Getting Data In

Ask a Question

Discussions

Thread Info

UnivarsalForwarderとソースタイプについて,Universal Forwarderとソースタイプ

UnivarsalForwarderを使って、ログファイルをSplunk Enterpriseに送っているのですが、この際、ソースタイプは指定できないのでしょうか。 ,Universal Forwarderを使って、ログファイルをs...

by Explorer in

Why am I getting the same inputs.conf file but different hostname for syslog files?

Hi i got a simple inputs.conf file which look like this: [default] host = test-01.blabla.local [monitor:///o...

by Path Finder in

Custom Splunk_TA_apache for new access log format

We have new apache access log and ssl access log format as follow: ssl_access_log test_server:18301 172.31.107....

by Engager in

How to create a dashboard that reads from apache server-status page?

I would like to create a dashboard that reads from the apache server-status page and displays the output for the foll...

by Engager in

Has anyone tried using fusemount for frozen storage?

So I'm about to try using Azure Blob Storage fuse-mounted (using blobfuse) as frozen storage, I'm wondering if anyone...

by Path Finder in

Can you retrieve the /results/ endpoint using |REST instead of a curl?

Hi all, Before I dive into the issue, I'd like to explain the goal: I have a search that returns some fields in...

by Path Finder in

How do you alert on a date change in Windows Security Logs?

Hello, I am looking to create an alert when a date change of more than a minute in Windows Security Logs. in m...

by New Member in

PCI Compliance: What app should I use to monitor Azure data logs?

We are currently working on PCI Compliance project and need to monitor the Azure Data Logs. What app would you recomm...

by Path Finder in

Best way to index Microsoft Azure logs?

Hi What is the best practice to ingest windows events logs from Azure servers? Do we have to install Splunk Forwar...

by Builder in

How do I stream Metrics to Azure Event Hub to be pulled By HF?

I'm using an HF to pull log/metric data from Azure event Hub. I know how to stream Activity log/diagnostic logs to...

by Explorer in

How to sync log files with AWS S3 AND send to Splunk Indexer using Splunk forwarder?

Hi, Logs Location :Windows machines. C:\Logs I'm syncing our application Logs folder (containing text data, extension...

by Explorer in

"Received event for unconfigured/disabled/deleted

Hi All, "Received event for unconfigured/disabled/deleted " Facing the above message from number of host with diff...

by New Member in

Is there a way to disable splunk btool check upon start of a forwarder?

Apparently all splunk components run the splunk btool check upon a component restart. Is there a way to disable it es...

by Ultra Champion in

How do you recursively search an Active Directory Global Groups from a CSV (or lookup table) file?

Hi, I'm currently using this command to search the entire domain for Group memberships. It only gives me user obje...

by Path Finder in

help for linking my request with a token

hi i use the request below and I want to link it with a token my token is called "tok_filterhost" and I add host=$tok...

by Motivator in

Does splunk clean all remove server names?

We are trying to put our Splunk Indexer on a Windows system image. Based on the documentation, stopping the Splunk...

by Path Finder in

Controlling dispatch directory growth

Hi, We have a continual issue in our environment with the $SPLUNK_HOME/var/run/dispatch directory growing out of c...

by Path Finder in

Discard one or more fields of a specific event without losing the rest of the fields of this event?

Hi All, Please, how to discard one or more fields of a specific event without losing the rest of the fields of thi...

by Path Finder in

How do you Filter events from Json?

Below is my JSON. I want to display all events where responseTime >11. Please assist. log: { [-] ...

by Path Finder in

Is the REST API incomplete with respect to Deployment steps

I went through the Splunk REST API documentation at http://docs.splunk.com/Documentation/Splunk/latest/RESTAPI/RESTde...

by Explorer in

How to POST Saved Search XML/JSON Definition to REST API

I can GET the definition of a saved search (report) from our dev server with a call like curl -k -u me:word https:...

by Engager in

Why are the Index and SourceType names in our Active Directory forests not matching?

We have two Active Directory forests in our enterprise with Universal Forwarders installed on all of our domain contr...

by New Member in

scripted input cron schedule

I defined a scripted input: [script://$SPLUNK_HOME/etc/apps/ccbn/bin/get_domain_by_date] disabled = true host = db...

by Explorer in

Why is my table field from JSON not working on all fields?

We are working with the following JSON generated by a dcos/marathon api: When I run: index=dcos sourcet...

by Path Finder in

How to index and use unstructured huge volume of data - Splunk HWF and SH cluster?

Hi All, We are working on a clustered environment where splunk is fetching logs from various servers. In the sourc...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

UnivarsalForwarderとソースタイプについて,Universal Forwarderとソースタイプ

Why am I getting the same inputs.conf file but different hostname for syslog files?

Custom Splunk_TA_apache for new access log format

How to create a dashboard that reads from apache server-status page?

Has anyone tried using fusemount for frozen storage?

Can you retrieve the /results/ endpoint using |REST instead of a curl?

How do you alert on a date change in Windows Security Logs?

PCI Compliance: What app should I use to monitor Azure data logs?

Best way to index Microsoft Azure logs?

How do I stream Metrics to Azure Event Hub to be pulled By HF?

How to sync log files with AWS S3 AND send to Splunk Indexer using Splunk forwarder?

"Received event for unconfigured/disabled/deleted

Is there a way to disable splunk btool check upon start of a forwarder?

How do you recursively search an Active Directory Global Groups from a CSV (or lookup table) file?

help for linking my request with a token

Does splunk clean all remove server names?

Controlling dispatch directory growth

Discard one or more fields of a specific event without losing the rest of the fields of this event?

How do you Filter events from Json?

Is the REST API incomplete with respect to Deployment steps

How to POST Saved Search XML/JSON Definition to REST API

Why are the Index and SourceType names in our Active Directory forests not matching?

scripted input cron schedule

Why is my table field from JSON not working on all fields?

How to index and use unstructured huge volume of data - Splunk HWF and SH cluster?

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

New Release | Splunk Cloud Platform 10.1.2507

🌟 From Audit Chaos to Clarity: Welcoming Audit Trail v2

uberAgent

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025

Getting Data In

Are you a member of the Splunk Community?

Discussions