Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
sboogaar

How do you assign values to a variable based on a name in a nested JSON?

We are working with the following JSON: { "datapoints": [ { "name": "filesystem.inode.total1", ...
by sboogaar Path Finder in Getting Data In 02-10-2019
0 7
0
7
emdeex

How to get Splunk to fetch JSON data from Enphase REST API?

Hi All, I'm brand-new to Splunk, just found it... Enphase (www.enphase.com) is a manufacturer of Solar PV Micro-Inve...
by emdeex New Member in Getting Data In 02-10-2019
0 5
0
5
martin_mueller

Modify _raw, collect into second index - how to best retain host, source, sourcetype?

First off, TL;DR: How to best anonymize/hash/encrypt parts of _raw while keeping everything else as-is? I've got var...
by SplunkTrust SplunkTrust in Getting Data In 02-10-2019
4 4
4
4
jonsaenz

s3 add-on adding data

Splunk is installed s3 add-on is installed. I have gone to data inputs and added the amazon s3 bucket we wanted. How...
by jonsaenz Engager in Getting Data In 02-09-2019
2 4
2
4
sboogaar

Split json into multiple events and sourcetype

Lets say I have the following json data onboarded. { "slaves": [{ "id": "1234", ...
by sboogaar Path Finder in Getting Data In 02-08-2019
0 1
0
1
kmarciniak

Can you explain Indexer functionality with inputs.conf configured for /var/log/?

I have Indexers in a cluster running Splunk_TA_nix. I'm monitoring /var/log in inputs.conf. I can see the log events ...
by kmarciniak Path Finder in Getting Data In 02-08-2019
0 4
0
4
xfaith

Can you help me figure out how to use UDP to transmit data from one heavy forwarder to another heavy forwarder?

I'm trying to set up a test environment to be used in production. Will be taking data from another Splunk heavy forw...
by xfaith New Member in Getting Data In 02-08-2019
0 3
0
3
ManchitMalik

Blocked Queue on Splunk HF

hi, I can see blocked=true in metrics.log of Splunk heavy forwarder. Blocked Queues are: typingqueue, aggqueue, parsi...
by ManchitMalik Explorer in Getting Data In 02-08-2019
0 2
0
2
rjulie

initcrc error

hi, I have a lot of error when splunk try to decrompess .gz files my inputs.conf : [monitor://D:\xxxxxx\] source ...
by rjulie New Member in Getting Data In 02-08-2019
0 1
0
1
maggietempleton

How to parse JSON within Docker JSON?

Hello, I've been trying to parse logs from Docker and used this Splunk answer (https://answers.splunk.com/answers/61...
by maggietempleton Engager in Getting Data In 02-08-2019
1 4
1
4
venkataharish

which mechanism used in indexers ?

Hello guys, Recently i have interviewed with a question like, which service or mechanish is used to get data form ...
by venkataharish New Member in Getting Data In 02-08-2019
0 1
0
1
ankithreddy777

Sending data from one UF to other UF

Can we send cooked data from one universal forwarder to other Universal Forwarder by enable [splunktcp] on receiving ...
by ankithreddy777 Contributor in Getting Data In 02-08-2019
0 8
0
8
fxyfrank_acn

What are the sequence of execution transforms across different stanza and locations?

Hi, We want to change sourcetype and then send data to two different Splunk Indexers. What is happening is the sour...
by fxyfrank_acn Explorer in Getting Data In 02-07-2019
0 1
0
1
mruchi1004

How can I Read HDFS data into Splunk?

I have an HDFS path where new data is being written whenever my job runs. My jobs are already logging into Splunk . H...
by mruchi1004 New Member in Getting Data In 02-07-2019
0 4
0
4
maryamchar

How do you show all source types even if no data is available?

Hi, I'm trying to show all the source types within the last 24 hours (I set that by using presets), and if those so...
by maryamchar Explorer in Getting Data In 02-07-2019
0 1
0
1
TobiasBoone

Can you answer some questions about maxKBps involving replacing a heavy forwarder with a universal forwarder?

I replaced a very old heavy forwarder today with a universal forwarder that some of our network gear was pointing sys...
by TobiasBoone Communicator in Getting Data In 02-07-2019
0 5
0
5
chalbersma

How do you extract information from an array of key values in a column with multiple keys?

So I've got an event that has an array of key values like so in a column called associated : associates: [ { ...
by chalbersma Engager in Getting Data In 02-07-2019
0 2
0
2
sk049q

Data Not Showing Up In Distributed Search Environment

Environment has one search head and one search peer. Data is sent to a directory [item (1)] configured to be monitore...
by sk049q New Member in Getting Data In 02-07-2019
0 5
0
5
christianubeda

How come Splunk only can read 10000 lines from my csv? I need 9000000!

Hi team! I have a problem. I want to match two fields. The first one is an src_ip from an indexer(traffic events) t...
by christianubeda Path Finder in Getting Data In 02-07-2019
0 10
0
10
FritzWittwer_ol

What are the capabilities of the Splunk Forwarder license?

We are running heavy forwarders to accept events from a number of universal forwarders, do some transforms and filter...
by FritzWittwer_ol Contributor in Getting Data In 02-07-2019
0 1
0
1
claudio9494

Parse some text from log

Hi everyone, i've got some log like this: [2019-02-01 14:51:43][P][APPLICATION/controllers/access_controller.php:166...
by claudio9494 New Member in Getting Data In 02-07-2019
0 3
0
3
rhaarmann

Is it possible to have a script run on a Heavy Forwarder to process and convert logs to CSV and forward results to the indexer?

Looking to set up a Heavy Forwarder as a data processing server. We get data logs in a specific format dropped on our...
by rhaarmann Engager in Getting Data In 02-06-2019
0 8
0
8
R_B

How does a Universal Forwarder send raw and cooked data to an indexer?

So I know that during the input phase, a universal forwarder will take the raw data, add some metadata tags to it, an...
by R_B Path Finder in Getting Data In 02-06-2019
1 12
1
12
MikaJustasACN

java.service.wrapper sourcetype

Hello, Anybody has faced java.service.wrapper logs before? URL: https://wrapper.tanukisoftware.com/doc/english/prop...
by MikaJustasACN Path Finder in Getting Data In 02-06-2019
0 1
0
1
damucka

Help with passing variable/sourcetype from props.conf to transforms.conf

Hello, I am working to make my props.conf and transforms.conf more general / working for the new sourcetypes without...
by damucka Builder in Getting Data In 02-06-2019
0 1
0
1
Top Labels
Get Updates on the Splunk Community!

Unlock Database Monitoring with Splunk Observability Cloud

  In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...

Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All

At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...

[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk

Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST In the fast-paced world ...