Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
Elsurion

second instance of a heavy forwarder on the same system (UFW not able to connect)

Hi all I have a functional heavy forwarder on a systems, now i want a second heavy forwarder on the same system. I'...
by Elsurion Communicator in Getting Data In 02-19-2018
0 0
0
0
thilleso

Does HEC-data get buffered somewhere?

Hi, We're thinking about using HEC (either Serilog Sink or Splunk SDK .Net) to log from an API, insted of developin...
by thilleso Path Finder in Getting Data In 02-19-2018
0 1
0
1
ASISH_9

How to monitor files from a shared drive on a splunk instance on cloud?

We have our Splunk instance on cloud and to monitor each source type we have created a folder on a shared drive. Each...
by ASISH_9 Engager in Getting Data In 02-19-2018
0 9
0
9
shankeranollamu

Given the attached Data File (testData.csv), add it as a lookup file and create a dashboard showing a barchart showing the total number of visits received in 2016 vs 2017

Date Visitors Jul/14/2017 26 Jun/3/2017 34 Sep/30/2016 2 Jul/29/2017 71 Sep/9/2016 10 Jun/22/2017 40 Apr/21/2017...
by shankeranollamu New Member in Getting Data In 02-18-2018
0 2
0
2
sachinlohchab

How to Fetch key/value pair from webservice request?

Hi I need to fetch key/value pair values from below request.. please help like for Name key should return Siri for U...
by sachinlohchab New Member in Getting Data In 02-17-2018
0 5
0
5
lksridhar

What is the search query to get the events which are having linebreaking , data parsing, timestamp configuration issue?

Hi Folks, What is the search query to get the events details which are having line breaking, data parsing and timest...
by lksridhar Explorer in Getting Data In 02-17-2018
0 2
0
2
abhi04

Data is not being indexed?

I can't see my data being indexed. I have checked the outputs and inputs .confirm and the correct server and ports is...
by abhi04 Communicator in Getting Data In 02-17-2018
0 7
0
7
abhi04

How to not display the source only as a Atmchk1a for the entire path?

I have source below: /prod/app/atm/ATMCHKMI1a/logs/catalina.out /prod/app/atm/ATMCHKMI2a/logs/catalina.out /prod/app...
by abhi04 Communicator in Getting Data In 02-16-2018
0 10
0
10
Ghanayem1974

How to create a search that will identify when a user has downloaded hacking domain tools?

I don't have proxy logs, but I do have ids/firewalls etc and I want to create a search that will identify when a user...
by Ghanayem1974 Path Finder in Getting Data In 02-16-2018
0 2
0
2
tkwaller_2

How to move an index from a standalone host to a new environment with 2 indexers(no clusters)?

Hello Need to migrate data from a standalone env to a small distributed env. Honestly I really only need one index. ...
by tkwaller_2 Communicator in Getting Data In 02-16-2018
0 2
0
2
jwalzerpitt

How can I configure Heavy Forwarder to sent to two different Splunk instances?

I have the following Splunk architecture Server A has Splunk installed. It also has Sysmon installed, which I am fo...
by jwalzerpitt Influencer in Getting Data In 02-16-2018
1 9
1
9
Vetrikmr

Few forwarders not sending data

Hey everyone, I have installed UF agents in 180 servers and i have seen the data coming to splunk yesterday. But now ...
by Vetrikmr New Member in Getting Data In 02-16-2018
0 3
0
3
alexsmirnoff

How can I add a date range to dbquery based on search dates on interface?

Hello Can someone please tell me how to add a date range to dbquery. I wish the time range of the image (text boxes ...
by alexsmirnoff New Member in Getting Data In 02-16-2018
0 4
0
4
darksky21

monitoring all auth.log file

Hi i would like to monitor all auth.log file in my ubuntu system but there are many auth.log file (e.g. auth.log, aut...
by darksky21 Path Finder in Getting Data In 02-16-2018
0 4
0
4
daniel333

Anyone have a walk through or guide to rolling frozen buckets to Google Storage?

Al\ll, I've never had to roll to frozen before and we've moved to Google Cloud. Looking for a walk through on setti...
by daniel333 Builder in Getting Data In 02-15-2018
0 2
0
2
mhouse3

Why impliment load balancing on my forwarder if all my FW data is being forwarded to all of the indexers

If I have my outputs.conf file on all of my forwarders are configured to send all the data to all of the indexers wha...
by mhouse3 Path Finder in Getting Data In 02-15-2018
0 4
0
4
jennjoe1

MS IIS 2008 app, fields not being parsed with ms:iis:auto

I can write a custom field extractor that works on the search-head but having problems with the auto portion. Since ...
by jennjoe1 Explorer in Getting Data In 02-15-2018
0 3
0
3
ralam

Why am I getting the error "disabled" when I launch the deployment client page after a possibly successful deployment on Splunk 7.0?

Hi All, I just set up a deployment server, created server class and added a couple of deployment-apps and a forwarde...
by ralam Explorer in Getting Data In 02-15-2018
0 6
0
6
trumpjk

Why is My Splunk 7.0.2 Install Missing HTTP Event Collector Option?

I would like to setup HEC but do not see the option under Settings -> Data Inputs. What do I have to do to enable HEC...
by trumpjk Explorer in Getting Data In 02-15-2018
0 2
0
2
Mohsin123

Which index does search.log data populates in, in splunk?

Hi , Does anyone know which index does search.log data populates in? I find search.log during a job inspect, mostly...
by Mohsin123 Path Finder in Getting Data In 02-15-2018
1 3
1
3
Hemnaath

How to overwrite the host field value with dvc field value ?

Hi All, I have a request from the client to overwrite the host field value with the dvc field value from the interest...
by Hemnaath Motivator in Getting Data In 02-15-2018
0 29
0
29
samhodgson

How to map a custom App on a search head to a Remote Index on a indexer which is a separate physical server in a unclustered distributed deployment?

Hi, I've created a custom app on my search head and want to map it to an index on my indexer which is a separate phy...
by samhodgson Path Finder in Getting Data In 02-15-2018
0 0
0
0
hkmurali

Numpi import through Splunk script

I'm trying to parse a log file and written a python script to parse it However when I run it in Splunk search app, on...
by hkmurali New Member in Getting Data In 02-15-2018
0 3
0
3
rlaan

Linux servers: After upgrading from 6.2.0 to 7.2.0, will the 6.2.0 universal forwarders be able to communicate with the new 7.0.2 enterprise components?

We are considering upgrading from 6.2.0 to version 7.0.2 All the *nix servers will be upgraded but during the upgrade...
by rlaan Path Finder in Getting Data In 02-14-2018
0 4
0
4
ccsfdave

How to reduce the size of specific indexes?

Greetings, My indexers have run out of space and I have been reducing the maxHotSpanSecs, but it keeps filling up. ...
by ccsfdave Builder in Getting Data In 02-14-2018
0 6
0
6
Get Updates on the Splunk Community!

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2026-2027 SplunkTrust is officially open. If ...
Top Solution Authors
View All