Getting Data In

Community Activity

Navigation Bar/header: can you convert XML file to HTMl view for edit? Is it possible to convert the XML file of the Navigation Bar to HTML view so I can edit it my own way? For example,... by Anmar0293 Path Finder in Getting Data In 08-27-2018 1 0	1	0
Why am I having sourcetype override problems when trying to monitor a log directory for a custom application? I have the universal forwarder installed on a Windows 2012 server. I am trying to monitor a log directory for a custo... by bdf0506 Path Finder in Getting Data In 08-27-2018 0 3	0	3
REST API Modular input - creating class in responsehandler.py Hello, I'm trying to get data in Splunk using REST API (data are in json format). I understand I have to create my o... by DavidCaputo Path Finder in Getting Data In 08-27-2018 0 2	0	2
forward events to multiple indexers hi everyone, I have web server events. I want to forward specific events that contain digits 404 to index1 and rema... by riqbal Communicator in Getting Data In 08-26-2018 0 2	0	2
Why does Splunk Custom Visualization API result in a build error on a Windows Machine? I was trying to use Custom Visualization API to build my own custom visualization using tutorial from Splunk Docs (si... by niketn Legend in Getting Data In 08-26-2018 3 11	3	11
forward specified events to reciever i need only recieve events with action=blocked from farwrders, my logs are : Aug 18 12:56:13 192.168.X.X date=2018-0... by khanlarloo Explorer in Getting Data In 08-26-2018 0 7	0	7
Why does the file without line feeds and carriage does not run? Hi at all, I have a file without CR al LF to divide events. I usually parsed these files without problems (e.g. SAP l... by gcusello SplunkTrust in Getting Data In 08-26-2018 0 3	0	3
How do I search a match a specific source against an input lookup I am attempting to run the below, however I am not getting any results. source="source.tsv" [\|inputlookup appname\| f... by blueumbrella New Member in Getting Data In 08-25-2018 0 1	0	1
How can I create an alert for RDP logins without CyberArk credential check out I am looking for a way to capture events where a user did not check out credentials from CyberArk before using them t... by akhan92394 Explorer in Getting Data In 08-25-2018 1 1	1	1
What is the max value for maxHotSpanSecs Manual says to not go below an hour, but I am getting: Invalid key in stanza [main] in /opt/splunk/etc/system... by stevesmoot Explorer in Getting Data In 08-25-2018 0 3	0	3
splunk index cuts out some lines Hi, I am testing splunk config from my local machine before implementing it in production. So i am indexing a json fi... by aeghobor New Member in Getting Data In 08-25-2018 0 8	0	8
What are the options for synchronizing namespace tsidx files in a search head cluster? One option is obviously to use shared storage. That's a least desirable option. If I schedule the search to run tsc... by responsys_cm Builder in Getting Data In 08-24-2018 0 1	0	1
Manipulating data before indexing I have multiple forwarders (heavy and universal) and I want to manipulate the data they send to my indexers. For each... by omerl Path Finder in Getting Data In 08-24-2018 1 7	1	7
Why does Splunk Export to JSON give only strings? Hi, When we try to export a stats table to JSON, the integer values are also represented as string in the JSON. Exa... by edwintom New Member in Getting Data In 08-24-2018 0 0	0	0
Why does Splunk Universal Forwarder skip data in rolling log when Splunk service is interrupted (i.e. during system updates)? The Splunk Universal Forwarder 6.5.1 seems to skip the data added to the log file, once the splunk service was not ru... by lhavrylyuk Explorer in Getting Data In 08-24-2018 1 5	1	5
Using a scripted input's passAuth token for CLI access from the scripted input I am trying to create a scripted input that can run some Splunk CLI commands. Using passAuth in inputs.conf I was ab... by dwaddle SplunkTrust in Getting Data In 08-24-2018 2 5	2	5
Can you forward specific data to a third-party system? I am working on a POC third-party system for some of our data and need to get data from Splunk forwarded over to it. ... by jeffbat Path Finder in Getting Data In 08-24-2018 0 3	0	3
DMC picks up incorrect server roles Hi I was in the verge of setting up the DMC console in 6.5.2 version on the Deployer. I set up the internal log forw... by saranya_fmr Communicator in Getting Data In 08-24-2018 0 16	0	16
Rename/Set Host Name We recently set up splunk to start accepting snmp logs from our switches and routers, which is working out nicely. H... by Emblibrary Explorer in Getting Data In 08-24-2018 4 7	4	7
How do I leave out timestamp from exported CVS filename (Scheduled)? Hi all, Splunk newbie here, I've searched the answers but can't find an answer... I have saved a series of searches... by johnbentley New Member in Getting Data In 08-24-2018 0 1	0	1
How Do You Forward Data to Syslog Server and Indexers? What I am trying to do is to get a particular source type forwarded from the heavy forwarder to a syslog server. In a... by rajindurbal Path Finder in Getting Data In 08-23-2018 0 3	0	3
How to enable this standalone search head(SH) to search data in a clustered SH/indexer? Hi all, I have the distributed environment setup for SH cluster and indexer cluster. Now, I have a standalone serve... by krusovice Path Finder in Getting Data In 08-23-2018 0 2	0	2
Embedded JSON column in excel looses data when imported to Splunk I am new to Splunk. I have an excel file that has a column which contains embedded JSON. When I Import the csv, I los... by sarahrdpt New Member in Getting Data In 08-23-2018 0 0	0	0
Splunk Free Edition stopped indexing after set-up I've tried browsing around previous topics but couldn't find anything that worked for my particular situation. I have... by sploited New Member in Getting Data In 08-23-2018 0 1	0	1
How to filter events on a heavy forwarder sent from universal forwarders? Hi Team, We want to drop events which contain the keyword "error" Below is our setup: universal forwarder ------>H... by thezero Path Finder in Getting Data In 08-23-2018 0 11	0	11