Getting Data In

Community Activity

Pull syslog data from EC2 instance into Splunk We're running an on-prem instance of Splunk Enterprise behind a firewall which (currently) does not permit ingress on... by olgamirth New Member in Getting Data In 07-26-2018 0 2	0	2
To monitor which Windows server are not sending logs to Splunk I want to check which server are not sending logs to Splunk as our monthly maintenance. Can you guys help me what is... by karambaz New Member in Getting Data In 07-26-2018 0 3	0	3
Does Splunk support LEEF formatted events? Does it support LEEF, Log Event Enhanced Format? by the_wolverine Champion in Getting Data In 07-26-2018 2 2	2	2
Windows IIS Log and Splunk On a Windows 2012 Server the daily IIS log is held open and sits at "0" bytes in size throughout the day. It appears ... by aegis53 New Member in Getting Data In 07-26-2018 0 1	0	1
How to send data from IBM AS400 to Splunk via syslog? I want to create a connectivity between splunk enterprise and AS400. I tried to send logs via syslog, but Splunk didn... by Afef Communicator in Getting Data In 07-25-2018 1 7	1	7
Host rewrite not working... I'm trying to rewrite the host field based upon values in my data. Here is a sample event: {"href":"/orgs/1/audit_l... by responsys_cm Builder in Getting Data In 07-25-2018 0 2	0	2
i can see only splunk example queries and no example output results. is there a document whcih have both exmple queires and the sample outputs. i can see only splunk example queries and no example output results. is there a document whcih have both exmple queir... by gannysplunk New Member in Getting Data In 07-25-2018 0 3	0	3
Forward messages to different indexes based on the value of its field Is it possible to forward messages to different indexes based on the value of message field ? And which forwarder is ... by myordanov95 Engager in Getting Data In 07-25-2018 0 8	0	8
JSON is being cut off at "created" key I've got a pretty strange issue, and I'm sure there is a simple answer for it. Here is my env: 7.1.2All default conf... by helius Path Finder in Getting Data In 07-25-2018 0 4	0	4
How do I ingest the details tab in Windows Forwarded Events? I have a server that received forwarded event logs from clients within my Enterprise. The event logs are simple to re... by devinmclean Path Finder in Getting Data In 07-25-2018 1 5	1	5
Custom fields for CSV Input Hi All, We have Splunk environment with Indexers clustered and many forwarders managed by Deployment server. We are ... by siva_cg Path Finder in Getting Data In 07-25-2018 0 1	0	1
Simple search using cURL returns empty results I tried following a simple cURL request based on the training video and I get no results. I run my search: curl -u i... by pfabrizi Path Finder in Getting Data In 07-25-2018 0 3	0	3
Why are my Palo Alto firewall logs not forwarding to Splunk anymore? Hello. My Palo Alto firewall logs were successfully forwarding to Splunk for a while, except today I noticed that for... by johannterc New Member in Getting Data In 07-25-2018 0 3	0	3
After the Upgrade to 7.0.3 the inputlookup command not working properly The lookup file was working fine for long time (2 months) and contained 1000+ entries However, after upgrading to 7... by renjujacob88 Path Finder in Getting Data In 07-25-2018 0 0	0	0
How to list all the values which are greater than or equal to three after splitting? I have following values for a field="Listdir". I want to get the only the values which contains 3 or more directories... by bollam Path Finder in Getting Data In 07-25-2018 0 4	0	4
Is there a way to determine how much disk space my sourcetype is taking up? Hi, Is there a way to determine how much disk space a sourcetype is using? by a212830 Champion in Getting Data In 07-24-2018 1 4	1	4
Windows UniversalForwarder not registering Syslog input I am trying to make UniversalForwarder on Windows Server 2008 R2 Standard act as a syslog data receiver and forward t... by pkarpushin Path Finder in Getting Data In 07-24-2018 0 5	0	5
Multiple Values in Key/Value pair I am looking to return the multiple values I have on my dashboard currently only one shows up. Here is an example: K... by ebkeys94 Engager in Getting Data In 07-24-2018 0 1	0	1
how to get list of all Index-time fields using a REST query? Is there a handy REST query to fetch all index-time fields (which can be put to indexers). Currently the process is d... by kirankos Engager in Getting Data In 07-24-2018 0 1	0	1
Using Splunk with a custom application log file I am working with a custom application that generates log files and I think I need to create a new source type and th... by acarmack Explorer in Getting Data In 07-24-2018 1 12	1	12
send snmp trap splunk to other system Hi, I am following, Sending SNMP Traps On Windows document. As per document, I have placed sendsnmptrap.cmd script i... by raju_patil New Member in Getting Data In 07-24-2018 0 2	0	2
How can I tell splunk to ignore the first few lines for TCP port indexing? I opened a TCP port to capture incoming data. But I don't know what I could do to filter out the first 10 lines befor... by tamduong16 Contributor in Getting Data In 07-24-2018 0 6	0	6
How to extract from CSV using rex? I have a csv file that I am trying to pull data from, this is an example of the data in the file: Action, Message, S... by batsonpm Path Finder in Getting Data In 07-24-2018 0 2	0	2
Ingesting data from web query that returns JSON/XML response in plaintext Hello All, I am trying to ingest data from a cloud-based 3rd party tool that returns JSON/XML in response to a web ... by anirbandasdeb Path Finder in Getting Data In 07-23-2018 0 15	0	15
Splunk-SAML: Users entry existing in authentication.conf even after removing from SAML portal Hello, I have been facing this issue with authentication.conf where if I remove a user from SAML portal, it still re... by sidhantbhayana Path Finder in Getting Data In 07-23-2018 0 1	0	1