Getting Data In

Community Activity

Running as non-root and still able to read root logs Bit of a reverse error here, splunk is working when it shouldn't.I followed these instructions to run Splunk as non-r... by BlueQ Explorer in Getting Data In 07-10-2024 0 6	0	6
Epoch time stamp delemma - how do I convert the epoch time stamp upon ingestion ? Is there a Regex to convert the epoch to human readable time upon ingestion ? [1720450799] Error: Got check result f... by jcorcorans Explorer in Getting Data In 07-10-2024 0 4	0	4
High memory/cpu usage by splunk universal forwarder I've installed Splunk Universal Forwarder 9.1.0 on a Linux server and configured batch mode for data log file monitor... by NReddy12 Loves-to-Learn Lots in Getting Data In 07-10-2024 0 4	0	4
how to brake my lines and treat my multiple events as multiple events Hi all, I am monitoring a CSV file that has multiple lines and using a pipe as the delimiter: I want to brake them to... by maxruas Loves-to-Learn Lots in Getting Data In 07-10-2024 0 1	0	1
Timestmap extraction for multiple events in single sourcetype Hi folks,I have a use case where I am having different types of events in a single sourcetype. I want to apply differ... by darshm New Member in Getting Data In 07-10-2024 0 3	0	3
How can i assign a value to a variable in a splunk Hello everyone, I am looking for a way to assign values to variables in order to avoid repetition in my query. I want... by Med_Ryad Engager in Getting Data In 07-10-2024 0 4	0	4
Cisco err-disable error I have a cisco ess -3300 con switch with 20 1G copper port and 4 1G Fiber cable .My issue is that out of 24 1G port o... by Manjunatha New Member in Getting Data In 07-09-2024 0 1	0	1
Setup screen with credentials and multiple endpoints I am trying to create a setup screen for my app that will store passwords securely and also create a scripted input i... by andrew_garvin Path Finder in Getting Data In 07-08-2024 4 4	4	4
Splunk Add on for Microsoft Azure Secure Score- How to resolve this error? Hi, I am working with the Splunk Add on for Microsoft Azure and im trying to get the Secure Score working with it, h... by paulmachin New Member in Getting Data In 07-08-2024 0 2	0	2
Search for client disconnects from Indexer? Is there a way to monitor disconnects on a host (with a deployed universal forwarder) that cannot reach the Indexer? ... by splunktrainingu Communicator in Getting Data In 07-08-2024 0 5	0	5
Sequence of activities at index time Hi at all,I have a new doubt about the sequence of activities during indextime.I have a data flow, arriving from HEC ... by gcusello SplunkTrust in Getting Data In 07-07-2024 0 4	0	4
Filtering logs not working as expected I have tried to solve this problem with all the combinations, but missing some key thing on how to resolve.I have var... by vimselva Explorer in Getting Data In 07-07-2024 0 6	0	6
Splunk DBConnect with Informix Hello,Anyone has experience configuring Splunk DBconnect with informix database? Do we need to install the drivers e... by Roy_9 Motivator in Getting Data In 07-07-2024 0 1	0	1
Language for collecting logs Hello, I want to collect logs from a machine that is set to French. Consequently, the logs are generated in French, m... by BRFZ Communicator in Getting Data In 07-06-2024 0 2	0	2
Help with Windows Print Server admin log The print server OS is Windows Server 2019 I would like to get PrintService-Admin log to Splunk.I tried the following... by tomtom0030 Loves-to-Learn in Getting Data In 07-06-2024 0 1	0	1
Getting Data into the Splunk Add-On for Microsoft Security Hi folks,I am trying to get Defender logs into the Splunk Add-On for Microsoft Security but I am struggling a bit.It... by qzy Observer in Getting Data In 07-04-2024 0 2	0	2
Resource/guide sought for ProofPoint TRAP [ThreatResponse] integration with Splunk Hello Team , we have requirement to integrete the proofpoint threat response [ TRAP] appliance logs within splunk. i... by SunilMaharishi Path Finder in Getting Data In 07-03-2024 1 11	1	11
Syslog is Creating Duplicates, Prevent Splunk from ingesting duplicates Hi All, I recently found out that my Syslog Server is creating duplicates for all log files.I checked the packets ´pc... by krutika_ag Path Finder in Getting Data In 07-03-2024 0 1	0	1
sysmon and syslog Hello Splunk Community,I am working on a project that uses Splunk, and I need your assistance in properly installing ... by tuts Path Finder in Getting Data In 07-03-2024 0 5	0	5
Loading BOTSV1 JSON into developer Splunk environment I am new to Splunk and need some serious practice to learn all the cool things Splunk can do. I am trying to load the... by FCTaylor Explorer in Getting Data In 07-02-2024 0 4	0	4
How to fix BTree unexpected offset 0 while on order 1? I'm getting these failures after a prior disk corruption.ERROR TailReader [1876879 tailreader0] - Ignoring path="/som... by yuanliu SplunkTrust in Getting Data In 07-02-2024 0 4	0	4
Reverse-order a DNS at search time Hi all, In certain search, Splunk returns DNS hostnames, for example: a.monetate.net.akadns.net evsecure-ocsp.verisi... by ahamilton New Member in Getting Data In 07-02-2024 0 2	0	2
Struggle to get Syslog data parsed out for network device logs. Our network device data sends data to a Syslog server and then up to our splunk instance. I have a few TAs that I’ve ... by antoniolamonica SplunkTrust in Getting Data In 07-02-2024 0 4	0	4
Need help with whitelist regex in inputs.conf Hello everyone, I'm working to set up many Universal Forwarder to monitor a MFT logs. MFT store all it's logs in the ... by michaelteck Explorer in Getting Data In 07-02-2024 0 2	0	2
Splunk db connect onboarding data Hello Everyone,Recently I have installed Splunk db connect app (3.16.0) in my Splunk heavy forwarder (9.1.1). As per ... by gowthammahes Path Finder in Getting Data In 07-02-2024 0 1	0	1