Getting Data In

Community Activity

Windows event logs not sending to splunk log collector Hello Freinds,Current setup - we have multiple locations in Europe, and each location we have multiple windows server... by sankardevarajan Explorer in Getting Data In 03-21-2024 0 2	0	2
Splunk Data Model Data, To combine or to segregate Hello,I have been working on Splunk for a few months now, and we are using Splunk mainly for Cyber Security monitorin... by yh Path Finder in Getting Data In 03-20-2024 0 15	0	15
No 100% results I have a report with a table where I am showing uptime availability of various products. Currently the table is retu... by bullbasin Explorer in Getting Data In 03-20-2024 0 5	0	5
Using Custom option for ingesting VPC flow logs into Splunk Hello there, We are looking to use the Custom option to send vpc flow log data to Splunk Cloud. Previously we were us... by paleewawa Explorer in Getting Data In 03-20-2024 0 0	0	0
Splunk UF ingestion errors - cannot open some files Hello to everyone!I have many FlexEngine.log files in different directories that are ingested by Splunk UF 9.0.8The p... by NoSpaces Contributor in Getting Data In 03-20-2024 0 10	0	10
Log file with CRLF not producing multiple indexed events I'm using Splunk Enterprise 9 on Windows Server 2019 and monitoring a simple log file that has CRLF lines endings and... by shocko Contributor in Getting Data In 03-20-2024 0 6	0	6
How to search with time specified in milliseconds I have two timestamps in milliseconds: start=1710525600000, end=1710532800000. How can I search for logs between thos... by Daniel24 Explorer in Getting Data In 03-20-2024 0 11	0	11
UF on DC+DNS Server not forwarding Dynamic DNS Update events I have the following stanza in etc\system\local\inputs.conf. However I don't see dynamic DNS update events being forw... by billy Loves-to-Learn Everything in Getting Data In 03-20-2024 0 7	0	7
Indexing issue- Why is data going on and off? Hi Team, We are ingesting data from syslot to splunk using Cyberark App . Data is going ON and OFF even though data... by ssuluguri Path Finder in Getting Data In 03-19-2024 0 4	0	4
Adding text file into splunk I have a script containing ip and value. Sh basic.sh>>sample.out Know to get the logs i need to add this sample.out f... by prathapkcsc Explorer in Getting Data In 03-19-2024 0 11	0	11
Unable to get SEDCMD to mask SSNs (on Indexer) Hello, I am testing using SEDCMD on a single Splunk server architecture.Below is the current configuration which is p... by srseceng Explorer in Getting Data In 03-19-2024 0 14	0	14
Splunk query to find systems with wireshark installed Is there a way to use Splunk to find out if wireshark is installed on any of the systems? Is there a query for this by lexesco99 Engager in Getting Data In 03-19-2024 0 2	0	2
Unable to drop windows XML formatted events Dears, I'm trying to filter out XML formatted events and below is sample event and REGEX which we used: Sample Even... by Suraj1 Loves-to-Learn in Getting Data In 03-19-2024 0 2	0	2
Need help in displaying process status in Dashboard from the mentioned log entries Hi Splunk experts,I am looking to display status as Green/Red in Splunk dashboard after comparing the values of Up &... by Sishad Explorer in Getting Data In 03-18-2024 0 1	0	1
Windows: Installed Splunk Enterprise but cannot launch I installed the Enterprise version for Windows, but when I try to launch it, I get: "Not Found HTTP Error 404. The ... by vanderl3 New Member in Getting Data In 03-18-2024 0 4	0	4
Split sourcetype + indexed fields I have an issue with adding indexed fields to each of the new (splatted) sourcetype:Configuration that "duplicated" i... by michael_vi Path Finder in Getting Data In 03-18-2024 0 3	0	3
Time drift between logs and time column Hi all,I have installed and configured fortiweb for splunk app. The problem is that the time in the log is correct, ... by sigma Path Finder in Getting Data In 03-18-2024 0 2	0	2
Why are universal forwarders reporting error "Metric with the name thruput:thruput already registered"? Hi there, By examining the _internal logs I found the following, Metric Error: ERROR Metrics - Metric with name thr... by pilzi81 Explorer in Getting Data In 03-18-2024 20 9	20	9
can't find data 我現在遇到一個問題，我在SH放置好一個apps並連到uf上，在uf上也有監控到資料路徑，但我在search時就沒有辦法找以下是我的 inputs.conf： [monitor:///tutorialdata/www*/access.... by ryanaa Explorer in Getting Data In 03-17-2024 0 1	0	1
Transforms and Props for Linux Syslog Filtering Hello, Our customer has decided to end use of Splunk in lieu of Sumo Logic, but we are looking to keep up internal us... by gkstev87 Loves-to-Learn Lots in Getting Data In 03-16-2024 0 5	0	5
Extract timestamp from two json fields I need to extract timestamp from a JSON log where date and time are on two separate fields. Example below: { "Date"... by alec_stan Explorer in Getting Data In 03-16-2024 0 1	0	1
Issue excluding Windows events for a specific new process Hi Folks, I'm running into trouble excluding new process creation events for Teams from being indexed. It's an expect... by SplunkUser5 Explorer in Getting Data In 03-15-2024 0 7	0	7
pfsense logs to splunk I want to get pfsense logs to splunk to make some analysis.I tired this method "https://www.jaycroos.com/splunk-to-mo... by Navaneedhan Observer in Getting Data In 03-15-2024 0 1	0	1
Splunk licensing for Splunk Cloud Hi all, could someone please explain how licensing works for both Events and Metrics in Splunk Cloud. I've looked at ... by IAskALotOfQs Path Finder in Getting Data In 03-15-2024 0 1	0	1
How to edit my WinRegMon configuration to filter out certain Windows registry events? Hello! I need some help filtering Windows registry events in Splunk. Here is my inputs.conf file [WinRegMon://defa... by lelandtheg Engager in Getting Data In 03-15-2024 1 2	1	2