Getting Data In

Community Activity

Azure Kubernetes Service (AKS) - log ingestion with Splunk Hi,I am trying to understand the best/cost effective approach to ingest logs from Azure AKS in Splunk Enterprise with... by edoardo_vicendo Builder in Getting Data In 06-21-2024 1 2	1	2
Enable boot start of Splunk forwarder on oracle Linux 6.x Hi Team,Please help me whit the steps to enable boot start of Splunk forwarder on oracle Linux 6.x.Splunk forwarder v... by shabana_banu New Member in Getting Data In 06-21-2024 0 2	0	2
How to copy data from an index to another machine HiI have a use case that involves copying historical data from a 3-indexer cluster (6 months old) to another machine.... by _pravin Contributor in Getting Data In 06-21-2024 0 0	0	0
Cannot Ingest Prometheus Data: inputs.conf - recieving errors: btool does not list the stanza [prometheusrw]) Hello Splunk Community, I'm encountering an issue with ingesting data from a Prometheus remote_write_agent into Splun... by Network007 Loves-to-Learn Lots in Getting Data In 06-21-2024 0 0	0	0
How to forward DVWA logs into my splunk enterprise using spunk universal forwarder? I am practicing my attacks on the DVWA webserver and I would want to monitor the traffic logs from the DVWA into my s... by n_h40 Loves-to-Learn in Getting Data In 06-20-2024 0 0	0	0
Converting Date to first day of the week I am analyzing some .csvs which have a "date" field present. The .csvs are indexed, but the index time is pretty irre... by raysonjoberts Path Finder in Getting Data In 06-20-2024 0 3	0	3
Output to multiple destinations with one of them using discovery and different certificate authorities? Assume for the moment that these work individually:Outputs1[tcpout]defaultGroup = primary_indexersforceTimebasedAutoL... by VegasSplunky Loves-to-Learn in Getting Data In 06-20-2024 0 1	0	1
Troubleshooting Blacklists - Blocking subsets of EventCode 4688 I'm a bit new to Splunk; apologies if I miss anything obvious.I'm looking to selectively block events meeting a certa... by pscookiemonster Explorer in Getting Data In 06-20-2024 0 1	0	1
Logs Retention Hello,Is it possible to define the retention duration of logs (hot, warm and cold) If yes, how can this be done ? Or... by BRFZ Communicator in Getting Data In 06-20-2024 0 1	0	1
Copying over data to another index for longer retention Hi all,We are indexing different topics from our kafka cluster to an index say, index1. But we now have a requirement... by jpillai Path Finder in Getting Data In 06-19-2024 0 1	0	1
Getting isHttpOutConfigured=NOT_CONFIGURED in Splunkd logs I had defined the complete path in inputs.conf and restarted the Splunkforwarder but got error in Splunkd logs.Kindly... by prajwal_94 Explorer in Getting Data In 06-19-2024 0 4	0	4
Trouble with df.sh after upgrade to 9.2.1 since moving to 9.2.1, now my df.sh events are now a single event when searching. also notice the format is bad when ... by dbagdanoff Explorer in Getting Data In 06-19-2024 0 0	0	0
Path of props.conf and transforms.conf I'd like to monitor log files and ingest specific lines from these files. My props.conf and transforms.conf has no er... by prajnasaha Loves-to-Learn in Getting Data In 06-19-2024 0 2	0	2
Collecting server logs without installing Splunk UF? Hi ,How to collect server logs without installing the Splunk Universal forwarder. Because the server owned team is no... by karthi2809 Builder in Getting Data In 06-19-2024 0 3	0	3
trial trial by sintjm Path Finder in Getting Data In 06-19-2024 0 0	0	0
Event count is showing Zero I am new to splunk and observing the event count and current size showing a 0, even though we can search on the inde... by Namo Explorer in Getting Data In 06-18-2024 0 2	0	2
Display time in UTC We are trying to run a report that groups data by the UTC date of events occur. Our Heavy forwarders collect the data... by rtkelly Explorer in Getting Data In 06-18-2024 0 7	0	7
Field Extraction from Nested Json during Index time Hi All, TagData [ [-] { [-] Key: Application Value: Test_App } { [-] Key: Email ... by Poojitha Communicator in Getting Data In 06-18-2024 0 3	0	3
Inner Join Let say I have 2 lookup files , lookup1 has 50 values and other have 150 valuesso when I inner join lookup1 to look... by Siddharthnegi Contributor in Getting Data In 06-18-2024 0 1	0	1
Bitlocker Windows Events Inputs.conf I'm trying to get bitlocker events into Splunk. Below is what I have in the inputs.conf and it appears to not be work... by aleckostiner123 New Member in Getting Data In 06-17-2024 0 1	0	1
It does not search for Snort json alerts I installed Snort 3 JSON Alerts add-on. I made changes in inputs.conf (/opt/splunk/etc/apps/TA_Snort3_json/local) lik... by gruby_bolek Explorer in Getting Data In 06-17-2024 0 4	0	4
Splunk Add-on for Sysmon - Could not load lookup=LOOKUP-eventcode Hi,Following the official instructions https://apps.splunk.com/apps/id/Splunk_TA_microsoft_sysmon , Splunk Add-on for... by corti77 Contributor in Getting Data In 06-17-2024 0 4	0	4
HF can't reach splunk cloud I've created the HF, and set up the ip allow list. From the Azure Connection troubleshoot, the testing is successful,... by wxlcba Loves-to-Learn in Getting Data In 06-17-2024 0 2	0	2
saved searches i want to get list of scheduled saved searches with the name and the searches itself. can anybody help? by Siddharthnegi Contributor in Getting Data In 06-17-2024 0 2	0	2
Bro log ingestion and indexing Hey all super new to splunk administration - I'm having issues with the bro logs being indexed properlyI have 2 days ... by DarkMSTie New Member in Getting Data In 06-16-2024 0 1	0	1