Getting Data In

Community Activity

Can you help me with some Windows DNS log parsing issues? I am trying to ingest Windows DNS trace logs to Splunk. The Windows servers running the DNS service are running local... by mnamestnik Explorer in Getting Data In 04-12-2019 0 2	0	2
Splunk Blacklist not working on log files containing .info. Hi Splunk community, I have created a custom monitor that I hoped would "blacklist" and exclude from indexing all fi... by rorymcdonald060 Engager in Getting Data In 04-12-2019 0 0	0	0
TrendMicro ServerProtect Logs? Anyone have any luck getting TrendMicro ServerProtect logs? The logs appear to be stored in binary format. by ldnail_at_TI Path Finder in Getting Data In 04-12-2019 0 3	0	3
Unable to get the firewall data in splunk from syslogs server? How to troubleshoot this issue. Hi All, Currently got a request to ingest the newly configured Paloalto device data into splunk. Configured syslog-n... by Hemnaath Motivator in Getting Data In 04-11-2019 1 9	1	9
Has anyone encountered "Enabling dead letter queue is required for the SQS queue in this input" when creating an input for ELB Access Logs? When trying to create an input for ELB Access Logs --> SQS Based S3, I'm receiving a warning, "Enabling dead letter q... by rroman23 Engager in Getting Data In 04-11-2019 3 1	3	1
How is data handled with indexes.conf when the index is removed? Hello! I stumbled across something interesting today while removing a test indexer from a deployment server. It remo... by matthewssa Path Finder in Getting Data In 04-11-2019 1 1	1	1
Why can't I add a stylesheet and script to my simple xml dashboard? I have a simple XML dashboard that is calling two stylesheets and two scripts: <form stylesheet="styleA.css, styleB.... by matstap Communicator in Getting Data In 04-11-2019 0 2	0	2
splunk doesnt return all the results using rest api I'm retrieving data from Splunk using rest API via production port 8980, on the GUI I can see 770 events when I retri... by ikenahim New Member in Getting Data In 04-11-2019 0 1	0	1
Importing validated JSON (RFC 4627) does not split events Hi, we have a service which is showing details for he latest last 10 executed jobs in a JSON (RFC 4627) format. I alr... by timodellai New Member in Getting Data In 04-11-2019 0 1	0	1
Multiple wildcards for file path in inputs.conf I need to monitor a file under multiple similar paths, the full path can be dynamic so putting absolute path is not a... by budimaos Engager in Getting Data In 04-10-2019 0 0	0	0
What is the best way to ingest 300gb csv to splunk? I tried ingesting it using add oneshot then midway through it, splunk suddenly stops. Aside from splitting the file,... by rajyah Communicator in Getting Data In 04-10-2019 1 3	1	3
How to check if the indexer has indexed my data or not ? I recently did a splunk confugiration. When I do a "splunk list monitor" on the forwarder , I see the logs are gettin... by joydeep741 Path Finder in Getting Data In 04-10-2019 0 5	0	5
How to exclude specific time ranges in search results I have a datasource which contains availability statistics from an application. I also have a predetermined maintenan... by jedatt01 Builder in Getting Data In 04-10-2019 4 4	4	4
How do I configure Splunk to filter out events I don’t want to index? A lot of the Windows Security Events we see in Splunk, come from system-users that we're not interested in. I know th... by mctester Communicator in Getting Data In 04-10-2019 4 3	4	3
Metrics Index - How to get metric_searchtime field value in search result I uploaded a csv file in metric index. I can see index's data there is no issue in that. My query is: I want to get ... by shadabgaur New Member in Getting Data In 04-10-2019 0 3	0	3
Rest API Modular Input: Exception performing request: I try to use the REST API to pull down data from Instagram. Everything seems to be ok, we can receive data, but only ... by swaro_ck Path Finder in Getting Data In 04-10-2019 2 5	2	5
How do you manage inputs.conf? We have more than 100 applications in our deployment. Sometimes a log path/name is changed or added on the server sid... by alanzchan Path Finder in Getting Data In 04-10-2019 0 5	0	5
Latest App installed on UF Hi, Greetings! Please help me with below queries When was the latest app installed on a UF with time and app nameW... by EHariharan Explorer in Getting Data In 04-10-2019 0 0	0	0
Input gzipped csv files Hey Guys, I found a few answers regarding my question but I'm still not sure how to handle this situation. I want to... by hypePG Path Finder in Getting Data In 04-10-2019 0 2	0	2
Blacklisting EventCode=5156 with Source_Port=8 I am trying to blacklist Windows Security event ID 5156 with source port number 8, but does not seem working. Could ... by nathanpyun Explorer in Getting Data In 04-09-2019 1 7	1	7
How does _TCP_ROUTING work in inputs.conf? We soon will be required to send our Windows Event Security logs to a separate Splunk sever owned by our organization... by JarrettM Path Finder in Getting Data In 04-09-2019 0 8	0	8
Python Keeping a Rolling Window of Events For our solution, we need to index a number of events, but delete the events when they get too old. In our implement... by trenin Explorer in Getting Data In 04-09-2019 0 0	0	0
Split a nested json array with key/value pairs at index time I am searching for a way to split an json array at index time with key value pairs. Raw Data: {"Source":"192.16.0.... by loeweps Explorer in Getting Data In 04-09-2019 0 6	0	6
REST API POST - Saved Search Email Message parameter There doesn't seem to be a parameter for actually setting a body message for an email when a saved search alert is tr... by olitod New Member in Getting Data In 04-09-2019 0 0	0	0
JSON is truncated as soon a timestamp is found I'm trying to read a json file generated by a ps1 script on Windows, but the UF keep truncating the json as soon it f... by nicolociraci New Member in Getting Data In 04-09-2019 0 0	0	0