Getting Data In

Community Activity

json data extraction further into fields Hi All, My base search has a field "msg" , that contain below json data. {"level":50,"time":1550758285865,"msg":"va... by dhirendra761 Contributor in Getting Data In 03-07-2019 0 6	0	6
Sending UF feed to two different Splunk instances, with two different index names. In my company there are smaller sub-companies (essentially) which have their own smaller Splunk instances. At the to... by splunkadunk5 Explorer in Getting Data In 03-07-2019 0 5	0	5
How to get rid of __mv_* fields in alert.results .csv file? The alert.results csv file has __mv_field name for every field added in the search. Is there is a way to stop these f... by patilsonali1729 Path Finder in Getting Data In 03-07-2019 0 1	0	1
Can I monitor a file with extension .splunk? Trying to monitor a file that ends with .splunk but for some reason splunk will not index it. Only when I change the ... by btawiah Explorer in Getting Data In 03-07-2019 0 1	0	1
How to track the value in memory leaks in Windows Server? Hi, We are trying to fin out memory leaks in windows servers, We are trying to track the Value of the counter Virtua... by omprakash9998 Path Finder in Getting Data In 03-07-2019 0 0	0	0
How long is the value of a field greater than X? Hi, we are trying to calculate for how long is the Value greater than 90%. We want to get the first time when the va... by omprakash9998 Path Finder in Getting Data In 03-07-2019 0 8	0	8
not receiving log SNMP traps 1- We have configured the router with the following commands snmp-server enable traps snmp-server host 192.168.1.111... by sec_team_albara New Member in Getting Data In 03-07-2019 0 3	0	3
UF install error ? Hello, When trying to install the univeral forwarder 7.2.3 windows 64bits on windows Server 2012 we are receiving cod... by sec_team_albara New Member in Getting Data In 03-07-2019 0 2	0	2
Loading custom javascript in custom app Hi all, I created a custom app from the "sample app" template. I put a application.js file in the appserver/static f... by JacobPN Path Finder in Getting Data In 03-06-2019 0 8	0	8
Can I set Time Zone by role Can I set Time Zone by role by JackNobrega Explorer in Getting Data In 03-06-2019 0 2	0	2
Due-diligence or setup to ensure UDP syslog messages are not lost Hello everyone, It's simple enough - Switches, Routers, Servers - all sending UDP syslog messages to a single point.... by emille Engager in Getting Data In 03-06-2019 0 3	0	3
What's the best way to parse GC logs? We would like Splunk to automatically parse our GC logs and we found a wiki link on configuring props.conf to do so a... by ddrillic Ultra Champion in Getting Data In 03-06-2019 0 4	0	4
What's the best way to get Windows Perfmon data into a Metrics Index? The question pretty much sums it up. I am wanting to get PerfMon data into a Metrics index and have been banging my... by Tohrment Path Finder in Getting Data In 03-06-2019 0 11	0	11
Splunk Stream with Netflow Data I have the data coming into the system, I see the Stream addon manipulating the data to look a specific way. Though t... by Crashfry Path Finder in Getting Data In 03-06-2019 1 0	1	0
External Lookup not passing argument contents to script I have a external lookup that is not passing the search argument data to the script driving the lookup. Here is my... by chartin New Member in Getting Data In 03-06-2019 0 0	0	0
Can deployment server upgrade universal forwarders yet? Reading and reading and all I see is using the deployment server to update forwarders with apps and such. Is it st... by nls21 Explorer in Getting Data In 03-06-2019 3 5	3	5
How to collect "Analytic and Debug logs" from Windows Event Log? Hi. I am trying to get Splunk to read an "AD FS 2.0 Tracing/debug" log. When looking at the log in the Windows event... by las Contributor in Getting Data In 03-06-2019 0 5	0	5
JSON files truncated in index time (I think) Hello, I'm having problems parsing our client's JSON events. When I add them locally with the Add data menu, it wor... by 3DGjos Communicator in Getting Data In 03-06-2019 0 7	0	7
Why my current index size is larger than the max index size? Hello guys, I want to discover things about indexes, so I created and index and I gave ita maximum size of 20MB, my c... by tchaeunsang1 New Member in Getting Data In 03-06-2019 0 2	0	2
data stop getting indexed for couple of hours Hello, we have problems with some log files which are randomly don't get indexed for a couple of hours. There is no ... by Paul1896 Path Finder in Getting Data In 03-06-2019 0 11	0	11
Delay in logs from Incapsula to S3 Bucket Morning Guys, We are currently having an issue with our Incapsula WAF sending logs to our AWS s3 Bucket with a delay... by brewster88 New Member in Getting Data In 03-06-2019 0 1	0	1
Unable to execute script on universal forwarder due to permission issue I am trying to install UFs on a number of hosts using the below script got from one of the post in this forum, #!/b... by damode Motivator in Getting Data In 03-05-2019 0 1	0	1
set deploy-poll via rest I fail to see in the docs how you can delete/edit/set the deploy-poll setting via REST. Anyone knows how to? by dominiquevocat SplunkTrust in Getting Data In 03-05-2019 0 2	0	2
In a CSV file, how do you sort date and time separately? hi! I have a CSV file that indicates Date and Time in one column and is displayed like this 2019/03/05 17:05:04 I w... by mdmaala Communicator in Getting Data In 03-05-2019 0 6	0	6
Migrating Single-site Indexer Cluster Splunk Enterprise from Windows to Linux Greetings, I need help to understand which steps I have to take in order to migrate my Splunk environment from Windo... by atizon New Member in Getting Data In 03-05-2019 0 5	0	5