Getting Data In

Community Activity

Text File Ingestion I want Splunk to ingest my AV log. I made the following entry in the inputs.conf file:Note: The log file is a text fi... by sswigart Explorer in Getting Data In 07-17-2024 0 1	0	1
Splunk timeformat issue Hello Splunkers!! I have a below event and I want to parse. But the event is not parsing with time format in Splunk. ... by uagraw01 Motivator in Getting Data In 07-17-2024 0 26	0	26
moving data from hot/warm to cold DB i'm facing problem with the storage of splunk i tried multiple way to minimize the heavy data stored at hot/warm DB b... by KhalidAlharthi Explorer in Getting Data In 07-16-2024 0 2	0	2
Monitor CPU cores of a Linux machine Hi, I have a Linux machine running on Centos 6.10 with a quad-core processor (16 threads) On Splunk, is there a way... by hishamjan Explorer in Getting Data In 07-16-2024 0 5	0	5
Collect log - Azure Ad reset password Hello guys, I need to collect logs when the "admin of azure" reset password or exclude one account.I have tried use ... by paul_mm New Member in Getting Data In 07-16-2024 0 1	0	1
CSV Field Extraction Cutting Off at 1,000 Characters I am trying to ingest data from a CSV file. One of the columns in the CSV file contain SQL queries. The header has fi... by Jornoh Loves-to-Learn in Getting Data In 07-16-2024 0 2	0	2
Simple installation script for Universal Forwarder When you have more than a few forwarders to maintain, it becomes tedious (and error-prone) to install them one-by-one... by lguinn2 Legend in Getting Data In 07-15-2024 15 32	15	32
Splunk Enterprise Installation Rollback Hi Trying to install Splunk Enterprise on Windows Server 2022 with my Domain account but every time I install it, it ... by eoronsaye Loves-to-Learn Lots in Getting Data In 07-15-2024 0 2	0	2
500 Internal Server Error Returned - AlgoSec V2 Splunk Installation Could I please get assistance on how to resolve this issue and get the AlgoSec App for Security Incident Analysis and... by Network007 Loves-to-Learn Lots in Getting Data In 07-14-2024 0 0	0	0
Why am I receiving the 500 internal server error when going to any Splunk control settings? hi guys doe anyone know why i could be getting this error. it pops up whenever i go to any splunk control like: setti... by zubairaizatron Explorer in Getting Data In 07-14-2024 0 4	0	4
Curl command data collection I am using a curl command to get data from an api endpoint, the data comes as a single event but I want to be able to... by MichaelBs Loves-to-Learn Everything in Getting Data In 07-14-2024 0 4	0	4
File Integrity Monitoring - Splunk 6 With FSChnage being deprecated in Splunk 5.0, what is the best method in Splunk 6 to monitor folder/file changes? Th... by dgavic Explorer in Getting Data In 07-14-2024 0 5	0	5
Failed to parse timestamp in psv file I have the following pipe separated value file that I am having problems onboarding. The first row is the column hea... by the_sigma Explorer in Getting Data In 07-12-2024 0 4	0	4
Logs ingestion from Linux servers Recently, I installed new Splunk Enterprise 9.2.1 (on-prem) on RHEL8 server and have installed Universal Forwarders o... by jkamdar Communicator in Getting Data In 07-12-2024 0 10	0	10
collect command wouldn't save to an index i have a search in my query where i spool data from an API but then the collect command does not allow me to save the... by sintjm Path Finder in Getting Data In 07-12-2024 0 15	0	15
Ingest Sciencelogic metrics into Splunk I am unable to find and add-on or app in Splunkbase for getting ScienceLogic events into Splunk. Does anybody have a... by kcarsten Engager in Getting Data In 07-11-2024 0 1	0	1
How to configure a Splunk Universal Forwarder to send specific Windows logs to a designated index Hello,I have successfully configured the Splunk Universal Forwarder on a Windows machine to send WinEventLog: System,... by BRFZ Communicator in Getting Data In 07-11-2024 0 3	0	3
Linux Event logs not coming over to Splunk cloud I am trying to ingest Linux logs into Splunk. 1. I have deployed the unix_TA through the deployment server to the Hea... by Kwabena13 Engager in Getting Data In 07-11-2024 0 6	0	6
Indexer Discovery Error (IndexerDiscoveryHeartbeatThread) Hi, I have Splunk 8.0.0 on AWS with a clustered indexer set up (1 Master and 4 indexers) and I have deployed custom ... by amitjaywantsplu Engager in Getting Data In 07-11-2024 1 3	1	3
Sourcetype is visible, but not searchable after rename in transforms I have this most wired situation, where I use inputs.conf on the UF: [monitor://C:\Users\xxx\OneDrive - xxx\xxx\Sou... by BTrust Path Finder in Getting Data In 07-11-2024 0 3	0	3
Log data separation according to host IP address Our scenario in new deployment:One indexer server (Windows) (+one separate Windows server as search head)One SC4S in ... by Sepe New Member in Getting Data In 07-11-2024 0 1	0	1
Running as non-root and still able to read root logs Bit of a reverse error here, splunk is working when it shouldn't.I followed these instructions to run Splunk as non-r... by BlueQ Explorer in Getting Data In 07-10-2024 0 6	0	6
Epoch time stamp delemma - how do I convert the epoch time stamp upon ingestion ? Is there a Regex to convert the epoch to human readable time upon ingestion ? [1720450799] Error: Got check result f... by jcorcorans Explorer in Getting Data In 07-10-2024 0 4	0	4
High memory/cpu usage by splunk universal forwarder I've installed Splunk Universal Forwarder 9.1.0 on a Linux server and configured batch mode for data log file monitor... by NReddy12 Loves-to-Learn Lots in Getting Data In 07-10-2024 0 4	0	4
how to brake my lines and treat my multiple events as multiple events Hi all, I am monitoring a CSV file that has multiple lines and using a pipe as the delimiter: I want to brake them to... by maxruas Loves-to-Learn Lots in Getting Data In 07-10-2024 0 1	0	1