters? Getting the following Error on one of our clustered indexers (and similar ones on the other indexers): 10-26-2016 16:... by michael_schmidt Path Finder in Getting Data In 08-25-2024 1 21	1	21
Universal Forwarder not sending Directory Service and other logs. I have uploaded a Universal Forwarder to my Windows VM and configured both the inputs.conf and outputs.conf. I can co... by nmenon1215 New Member in Getting Data In 08-23-2024 0 6	0	6
Extract Fields Hi guys when I extract a selected event it doesn't show all data in event that I need to extracted by kareem Explorer in Getting Data In 08-22-2024 0 1	0	1
rsyslog forwarding without header hi ninjas im currently dealing with some logs beeing forwarded over syslog to a 3rd party system. The question here ... by claudio_manig Communicator in Getting Data In 08-22-2024 1 3	1	3
How to handle multiple timezone when getting the paloalto firewall logs in? Hello Guys,We have paloalto firewalls with different timezone settings. For the ones which is not in the same timezon... by Iris_Pi Path Finder in Getting Data In 08-22-2024 0 6	0	6
Any S3 input could support parquet format? Hi, I met an input issue about s3, which stays not in a aws security lake. Is that possible to use Splunk addon for a... by xmeng Loves-to-Learn Lots in Getting Data In 08-21-2024 0 3	0	3