Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
coenvandijk

Windows: How can I incorporate a PowerShell script into my search?

I'm working on a search over our Windows events to analyze the changes to permissions on files and directories: index...
by coenvandijk Observer in Getting Data In 08-09-2017
0 1
0
1
seanaldo

How can I create a list of network devices?

Hi, I want to create a list of the IP addresses in our environment against the host DNS name. Cheers, Sean
by seanaldo New Member in Getting Data In 08-09-2017
0 2
0
2
anupam491

How to forward logs with Splunk Universal Forwarder for the files with no header and logs should be in form of key/value

I have a Splunk Forwarder setup already on my host. I have certain files on folder (/tom/mike/). File names are star...
by anupam491 Engager in Getting Data In 08-09-2017
0 16
0
16
jredsama

How do I complete a search including common and unique data fields from two different sources?

Hello, I would like to run a query that includes results from our main index as well as an uploaded CSV. I don't thi...
by jredsama New Member in Getting Data In 08-09-2017
0 2
0
2
niwebadmin

How to index a log that was missing for a specific date in the past?

Hey Guys, We have a log for a specific index that was missing during an outage and we got it recovered. Obviously th...
by niwebadmin New Member in Getting Data In 08-09-2017
0 6
0
6
karakutu

Why is my "/usr/bin/last" script not working?

i have problem with my basic script. ist connnten only #!/bin/sh /usr/bin/last i updated also my default/inputs....
by karakutu Path Finder in Getting Data In 08-09-2017
0 7
0
7
kreng

What is the compression ratio between the forwarders and indexers?

I need the approximate compression ratio of the data forwarded to indexers.
by kreng New Member in Getting Data In 08-09-2017
0 3
0
3
ddrillic

How can we find out whether a set of forwarders are connected to all indexers?

Is there a way to find out whether a set of forwarders are connected to all intended indexers? On a regular basis we ...
by ddrillic Ultra Champion in Getting Data In 08-09-2017
0 8
0
8
tusharsaran1

Recursively monitor files in current directory and subdirectories upto a specified maxDepth

Is it possible to recursively monitor the files in a directory tree but only till a specified maxDepth? Example: I ha...
by tusharsaran1 Path Finder in Getting Data In 08-09-2017
0 2
0
2
brent_weaver

Modify Splunk user role via the REST API

I have about 125 accounts I need to change the role on. This has to be possible via the REST API. Any thoughts from a...
by brent_weaver Builder in Getting Data In 08-09-2017
1 4
1
4
zach_sawyerS24

On a Linux host, is a Splunk user account needed if you are running forwarder as root?

Hello, On a Linux host, in which we are installing universal forwarder (using rpm installer), if we install and plan...
by zach_sawyerS24 Engager in Getting Data In 08-09-2017
0 5
0
5
kpavan

Block Specific host/ip on indexer

Hi, I want to block the specific host/ip which sending logs to indexers for a time being later would need to enable ...
by kpavan Path Finder in Getting Data In 08-09-2017
0 7
0
7
preotesoiu

Search to show license usage at heavy forwarder level

Hello, I have a search similar with below which provide a total of 2868 GB usage for last 24 hrs. index=_internal s...
by preotesoiu Path Finder in Getting Data In 08-09-2017
0 2
0
2
MedralaG

Copy the value of a metadata filed to a new field at Index time

I have some network devices sending logs to a syslog server that has a UF installed. The 'host' field is populated wi...
by MedralaG Communicator in Getting Data In 08-09-2017
0 5
0
5
timfrostmann

Export/Import a source type

Does Splunk provide a way to export/import a source type?
by timfrostmann Engager in Getting Data In 08-08-2017
0 1
0
1
waltz

Can we configure multiple IP's in hunk virtual index configuration with the latest Hunk Cassandra Connector?

We have DSE Cassandra v5.0.8 running in multiple node IP's as a cluster setup. And, we have used the datastax provide...
by waltz Explorer in Getting Data In 08-08-2017
0 3
0
3
sshres5

BeyondTrust Retina logs through Splunk HTTP Event Collector

I am trying to on board Retina logs through HTTP Event Collector, however I am not having any luck on it. Firewall h...
by sshres5 Communicator in Getting Data In 08-08-2017
0 13
0
13
ktn01

How to drop event comming from host template*

Hello, I have to drop all events received from hosts named template* I have created an app on indexer with the follo...
by ktn01 Path Finder in Getting Data In 08-08-2017
0 1
0
1
dominiquevocat

Splunk REST API: Issue wtih flattening JSON-formatted results

So I call the Splunk REST API and collect results in JSON format and that is kind of okay. Then I would like to pass ...
by SplunkTrust SplunkTrust in Getting Data In 08-08-2017
0 5
0
5
TheJagoff

After Thawing Data, how do you "Re-Freeze" it?

Hello, I have tested thawing data with good results. My question is - How do you refreeze it after you are done revi...
by TheJagoff Communicator in Getting Data In 08-07-2017
0 4
0
4
ddrillic

Why sometimes sourcetype doesn't appear under Selected Fields?

For most data sources in our set-up, sourcetype appears under Selected Fields, but there are cases in which it appear...
by ddrillic Ultra Champion in Getting Data In 08-07-2017
0 2
0
2
sarwshai

Missing logs from splunk?

Specifically the winEventlog:security have vanished from my search results for approximately two three months, but cu...
by sarwshai Communicator in Getting Data In 08-07-2017
0 7
0
7
tamduong16

How do I remove all double quotes from splunk data?

My data read into splunk with all double quote around them. How can I delete all of these double quotes from splunk? ...
by tamduong16 Contributor in Getting Data In 08-07-2017
0 2
0
2
JScordo

How to detect email attachment content, size, name, etc from Microsoft Exchange server logs?

I have been tasked with increasing the logging coming from our Exchange servers. One of the requests is to include l...
by JScordo Path Finder in Getting Data In 08-07-2017
0 3
0
3
sepkarimpour

Using 'set diff' to compare searches, but outputting multiple columns

I created a search that'll display the difference between two searches using 'set diff' - I initially set it to compa...
by sepkarimpour Path Finder in Getting Data In 08-07-2017
0 6
0
6
Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...
Top Solution Authors
View All