Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
issdevt

Has anyone managed to get northbound notifications to be sent from Cisco Prime to Splunk?

Hello I testing Splunk and have it set up to receive syslog from various Cisco Wireless controllers and AP's but am ...
by issdevt New Member in Getting Data In 12-04-2018
0 10
0
10
ntttechops

How to use separate path for Hot, Warm, Cold buckets ?

We would like to take a back from our buckets. The backups fails because of high movement of data in HOT Buckets. We ...
by ntttechops Engager in Getting Data In 12-04-2018
0 9
0
9
vishaltaneja070

How do you parse multiline key value events?

How do you parse the below events? The events looks like : 2018-12-04 01:51:08.330, LogDate="2018-12-04 01:51:08.33...
by vishaltaneja070 Motivator in Getting Data In 12-04-2018
0 6
0
6
justins777

How come my unique JSON event returns duplicate values in a search string?

Hi All, I have some logging that is ingested through a Splunk agent. A sample log looks like: { "asctime" : "201...
by justins777 New Member in Getting Data In 12-03-2018
0 1
0
1
djl

IIS Heavy Forwarder Translation

We are working through a staged migration where two splunk instances will be running in parallel for a while before w...
by djl Explorer in Getting Data In 12-03-2018
0 5
0
5
rakeshyv0807

Can you help me with my multiple Input field search criteria?

Hi, I have a dashboard where the requirement is to have multiple input fields (a drop down and two input search fiel...
by rakeshyv0807 Explorer in Getting Data In 12-03-2018
0 5
0
5
nagarjuna280

can splunk monitor fschange

I want to know the user details, what changes happened, when, if someone makes changes to config files. is that possi...
by nagarjuna280 Communicator in Getting Data In 12-03-2018
0 2
0
2
dbashyam

regex in transform.conf to extract hostname after equal to sign

Hi, I need help in extracting the hostname after equal to sign in the transform.conf file. The string pattern is like...
by dbashyam Explorer in Getting Data In 12-03-2018
0 12
0
12
tchimento

Can I create an admin role that doesn't have access to delete_by_keyword?

There are regulatory guidelines for some institutions, such as banks, that put strict limits on the option to delete ...
by tchimento New Member in Getting Data In 11-30-2018
0 2
0
2
krisreeves

How do you determine the rendered configuration as applied to a specific source?

splunk btool is a helpful tool that allows you to determine the result of merging the config on disk, but it doesn't ...
by krisreeves Path Finder in Getting Data In 11-30-2018
0 2
0
2
sapq

Why am I unable to get data from the forwarder to the Splunk application?

Hi Team, I have installed the 6.4.3 version of the universal forwarder on a Windows server 2012. But i am unable to ...
by sapq New Member in Getting Data In 11-30-2018
0 1
0
1
reswob4

Can you help me with a permissions issue for Windows directories?

I was troubleshooting a weird issue in a Splunk Universal Forwarder installed on a Windows 2012R2 Print Server. I wa...
by reswob4 Builder in Getting Data In 11-30-2018
0 1
0
1
tlabue

Mixed test/JSON log events are splitting on a date in the JSON data

I have logs coming in that are either straight text (single line) or text with a JSON string as well. I have no issue...
by tlabue Path Finder in Getting Data In 11-30-2018
0 6
0
6
jsb22

universal forwarder scripts linux

I am leveraging the rlog.sh script on a universal forwarder. The forwarder receives it's confuration in the form of a...
by jsb22 Path Finder in Getting Data In 11-30-2018
2 2
2
2
atyshke1

Universal Forwarder: Why does the following error appear when I launch a batch file?

Hello, I have faced this error when launching a batch file with Splunk: ERROR ExecProcessor - message from ""C:\Prog...
by atyshke1 Path Finder in Getting Data In 11-30-2018
0 2
0
2
ramesh12345

Connecting to splunk server using python script from Python IDLE shell but data is not displaying?

import splunklib.client as client def setServer(HOST, PORT, USERNAME, PASSWORD): HOST = "hostname" PORT = 80...
by ramesh12345 Explorer in Getting Data In 11-30-2018
0 1
0
1
premraj_vs

After defining a source type in the heavy forwarder, why am I getting the following socket error?: HttpListener - "Socket error from 127.0.0.1 while accessing /servicesNS/nobody/search/data/inputs/rest/***/: Broken pipe"

I am using a REST application in Splunk. Below are the steps. Adding a data input via REST and the response in JSON....
by premraj_vs Path Finder in Getting Data In 11-29-2018
0 1
0
1
tmaire2

How do I fine tune a JSON extraction from inside a log file using the "add data" wizard?

Hello everyone, I have a Log file with JSON format in it like this : 12:48:12.3194 Info {"message":"Test ListOfEmai...
by tmaire2 New Member in Getting Data In 11-29-2018
0 11
0
11
willadams

Internally Signed Certificate Error

I am trying to configure our web interface to have a certificate for connections (i.e. https://fqdn:8000). I am runn...
by willadams Contributor in Getting Data In 11-29-2018
0 2
0
2
martineisenkoel

Tomcat 7.0 Logs on Windows Server 2012 R2

Hi, I'm pretty new to using the universal forwarder on Windows Servers. Our indexer Server is running on 7.2.0 and t...
by martineisenkoel New Member in Getting Data In 11-28-2018
0 2
0
2
singhg

IIS Logs and Universal Forwarder?

Hi, I am trying to forward IIS logs from one of the server that has forwarder installed. I have below config setting...
by singhg Explorer in Getting Data In 11-28-2018
1 3
1
3
WXY

How do I compare the count of the same field from different sources?

Hi, Now I have a problem: I have a index data which has multiple sources and they have the same sourcetype. inde...
by WXY Path Finder in Getting Data In 11-28-2018
0 4
0
4
Melstrathdee

Date_Time Stamp from when the file was created or modified

Hi Guys, I have a CSV file that is created periodically that I have been asked to bring into Splunk. The events in ...
by Melstrathdee Path Finder in Getting Data In 11-28-2018
0 2
0
2
_karlo

Can I replace a field at parsing stage with a hash (using sha2 for example)?

Hi answers! I would like to replace some information I get in Splunk. For example, I get some user names (user=karlo)...
by _karlo Explorer in Getting Data In 11-28-2018
0 5
0
5
evkuzin

Regexp for transform.conf doesnt work

Splunk receive a log like this: Nov 15 13:02:10 172.20.20.3 test WARNING 1 "Invalid path" 178.217.60.3 0 10.18.7.98 ...
by evkuzin New Member in Getting Data In 11-28-2018
0 4
0
4
Get Updates on the Splunk Community!

Unlocking Unified Insights: New Gigamon Federated Search App for Splunk

In today’s data-heavy environment, organizations are caught in a data distribution dilemma. As data volumes ...

GA: New Data Management App in Splunk Platform

Streamlining Data Management: Introducing a unified experience in Splunk Managing data at scale shouldn’t feel ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...
Top Solution Authors
View All