Getting Data In

Community Activity

	How can I filter logs from being indexed in Splunk Cloud Hey all, I want to filter logs before they are being indexed in Splunk Cloud for example, I want to filter all logs ... by eddiemashayev Path Finder in Getting Data In 05-07-2018 0 8	0	8
	what are the security use cases available for azure. Hi Folks, we have on-boarded the activity logs, service status, operational messages, Azure audit, Azure resource da... by lksridhar Explorer in Getting Data In 05-07-2018 0 3	0	3
	Extract date from the Splunk log I have splunk log which looks like below: \|\|pool-2-thread-1\|\| INFO com.tmobile.sfdc.reports.batch.listener.OrderJob... by karthi25 Path Finder in Getting Data In 05-07-2018 0 4	0	4
	How to properly configure Universal Forwarder, located on the same machine as my Splunk instance? Hi. I am trying to install an universal forwarder on the same machine as my Splunk instance just to see how Universal... by aoliullah Path Finder in Getting Data In 05-06-2018 0 5	0	5
	PowerShell Modular Input Schedule Parameter 7.0.0.2 Forwarder, with the following schedule specified in the inputs.conf for a PowerShell input: schedule = /5 ... by Kendo213 Communicator in Getting Data In 05-05-2018 0 7	0	7
	Search time field extractions of structured data in csv format Hello, I am indexing data which arrives to the index in csv format. I am using a search time filed extraction method... by kiril123 Path Finder in Getting Data In 05-05-2018 0 3	0	3
	How to convert epoch time to Human Readable for a specific timezone? I have a field where the values are epoch times. I want to convert them to human readable format for some arbitrary t... by matstap Communicator in Getting Data In 05-04-2018 0 1	0	1
	Rotated log file to another directory causes duplication Test inputs.conf [monitor:///var/log/application/active/*.log] disabled=0 sourcetype=application index=application ... by iamjvn Explorer in Getting Data In 05-04-2018 0 5	0	5
	Universal Forwarder on Chromebooks? Hi all, long time lurker here! Has anyone had any luck installing a universal forwarder on a Chromebook? My company ... by jpetrakovic Explorer in Getting Data In 05-04-2018 0 1	0	1
	Enabling SFTP for forwarding logs Hi We have splunk forwarders installed in our web servers which forward logs to our analytics application's forwarde... by keerthana_k Communicator in Getting Data In 05-04-2018 0 3	0	3
	How calculate the delta between the timestamp in one row with the timestamp in the previous row for all results? Hi, In my search result, I have a series of events. I am able to calculate the delta of the various _time timestamps... by Brigno New Member in Getting Data In 05-03-2018 0 3	0	3
	Splunk not receiving any data from splunk forwarders after server reboot HI, Splunk not taking any data from the forwarders after the reboot of client servers. How to get that data back ... by prathapkcsc Explorer in Getting Data In 05-03-2018 0 1	0	1
	Reading data from Azure Storage Table I am trying to read data from an Azure Storage Table and currently am using the Splunk Add-on for Microsoft Cloud Ser... by jeffbat Path Finder in Getting Data In 05-03-2018 0 3	0	3
	Can someone help me understand how my current outputs.conf settings work? A splunk engineer told us to deploy an app with the deployment server (to universal forwarders) that contained the ou... by splunkbacon Explorer in Getting Data In 05-03-2018 0 10	0	10
	Why is the SEDCMD not working when ingesting a CSV via the web interface? Using the 7.0.1 web interface to ingest a CSV, and the SEDCMD command is not working. Tried reducing to the simplest ... by eugenek Path Finder in Getting Data In 05-03-2018 0 3	0	3
	delete events from _internal index Hi at all, I'd like to delete some events indexed with a wrong date (2030-04-03). I enabled admin to can_delete role ... by gcusello SplunkTrust in Getting Data In 05-03-2018 0 5	0	5
	Why is the Powershell Modular Input not scheduling the script to run? Here is my inputs.conf: [powershell://checkdnsext] script = . "$SplunkHome\etc\apps\test_infra_dnsext_inputs\bin\che... by Kendo213 Communicator in Getting Data In 05-03-2018 0 2	0	2
	How to limit a data sent to indexers to only with certain windows EventCodes ? Hi , We have recently added a below stanza to monitor the windows power shell events and we have started getting the... by Hemnaath Motivator in Getting Data In 05-03-2018 0 19	0	19
	Why is Docker Splunk UF sending logs with 2 different hostnames? Docker-compose splunkuf: image: splunk/universalforwarder:7.0.2 network_mode: host environment: SP... by eddiemashayev Path Finder in Getting Data In 05-03-2018 0 1	0	1
	Do we lose data when an indexer crashes? Our standard universal forwarders, at the moment, specify in outputs.conf all the indexers of the cluster we have in ... by ddrillic Ultra Champion in Getting Data In 05-03-2018 0 7	0	7
	Configure multiple LINE_BREAKER strings? I have line breaks signified by 2 different strings. This works (keeping BK1 text as part of next event): LINE_BRE... by woodcock Esteemed Legend in Getting Data In 05-02-2018 0 5	0	5
	Automatic extraction of JSON fields doesn't work and have to use spath I have a distributed Splunk deployment and need to index JSON data, 1 object per row. Objects are serialized using Ne... by Motoko89 Path Finder in Getting Data In 05-02-2018 0 4	0	4
	Is there any way to disable the Splunk Universal Forwarder to generate the dump file, because I want to generate the dump on demand? Hi, I have installed the Splunk universal forwarder to store logs from my IIS WebServer in Splunk. The SplunkUnive... by Itaupinheirocam New Member in Getting Data In 05-02-2018 0 0	0	0
	Is it ok to mix volumes and paths in indexes.conf? Hi, we have three clustered indexers and are looking to leverage slow disks for the cold paths. I'm wondering if it... by jeski Engager in Getting Data In 05-02-2018 0 2	0	2
	Universal Forwarder Before I start this is a serious case of blind leading the blind. Currently we have a VMware running Windows Server ... by butlerm494 New Member in Getting Data In 05-02-2018 0 14	0	14