Getting Data In

Community Activity

Why is DNS lookup failing during indexing for 2 hosts? I just moved my Splunk indexer from one server to another. A few bumps in the road, but everything seems to be workin... by bdf0506 Path Finder in Getting Data In 10-22-2018 0 0	0	0
How do I split JSON array, twitter hashtags? i'm having a brain fart at the moment and trying to figure out how to get JUST the hashtags from all the posts. I kno... by moorvogi Path Finder in Getting Data In 10-22-2018 0 3	0	3
In inputs.conf whitelist, how do I create a regex expression for whitelisting files which contain a certain string? I need to whitelist files that contain a string in any case and in any place in the filename. And, they can either b... by coreyf311 Path Finder in Getting Data In 10-22-2018 0 3	0	3
time latency (Indextime and timestamp)? Hello, I'm trying to measure the time that data got ingested and the time it showed up on my search. I read that i ... by maryamchar Explorer in Getting Data In 10-22-2018 0 11	0	11
Can you suggest a format for a source type event break that doesn't truncate the following JSON logs? I have a JSON log that is getting truncated because of the event break pattern in the source type. I cloned the sourc... by pdantuuri0411 Explorer in Getting Data In 10-22-2018 0 7	0	7
Splunk 7.0.0: How to get metrics in from collectd Hi, How to add a tag(region) to a collectd based metric from a host? For example if we have 2 regions (us-east,us-... by sureshr7 Explorer in Getting Data In 10-22-2018 3 7	3	7
When building a modular input, how to index JSON data? Hi, I am building a modular input using Add-on Building and python. When I am trying to index JSON data I get this e... by apezuela Explorer in Getting Data In 10-22-2018 0 3	0	3
How do I test connectivity over a specific port in Windows? My forwarder is unable to establish a connection over port 9997 to my indexer. I am running Windows, and I do not ha... by jpondrom_splunk Splunk Employee in Getting Data In 10-22-2018 3 3	3	3
Splunk stopped indexing local log after SSL setup Hi Guys, I run standalone Splunk Version: 7.2.0 deployment for a college project on Ubuntu 14.04 (amd64). I have sin... by mthq Engager in Getting Data In 10-21-2018 1 1	1	1
Why has Splunk stopped indexing all log files? I've recently started using Splunk and it was working fine but at some point seems to have stopped indexing any logs.... by cboard Explorer in Getting Data In 10-21-2018 0 4	0	4
Extract Json and Build a plot I am looking to extract values from the Json to build out data to see what was the quote number that threw error. I a... by jitin_ratra New Member in Getting Data In 10-21-2018 0 1	0	1
How can I query and find records which have an empty array? My JSON looks like this, { "id":"studentNumber", "courses" : [ { "course" : "Analysis of Alg" }, { "course": "game d... by dreddy123 New Member in Getting Data In 10-21-2018 0 4	0	4
How to apply an arbitrary offset to the timestamp at index time? I have an input that writes timestamps as the number of milliseconds passed since January 1st 1601 that sadly cannot ... by martin_mueller SplunkTrust in Getting Data In 10-20-2018 2 5	2	5
How do you extract fields from JSON logs? Hello, I have the following JSON log event: { [-] line: I 1019 15:40:22.873 UTC THREAD1: *linkerd 1.4.5... by moizmmz Path Finder in Getting Data In 10-19-2018 0 4	0	4
How does a LOOKUP and Report command work in a PROPS.CONF ? We have to use Graylog to forward Windows events to our SPLUNK. However we are trying to use CIM model and we have as... by pfabrizi Path Finder in Getting Data In 10-19-2018 0 0	0	0
Can you suggest a best approach for Splunk Data On boarding and data segregation? Let us say we are getting data from 2 different sources called A and B. The data is coming under the index called "Ex... by rohitvjoshi Path Finder in Getting Data In 10-19-2018 0 1	0	1
Splunk Reading MQ Messages with MQMD Header Hi Would like to get recommendations on using Splunk as a Data Backup repository for MQ Messages. We are trying to... by dvijayak Engager in Getting Data In 10-19-2018 0 0	0	0
How do I add the right time stamp and correct server name to the following syslog messages? Hi guys, Please pardon my ignorance here as i am new to Splunk. I am using Splunk 7.1 on a Windows server and forwar... by saadi381 New Member in Getting Data In 10-19-2018 0 9	0	9
How to specify source type for virtual indexes.? Hi, I have data in HDFS and I am creating Virtual Indexes to access the data. However, I need to make get the whole ... by sdaruna Explorer in Getting Data In 10-19-2018 0 13	0	13
Has anyone attempted to use Mango for data transfer into Splunk Cloud? I am wondering if anyone had figured out a good solution for pulling in data from various modbus components, and send... by tbomanionetix New Member in Getting Data In 10-18-2018 0 0	0	0
How can I compare the time on our server against the actual current time? Hi Is there a way to find the current time on the Windows (UF installed) and compare it with the current time? I nee... by kiran331 Builder in Getting Data In 10-18-2018 0 3	0	3
curl command as .bat file in windows gives blank result Hi I have created curl command to reload input . i have saved it in .bat file under splunk>bin>scripts path and my ... by ips_mandar Builder in Getting Data In 10-18-2018 0 0	0	0
Hello World! Splunk Training session Hello World, I'm in my first ever Splunk training session week around fundamentals 1 & 2 module and Admin system / Da... by gsignahode New Member in Getting Data In 10-18-2018 0 0	0	0
Exchange admin audit logs Can splunk read exchange 2010 sp1 admin audit logs. I beleive exchange admin logs goes to a configured email. Does s... by nuwan New Member in Getting Data In 10-17-2018 0 4	0	4
How do I populate a Microsoft Word Template with Splunk Data? Hello all! First of all, apologies about my English skills. I designed a Microsoft Word template (including some cus... by rjlaral New Member in Getting Data In 10-17-2018 0 0	0	0