Getting Data In

Community Activity

How do you extract fields from JSON logs? Hello, I have the following JSON log event: { [-] line: I 1019 15:40:22.873 UTC THREAD1: *linkerd 1.4.5... by moizmmz Path Finder in Getting Data In 10-19-2018 0 4	0	4
How does a LOOKUP and Report command work in a PROPS.CONF ? We have to use Graylog to forward Windows events to our SPLUNK. However we are trying to use CIM model and we have as... by pfabrizi Path Finder in Getting Data In 10-19-2018 0 0	0	0
Can you suggest a best approach for Splunk Data On boarding and data segregation? Let us say we are getting data from 2 different sources called A and B. The data is coming under the index called "Ex... by rohitvjoshi Path Finder in Getting Data In 10-19-2018 0 1	0	1
Splunk Reading MQ Messages with MQMD Header Hi Would like to get recommendations on using Splunk as a Data Backup repository for MQ Messages. We are trying to... by dvijayak Engager in Getting Data In 10-19-2018 0 0	0	0
How do I add the right time stamp and correct server name to the following syslog messages? Hi guys, Please pardon my ignorance here as i am new to Splunk. I am using Splunk 7.1 on a Windows server and forwar... by saadi381 New Member in Getting Data In 10-19-2018 0 9	0	9
How to specify source type for virtual indexes.? Hi, I have data in HDFS and I am creating Virtual Indexes to access the data. However, I need to make get the whole ... by sdaruna Explorer in Getting Data In 10-19-2018 0 13	0	13
Has anyone attempted to use Mango for data transfer into Splunk Cloud? I am wondering if anyone had figured out a good solution for pulling in data from various modbus components, and send... by tbomanionetix New Member in Getting Data In 10-18-2018 0 0	0	0
How can I compare the time on our server against the actual current time? Hi Is there a way to find the current time on the Windows (UF installed) and compare it with the current time? I nee... by kiran331 Builder in Getting Data In 10-18-2018 0 3	0	3
curl command as .bat file in windows gives blank result Hi I have created curl command to reload input . i have saved it in .bat file under splunk>bin>scripts path and my ... by ips_mandar Builder in Getting Data In 10-18-2018 0 0	0	0
Hello World! Splunk Training session Hello World, I'm in my first ever Splunk training session week around fundamentals 1 & 2 module and Admin system / Da... by gsignahode New Member in Getting Data In 10-18-2018 0 0	0	0
Exchange admin audit logs Can splunk read exchange 2010 sp1 admin audit logs. I beleive exchange admin logs goes to a configured email. Does s... by nuwan New Member in Getting Data In 10-17-2018 0 4	0	4
How do I populate a Microsoft Word Template with Splunk Data? Hello all! First of all, apologies about my English skills. I designed a Microsoft Word template (including some cus... by rjlaral New Member in Getting Data In 10-17-2018 0 0	0	0
Is there a Splunk app for Microsoft System Center Configuration Manager (SCCM 2012) data? Hello; I am trying to determine if there is an app for Microsoft SCCM 2012? Has anyone been successful in sending SC... by nychawk Communicator in Getting Data In 10-17-2018 1 10	1	10
Rename using wildcard I get some json-formatted logs, that I want to extract a field from. It looks something like the following: { "a... by tbo Explorer in Getting Data In 10-17-2018 0 6	0	6
Find out Mean Time to Resolve using REST API Hello, I'm looking to find out the Mean Time to Resolve value using REST API, can anyone provide the attribute to b... by chaitanya38 New Member in Getting Data In 10-17-2018 0 3	0	3
Error in getting REST API Data into Splunk I have configured the Data Input REST API settings as per the following link. While trying with the REST URL in brows... by Naren26 Path Finder in Getting Data In 10-17-2018 0 0	0	0
sendCookedData=false causing message rejects I have a customer where the Splunk team does not have management access to forwarders and the ops people won't allow ... by responsys_cm Builder in Getting Data In 10-17-2018 1 3	1	3
How can we set TIME_FORMAT in props.conf where the milliseconds vary in length? We are trying to create a TIME_FORMAT where the milliseconds vary in length. Sometimes it is two digits and sometime ... by ddrillic Ultra Champion in Getting Data In 10-16-2018 0 3	0	3
How come when I try to add data, there is no ingestion is happening? Im trying to use the index once option of add data to ingest a 6G tsv file. It does not show any preview and does not... by splunkannm New Member in Getting Data In 10-16-2018 0 7	0	7
How to add a custom year for a certain file I am using Spunk Enterprise to upload log files and generate a timeline. I am uploading a linux secure.log file. It... by mikemichaleson Engager in Getting Data In 10-16-2018 0 0	0	0
How do I change storage dynamically? Has anyone ever run into issues with dynamically adding storage to a mount point in Splunk? Are there any considerat... by dtow1 Path Finder in Getting Data In 10-16-2018 0 1	0	1
Is there a way to know if Splunk is operating 90% of the time ? I found that Splunk Monitor System health can check health of Splunk and check if it's monitoring or not. However, i ... by maryamchar Explorer in Getting Data In 10-16-2018 0 4	0	4
Can't get FQDN for /var/log/messages with Deployment Server and Linux T/A I am seeing many references about how the "syslog" sourcetype takes the hostname form the /var/log/messages logs, by ... by aferone Builder in Getting Data In 10-16-2018 0 2	0	2
one radio button and 2 multiselect i have one radio button which passes value for 2 multiselect. if i change value in the radio button i want to change ... by DataOrg Builder in Getting Data In 10-16-2018 0 1	0	1
How do I extract a whole sentence as a field from a log file and generate a report? I want to generate a report by using a log file as an input. The log file is like: 01/16/2018 process 1 successfu... by shubhambhagat02 New Member in Getting Data In 10-16-2018 0 3	0	3