Getting Data In

Thread Info

Converting large JSON response into smaller events and combine objects

I have a large JSON response that I need to split into smaller events as well as merge data from different points wit...

by Communicator in

Why do I instruct curl to look for data at my localhost eventhoug I pushed the data to splunk cloud?

I am using Splunk Cloud Trial version and I am trying out the curl to access REST APIs.However any data I need, I nee...

by Engager in

order of precedence and conflicts in input.conf

I would like to set up a splunk forwarder to listen for syslog connections (let's say on port 1514). I know specific ...

by Contributor in

Is ODBC 2.1.1 supported in Windows 10?

Is this driver supported under Windows 10? If not, what is the solution for that platform? Thank you, and have a g...

by New Member in

Why the following error while trying to save "Error while sending public key to search peer: Connection reset by peer"?

I logged on both the standalone indexer and search head as admin with full rights I verified that port 8089 is open o...

by New Member in

High CPU usage on UF

We've been noticing a high CPU use on a windows splunk forwarder that only has a simple monitor statement. The follo...

by Path Finder in

Couldn't uninstall Splunk Enterprise from Windows 2012 server.

Hi All, I have installed Splunk Universal forwarder & Splunk Enterprise (6.6.6) on a windows server machine. Howev...

by Path Finder in

Creating graphs on extracted values in a csv file

Hello All, I have a csv file which has values like this host, ports running 192.168.1.1, 80,8081,22 192.168.1.2...

by Engager in

How to enable audit logs in AIX (to record any administrative changes) and send it to splunk?

Currently we're able to get both syslog & audit logs - Linux:audit (sourcetype) logs from LINUX servers onto splunk p...

by New Member in

How to integrate SAP Gateway servers for monitoring in Splunk?

Hi We are working on SAP Netweaver Gateway Admin We are trying to explore Splunk and would like to monitor all ...

by New Member in

ERROR Sending email with sendemail, but alert emails work fine

I have my smtp server configured correctly and have setup and do receive plenty of alerts for scheduled searches. How...

by Motivator in

DMC not showing right partition volume

Hi, I see that DMC is unable to give the right volume usage for a particular partition. It is showing wrong partit...

by Builder in

Time format for 2016-25-11T00:00:0019:47:00

Hi the string "2016-25-11T00:00:0019:47:00" represents the time stamp in a logfile. I can figure that 2016-25-11 is %...

by Explorer in

When upgrading to Splunk enterprise 6.5.0 why am I receiving the error" KV Store changed status to failed, KVStore process terminated"?

I saw that resolution to the same issue had been posted: https://answers.splunk.com/answers/457893/after-upgrading-to...

by New Member in

Problem with creating an alert that compares a csv file with actual events

I am having a problem with creating an alert that compares a csv file with actual events. I have taken an asset recor...

by Path Finder in

Unified log - how to?

Hi, I would like to know if there is option to unify logs based on id or something else. For example: I have th...

by Path Finder in

Is it possible to use the "latest" time modifier as a field for calculations?

Hi, I would like to use the "latest" time modifier that is defined by the the timerange picker or in my base searc...

by Motivator in

Is there a way to change the Timezone (TZ) of OLD already indexed data

Dear Splunk Professionals, We have a requirement here to change/correct the TZ settings as few sourcetype are havi...

by Communicator in

Is the any comprehensive documentation on Splunk MINT Rest API ?

Hi, I have to consume Splunk MINT Rest API to fetch some insight related details. I have tested the endpoints and see...

by New Member in

Can I replace Splunk Universal Forwarder with Apache NiFi?

NiFi has a putSplunk processor that should do what I want (send data to an indexer) BUT it doesn't have any place ...

by Communicator in

export csv GUI mess up

on the Splunk query table, after click Export bottom of table(s1.png), then I got the attached picture(s2.png). it so...

by Explorer in

Problem finding knowledge objects

Has anyone had a problem using this REST endpoint? /services/directory This is supposed to return a list of all...

by New Member in

Heavy forwarder - routing to different indexes depending on field value

Hi everyone ! I'm new to Splunk and I'm trying to see what can be done with it. I was wondering if it was possible...

by Path Finder in

Is there a way to force a single deployment client to check in with the deployment server on demand?

Is there a way to force a deployment client to check in with deployment server on demand? During tests I normally...

by Builder in

Indexing data with a batch input, why are the sources and data still in the Splunk index after the file is deleted?

Hey Splunk Community, I am having some confusion about the [batch] input. I have read the documentation and though...

by New Member in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Converting large JSON response into smaller events and combine objects

Why do I instruct curl to look for data at my localhost eventhoug I pushed the data to splunk cloud?

order of precedence and conflicts in input.conf

Is ODBC 2.1.1 supported in Windows 10?

Why the following error while trying to save "Error while sending public key to search peer: Connection reset by peer"?

High CPU usage on UF

Couldn't uninstall Splunk Enterprise from Windows 2012 server.

Creating graphs on extracted values in a csv file

How to enable audit logs in AIX (to record any administrative changes) and send it to splunk?

How to integrate SAP Gateway servers for monitoring in Splunk?

ERROR Sending email with sendemail, but alert emails work fine

DMC not showing right partition volume

Time format for 2016-25-11T00:00:0019:47:00

When upgrading to Splunk enterprise 6.5.0 why am I receiving the error" KV Store changed status to failed, KVStore process terminated"?

Problem with creating an alert that compares a csv file with actual events

Unified log - how to?

Is it possible to use the "latest" time modifier as a field for calculations?

Is there a way to change the Timezone (TZ) of OLD already indexed data

Is the any comprehensive documentation on Splunk MINT Rest API ?

Can I replace Splunk Universal Forwarder with Apache NiFi?

export csv GUI mess up

Problem finding knowledge objects

Heavy forwarder - routing to different indexes depending on field value

Is there a way to force a single deployment client to check in with the deployment server on demand?

Indexing data with a batch input, why are the sources and data still in the Splunk index after the file is deleted?

Brains, Bytes, and Boston: Learn from the Best at .conf25

Splunk AppDynamics Agents Webinar Series

SplunkTrust Application Period is Officially OPEN!

Splunk Nutanix TA and Splunk Enterprise 9.3.4

Splunk Answers Content Calendar May 2025 🎉

Solaris UFs have different build hash than others

Edge Processor Destination not showing up in Pipel...

ERROR: Tor IP are not updating in lookup

Getting Data In

Are you a member of the Splunk Community?

Discussions