Getting Data In

Community Activity

	How do use the Splunk REST API to update macros that live under a different app? Hiya, I'm trying to use the Splunk REST API to update macros that I've recently had to move to live under a different... by starbuck New Member in Getting Data In 04-18-2024 0 1	0	1
	What is the server role of heavy forwarder and indexers in cluster? In the monitoring console what is the best practice of server role for heavy forwarders? I used Indexer but not sure ... by dkrichards16 Path Finder in Getting Data In 04-18-2024 0 6	0	6
	SQS-Based-S3 Input for Cloudtrail black list events I'm currently using SQS Based s3 input for cloudtrail and I'm trying to drop nosey events such as GET and LIST.The do... by pstephens93 Explorer in Getting Data In 04-17-2024 0 1	0	1
	What are the blacklist/config options to stop events from being transferred across the network to the Indexer I have a cloud-based server sending events to the Indexer over my WAN link via Http Event Collector (HEC). We have l... by rob_gibson Path Finder in Getting Data In 04-17-2024 0 10	0	10
	appserver folder is not created automatically I am a beginner in splunk and I have created a new app in the Splunk Enterprise.I am not able to see appserver folder... by dhruvisha2345 Engager in Getting Data In 04-17-2024 0 2	0	2
	Unusable Filesystem I'm setting up a lab instance of Splunk Ent in prep to replace our legacy instance in a live environment and getting... by jessieb_83 Path Finder in Getting Data In 04-17-2024 0 5	0	5
	How to read cloudtrail logs from an s3 bucket? I know there is Splunk Add-on for AWS, but I heard there is a simpler and easier way to read the buckets directly wit... by dc18 Explorer in Getting Data In 04-16-2024 0 2	0	2
	Splunk onboarding Custom Views from EventViewer Hello, I am trying to create a custom view (also via Xpath) from EventViewer and later insert it into Splunk via a "W... by dc17 Explorer in Getting Data In 04-16-2024 0 5	0	5
	Extract fields from json and nested json I am using regex to extract the field from the below json data. I want to extract the fields in key-value pair specia... by gemrose Explorer in Getting Data In 04-16-2024 0 2	0	2
	Limitation of Heavy Forwarder outputs? I wonder if a Heavy Forwarder can be the intermediate instance among 1000 Universal Forwarders and 1000 Indexers? The... by LuanNguyen Engager in Getting Data In 04-15-2024 0 3	0	3
	How to configure fortinet fortigate add on if using syslog server UF to get logs into indexer from fortigate analyzer? Hello All,We have log flow from fortigate to splunk as follows:Fortigate Analyzer> Syslog server with UF>Deployment s... by Satyams14 Loves-to-Learn Lots in Getting Data In 04-15-2024 0 1	0	1
	Underscore in props.conf stanza with source meta key Hi Splunkers, I have a doubt about underscores and path in props.conf.Suppose, in my props.conf, I have:[source::/aaa... by SplunkExplorer Contributor in Getting Data In 04-15-2024 0 1	0	1
	How to configure Splunk forwarder to receive FortiGate logs? I have a Splunk universal forwarder installed. The Splunk Enterprise is seeing the forwarder, now I want to send netw... by jejohnson New Member in Getting Data In 04-14-2024 0 4	0	4
	How to configure an app's outputs.conf to forward data to a specific indexer? Hi Experts, We deployed 4 apps on Splunk Universal Forwarder. 3 apps having same outputs.conf and sending data to sa... by chanduira Explorer in Getting Data In 04-14-2024 0 7	0	7
	is my syslog-ng wrong ? 我想使用 syslog-ng 將資料從通用轉寄器輸入到我的搜尋頭我將使用 TCP，但我不知道哪裡出了問題，我無法在搜索頭中顯示我的數據這是我的syslog-ng splunk.conf template syslog { ... by ryanaa Explorer in Getting Data In 04-12-2024 0 1	0	1
	TIME_PREFIX Can you please let me know the TIME_PREFIX & TIME_FORMAT for the below log type.00:0009:00000:00000:2024/04/12 12:14... by sathiyasun Explorer in Getting Data In 04-12-2024 0 1	0	1
	Problems with parsing Windows Event Log and CIM Model In some cases, I encounter problems with parsing data using CIM datamodel on windows event log data. For example, wh... by KrumTym Loves-to-Learn Lots in Getting Data In 04-12-2024 0 2	0	2
	Manipulating raw data - Multiple Per-Event Index Routing not working Hi Splunkers, I have a problem with a Per-Event Index Routing use case.In involved environment, there are some data c... by SplunkExplorer Contributor in Getting Data In 04-12-2024 0 1	0	1
	Having trouble getting started I installed spunk enterprise on a server named s1. I installed a forwarder on server f1.Both Windows Server 2019.Whe... by dc18 Explorer in Getting Data In 04-11-2024 0 3	0	3
	Using python to query splunk and get SID - error 404 I have this query (below): 1) When I run this query in Splunk web, I get back SID and get data using SID. 2) When I u... by nisheethbaxi Loves-to-Learn in Getting Data In 04-11-2024 0 1	0	1
	Streaming data into Splunk for Analytics Hello!As a newcomer to the world of IT and Cyber Security, i am having some trouble.I am trying to set up a splunk ho... by Keblorki Engager in Getting Data In 04-11-2024 0 1	0	1
	How do you send a Splunk report to a network drive? Hello, I have a user wanting to send a Splunk report (.csv) to a network drive. I read your post on "Trigger a PDF v... by arock New Member in Getting Data In 04-11-2024 0 4	0	4
	Splunk KnowBe4 Integration I was wondering if any one has successfully onboard KnowBe4 data? I don't see a TA or App on Splunkbase. by BluFalcon Engager in Getting Data In 04-11-2024 0 1	0	1
	Sourcetype cloning - logs stopped Hi allAfter temptative for troubleshooting my issue alone, I will try my luck here.Purpose : clone one sourcetype to ... by Nicolas2203 Path Finder in Getting Data In 04-11-2024 0 6	0	6
	Why is there a certificate issue while integrating SAP CPI with Splunk Trail account? Hi Team, I am facing below error while integrating SAP CPI with Splunk through HEC. Error in SAP CPI: javax.net.ssl.S... by poornimasai Observer in Getting Data In 04-10-2024 0 1	0	1