Getting Data In

Community Activity

Windows Event Log Configurations for Dual Forwarding Hi Splunkers,We have requirement to monitor wineventlogswith sourcename MSSQL and will be sent to different sets of I... by jaracan Communicator in Getting Data In 06-26-2024 0 0	0	0
Splunk HF DB Connect Cannot connect to Task Server Hi Splunk SMEs,Good day, we face an issue after some deployment in splunk and we cannot connect now to Splunk HF DB T... by mel_arce Engager in Getting Data In 06-25-2024 0 0	0	0
Auditbeat add-one does not sourcetype log Hi all,I recently installed this add-one on my cluster (hfs, idxs, shs). I copied props.conf and transforms.conf into... by sigma Path Finder in Getting Data In 06-25-2024 0 2	0	2
IndexTimeExtraction - Regex Substitue only on a specific group - sedcmd (SplunkCloud)-props.conf Input Event : [so much data exists in the same single line ] ,"Comments": "New alert", "Data": "{\"etype\":\"MalwareF... by vn_g Path Finder in Getting Data In 06-25-2024 0 7	0	7
how to drop events containing null values coming from a csv using transforms Hi I am getting some events from a csv which contains the below format and would like to drop such events using trans... by learnsplungeek Loves-to-Learn Everything in Getting Data In 06-24-2024 0 6	0	6
Extract value from json in props.conf Hi All,I want to extract email from json event in splunk.Query I am using is : index=*sec sourcetype=test \| eval ta... by Poojitha Communicator in Getting Data In 06-24-2024 0 1	0	1
Using only 1 event out of many duplicate events Greetings to you !!I have a file in which I have a following content :My city is very goodyour city is also very good... by abhaywdc Loves-to-Learn in Getting Data In 06-24-2024 0 1	0	1
How to fix CSV ingestion random cutoffs? I notice that CSV ingestion (from Splunk Web file upload) sometimes cuts off an event, possibly because one field is ... by yuanliu SplunkTrust in Getting Data In 06-24-2024 0 3	0	3
Migrating Heavy Forwarder to a new server Hi All,I have inherited a HF running on a Linux server collecting data from several cloud sources using the inputs fr... by cnuguri_ncc Path Finder in Getting Data In 06-24-2024 0 4	0	4
Need assist in setting json sourcetype I have been trying to get the following sourcetype into Splunk for PI. This whole stanza should go in as 1 event, bu... by NanSplk01 Communicator in Getting Data In 06-24-2024 0 8	0	8
how to rex comma with no data I hve few events where data is not available. Instead I see commas where head6 and head7 data is not availble. Need r... by ravir_jbp Explorer in Getting Data In 06-24-2024 0 1	0	1
Compression on Intermediate forwarder We have multiple forwarders sending data to an Intermediary forwarder and that IF is sending data to IDXs. IF is not ... by Nawab Communicator in Getting Data In 06-24-2024 0 3	0	3
splunkfwd user access to root owned logs Can anyone tell me the best practice for splunkfwd user to access others and root own dir/logs ? Not interested in c... by jcorcorans Explorer in Getting Data In 06-23-2024 0 1	0	1
Best Practice for Getting Data from Splunk Instances Into Indexer Cluster I have the following setup with Indexer Discovery + Indexer Cluster + Search Head Cluster:- Deployment Server- 3 X In... by Fortron Engager in Getting Data In 06-21-2024 0 2	0	2
Azure Kubernetes Service (AKS) - log ingestion with Splunk Hi,I am trying to understand the best/cost effective approach to ingest logs from Azure AKS in Splunk Enterprise with... by edoardo_vicendo Builder in Getting Data In 06-21-2024 1 2	1	2
Enable boot start of Splunk forwarder on oracle Linux 6.x Hi Team,Please help me whit the steps to enable boot start of Splunk forwarder on oracle Linux 6.x.Splunk forwarder v... by shabana_banu New Member in Getting Data In 06-21-2024 0 2	0	2
How to copy data from an index to another machine HiI have a use case that involves copying historical data from a 3-indexer cluster (6 months old) to another machine.... by _pravin Contributor in Getting Data In 06-21-2024 0 0	0	0
Cannot Ingest Prometheus Data: inputs.conf - recieving errors: btool does not list the stanza [prometheusrw]) Hello Splunk Community, I'm encountering an issue with ingesting data from a Prometheus remote_write_agent into Splun... by Network007 Loves-to-Learn Lots in Getting Data In 06-21-2024 0 0	0	0
How to forward DVWA logs into my splunk enterprise using spunk universal forwarder? I am practicing my attacks on the DVWA webserver and I would want to monitor the traffic logs from the DVWA into my s... by n_h40 Loves-to-Learn in Getting Data In 06-20-2024 0 0	0	0
Converting Date to first day of the week I am analyzing some .csvs which have a "date" field present. The .csvs are indexed, but the index time is pretty irre... by raysonjoberts Path Finder in Getting Data In 06-20-2024 0 3	0	3
Output to multiple destinations with one of them using discovery and different certificate authorities? Assume for the moment that these work individually:Outputs1[tcpout]defaultGroup = primary_indexersforceTimebasedAutoL... by VegasSplunky Loves-to-Learn in Getting Data In 06-20-2024 0 1	0	1
Troubleshooting Blacklists - Blocking subsets of EventCode 4688 I'm a bit new to Splunk; apologies if I miss anything obvious.I'm looking to selectively block events meeting a certa... by pscookiemonster Explorer in Getting Data In 06-20-2024 0 1	0	1
Logs Retention Hello,Is it possible to define the retention duration of logs (hot, warm and cold) If yes, how can this be done ? Or... by BRFZ Communicator in Getting Data In 06-20-2024 0 1	0	1
Copying over data to another index for longer retention Hi all,We are indexing different topics from our kafka cluster to an index say, index1. But we now have a requirement... by jpillai Path Finder in Getting Data In 06-19-2024 0 1	0	1
Getting isHttpOutConfigured=NOT_CONFIGURED in Splunkd logs I had defined the complete path in inputs.conf and restarted the Splunkforwarder but got error in Splunkd logs.Kindly... by prajwal_94 Explorer in Getting Data In 06-19-2024 0 4	0	4