Getting Data In

Discussions

Thread Info

How to detect email attachment content, size, name, etc from Microsoft Exchange server logs?

I have been tasked with increasing the logging coming from our Exchange servers. One of the requests is to include lo...

by Path Finder in

Using 'set diff' to compare searches, but outputting multiple columns

I created a search that'll display the difference between two searches using 'set diff' - I initially set it to compa...

by Path Finder in

How to install the Splunk forwarder on a BlueCat DNS/DHCP Server?

Has anyone successfully installed the Splunk Forwarder on a BlueCat DNS/DHCP Server or otherwise got full DNS logging...

by New Member in

Network Monitoring between Enterprise Security Search Head and Indexers

Is it possible set up a monitoring of the data transfer rates between search head and indexer. We are especially int...

by Engager in

Why are my logs sent to the default index?

Greetings all, I am new to Splunk and trying to know my way around it. I created a home lab environment with the ...

by Explorer in

Configuring Splunk Supporting Add-on for Active Directory (SA-LDAPSearch)

Hello, I'm in the process of configuring the Splunk App for Windows Infrastructure on our Splunk Cloud. One componen...

by Path Finder in

ESXI VMware Login Tracking

Hello, how can i track login and logout from ESXi 5.5? At the moment i configured a Syslog to forward logs from...

by Path Finder in

Can I test SECCMD from command line using oneshot?

I am attempting to test a SEDCMD for event manipulation and it does not appear this is possible via oneshot? When I t...

by Path Finder in

time format in log4j

Hi at all, I have a strange question, strange because it should be easy but it doesn't run! I have log4j logs with a ...

by Esteemed Legend in

How to make Splunk read my files faster?

I have a folder of 100 1GB files on a forwarder that I need to get into Splunk ASAP via a monitor://. One forwarder, ...

by Motivator in

Universal forwarder parsin

Hello guys i am new at splunk and i am using splunk cloud trial I have a log file like this, and my event so. 2017...

by New Member in

Unable to configure Sybase audit logs with DB Connect 3 on Splunk 6.6

I am trying to configure Sybase sysaudits_01 table with DB connect in SPlunk. sysaudits_01 table has eventtime column...

by Explorer in

Splunk Forwarder Configuration?

Hi Everyone, Need some help on configuration of Splunk forwarder. I have multiple log files under a directory. ...

by Path Finder in

duplicate data when monitoring a directory

Logs land in the logfile on the syslog server and logrotate/timestamp.script runs to roll the logs. The problem I am ...

by Contributor in

extract fields from json array with multivalue and sub-array

Here is my sample data { "applications": [ { "id": 2537302, "name": "addressdb_prod", "lan...

by Contributor in

JSON to table with multi-value fields.

Hi, all. I have a REST input configured and ingesting long events in JSON format. A sample event can be looked her...

by Builder in

Extracting Fields and Values from JSON Data

I have the following Dataset: { "createFormInstanceRequest": { "formId": "xxxxxxxxxxxxxxxxxxxxxxx", ...

by Explorer in

Timestamp mismatch occurring from events with the Splunk timestamp .

Hi Please help me fix this would like to consider the TIME stamp extracted from the events , but i see two different ...

by Path Finder in

Unable to filter WinEventLog inputs with RenderXml and XML character entities within pattern

Filter attempts (whitelist or blacklist) on Message key value data appear to behave differently when renderXml = True...

by Builder in

After an upgrade to latest splunk version to the UF agents, we could see duplicate host name being populated in the Forwarder Management console?

Hi All, Recently we have upgraded all the UF agent to the latest version 6.6.1 and after the upgrade, we could see so...

by Motivator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

How to detect email attachment content, size, name, etc from Microsoft Exchange server logs?

Using 'set diff' to compare searches, but outputting multiple columns

How to install the Splunk forwarder on a BlueCat DNS/DHCP Server?

Network Monitoring between Enterprise Security Search Head and Indexers

Why are my logs sent to the default index?

Configuring Splunk Supporting Add-on for Active Directory (SA-LDAPSearch)

ESXI VMware Login Tracking

Can I test SECCMD from command line using oneshot?

time format in log4j

How to make Splunk read my files faster?

Universal forwarder parsin

Unable to configure Sybase audit logs with DB Connect 3 on Splunk 6.6

Splunk Forwarder Configuration?

duplicate data when monitoring a directory

extract fields from json array with multivalue and sub-array

JSON to table with multi-value fields.

Extracting Fields and Values from JSON Data

Timestamp mismatch occurring from events with the Splunk timestamp .

Unable to filter WinEventLog inputs with RenderXml and XML character entities within pattern

After an upgrade to latest splunk version to the UF agents, we could see duplicate host name being populated in the Forwarder Management console?

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

Missing Windows "WinEventLog:Security" event log...

SSL: UNKNOWN_PROTOCOL Error with Gitlab Auditor TA

Help with MSSQL JDBC driver incompatibility error?

How to configure Azure functions to pass the loggi...

Is it possible to send Jenkins custom logger to Sp...