Getting Data In

Community Activity

Hi I got this issue while forwarding the data? Can someone please explain me? by bellampavan Engager in Getting Data In 04-25-2018 0 1	0	1
Extract timestamp from the logs I've logs where events are not starting with time. Log format is 10.100.28.108 - - 2018-04-25--02-31-14 "PUT /mifs/c... by isha_rastogi Path Finder in Getting Data In 04-25-2018 0 3	0	3
Splunk logging Driver Bringing Down the Entire Docker Swarm Cluster Hello, We implemented collecting Docker logs using splunk logging driver, It pushes the docker logs very well and ... by eygtmbot Engager in Getting Data In 04-24-2018 0 3	0	3
Should props.conf match inputs.conf? Does the props.conf file of an indexer has the same contents as the inputs.conf file of the forwarder from which it i... by amulay26 Path Finder in Getting Data In 04-24-2018 0 3	0	3
Script input troubleshoot Hi, I am trying to index from my python script. I followed the steps in this page to setup my data: http://docs.splun... by tamduong16 Contributor in Getting Data In 04-24-2018 0 9	0	9
Find out the type of logs which are captured when it is using a script \bin\scripts\splunk-wmi.path ? I installed SplunkForwarder and during the installation wizard, I checked all the logs for Windows (Application, Secu... by knam Explorer in Getting Data In 04-24-2018 0 1	0	1
How do I configure a UF on Linux to receive and forward windows events? I need to configure a Linux based UF to receive Windows events and then forwarder those to the indexers. I am guessin... by pfabrizi Path Finder in Getting Data In 04-24-2018 0 4	0	4
How to index data from AWS into Splunk? We want to move files from Amazon s3 to Splunk server (ex: /opt/splunk/logs ) continuously and display those details... by duddukurimd New Member in Getting Data In 04-24-2018 0 1	0	1
After matching 2 different data sources based on srcip, why is the output none? Hi, I try to match two events in one search. one event must match virus and the other android. because the clearpass... by nielsg97 Engager in Getting Data In 04-24-2018 0 0	0	0
Syslog from switch to indexer Hello, we want to send syslog from cisco switches directly to the splunk indexer. So I made a NAT from UDP 514 to 54... by chrisitanmoleck Path Finder in Getting Data In 04-24-2018 0 5	0	5
Splunk internal logs stopped logging; can you please provide information about permission setup for log files? Hello Splunkers: This question is for the splunkers who are running their instances with splunk user. Three logs have... by dbanerjee17 New Member in Getting Data In 04-24-2018 0 2	0	2
I need a config to direct outputs to two different Splunk stacks? All, I have a legacy install of Splunk and a new Splunk ES stack. Transition is going to take a year. So far I just... by daniel333 Builder in Getting Data In 04-23-2018 0 1	0	1
CSV file with last 2 fields XML payloads Need help with the following CSV (everything I am trying, the XML fields are getting parsed incorrectly) so I have a... by odigokid Engager in Getting Data In 04-23-2018 0 6	0	6
How to reindex data which is coming from syslog server to splunk ? Please hlep me how I can reindex data which is coming from syslog server to splunk? Thanks , splunker969 by splunker969 Communicator in Getting Data In 04-23-2018 0 7	0	7
Tip: Sample pfSense Logs Parsed Here Hi, I have parsed some pfSense logs. For anyone making an app, please go ahead and use this info. Cheers and use i... by arizvi801 Explorer in Getting Data In 04-23-2018 0 2	0	2
How to ingest Nginx running in a Docker container logs to Splunk? Nginx container runs in Docker container on an Amazon EC2 instance. We're soon going to setup Docker Enterprise editi... by tomharris New Member in Getting Data In 04-23-2018 0 1	0	1
Custom Filters I'm using the Unversal Forwarder to 'monitor' log files on the clients but I just can't index everything forwarded, t... by didier_again Explorer in Getting Data In 04-23-2018 0 3	0	3
Why am I still seeing debug logs in the Splunk heavy forwarder filtering? I have set the following on transforms.conf and props.conf but I still see DEBUG logs in my search. what did I miss ... by raindrop18 Communicator in Getting Data In 04-23-2018 0 7	0	7
Can I create an index locally and have it selectively forward specific fields from a source? Hi all- I have a unique requirement/question, I think. I'm wondering if there is a way in Splunk to set up a heavy f... by sail4lot Path Finder in Getting Data In 04-23-2018 0 4	0	4
I am unable to remove the standard Blue Coat heades tha begin with the # comment. I have tried several iterations of the nullQueue using REGEX and SEDCMD This is a copy of the log header and how I currently have the props.conf and transforms.conf configured Software: S... by babcolee Path Finder in Getting Data In 04-23-2018 0 4	0	4
Options on installing universal forwarders on "Windows Machines" Hello All, Im a bit confused with the installation of a UF on the windows machine. According to the documents, there... by ranjitbrhm1 Communicator in Getting Data In 04-23-2018 0 2	0	2
What's causing the error global name 'Event' is not defined after upgrading Microsoft OMS Modular Inputs TA from v1.2 to v1.3.3? After upgrading from TA-OMS_Inputs from v1.2 to v1.3.3 on, splunk v6.5.4 we are getting the following errors when log... by pete_meyers Explorer in Getting Data In 04-23-2018 1 6	1	6
Splunk UDP Data Input Fails To Send Data Hi everyone, I am working on a school project where multiple batches of students will work on the same project and p... by leongchongyu Explorer in Getting Data In 04-23-2018 0 6	0	6
Windows Universal Forwarder Hide Domain Password Hello I need to deploy Windows Universal Forwarders with Domain Account and I am wondering where if: There is any ... by tiagofbmm Influencer in Getting Data In 04-23-2018 0 0	0	0
What should I be sourcetyping /var/log/messages? All, On the list of pretrained sourcetypes I see /var/log/messages as linux_messages_syslog (https://docs.splunk.co... by daniel333 Builder in Getting Data In 04-22-2018 0 1	0	1