Getting Data In

Community Activity

Filter events to nullQueue Hi!I am faced with the following problem. I need to filter the logs that I receive from the source. I get the logs vi... by ivan123357 Explorer in Getting Data In 03-21-2024 0 1	0	1
SC4S: parsing_err="Incorrect index, index='main'" Hi all,I've setup am SC4S just to forward nix:syslog events.In local/context/splunk_metadata.csv:nix_syslog,index,the... by pepitogrillospl Loves-to-Learn Lots in Getting Data In 03-21-2024 0 3	0	3
Unable to Receive Data from universal forwarder to splunk server Dear All, I have recently deployed Universal forwarder on Ubuntu and and the server on other Linux machine. I am unab... by AmyShah Loves-to-Learn in Getting Data In 03-21-2024 0 4	0	4
Monitoring Cisco FlexVPN Tunnels There seems to be a lot of information about other Cisco VPN technologies (ASA/Firepower/Anyconnect) but I am not fin... by VegasSplunky Loves-to-Learn in Getting Data In 03-21-2024 0 2	0	2
Splunk Priority Hi All, Just wanted to know we have splunk ES and we use servicenow to triggered alert now my question is if there ar... by debjit_k Path Finder in Getting Data In 03-21-2024 0 3	0	3
Splunk Add-on for Cisco ASA hi, after installing this plugin, i have errors on every search, realted to cisco or not... Always see this errors: C... by vmicovic2 Explorer in Getting Data In 03-21-2024 0 11	0	11
Firewall logs validation in SPlunk We have multiple firewalls and different locations and each location we have syslog collector server and its forward ... by sankardevarajan Path Finder in Getting Data In 03-21-2024 0 0	0	0
Windows event logs not sending to splunk log collector Hello Freinds,Current setup - we have multiple locations in Europe, and each location we have multiple windows server... by sankardevarajan Path Finder in Getting Data In 03-21-2024 0 2	0	2
Splunk Data Model Data, To combine or to segregate Hello,I have been working on Splunk for a few months now, and we are using Splunk mainly for Cyber Security monitorin... by yh Path Finder in Getting Data In 03-20-2024 0 15	0	15
No 100% results I have a report with a table where I am showing uptime availability of various products. Currently the table is retu... by bullbasin Explorer in Getting Data In 03-20-2024 0 5	0	5
Using Custom option for ingesting VPC flow logs into Splunk Hello there, We are looking to use the Custom option to send vpc flow log data to Splunk Cloud. Previously we were us... by paleewawa Explorer in Getting Data In 03-20-2024 0 0	0	0
Splunk UF ingestion errors - cannot open some files Hello to everyone!I have many FlexEngine.log files in different directories that are ingested by Splunk UF 9.0.8The p... by NoSpaces Contributor in Getting Data In 03-20-2024 0 10	0	10
Log file with CRLF not producing multiple indexed events I'm using Splunk Enterprise 9 on Windows Server 2019 and monitoring a simple log file that has CRLF lines endings and... by shocko Contributor in Getting Data In 03-20-2024 0 6	0	6
How to search with time specified in milliseconds I have two timestamps in milliseconds: start=1710525600000, end=1710532800000. How can I search for logs between thos... by Daniel24 Explorer in Getting Data In 03-20-2024 0 11	0	11
UF on DC+DNS Server not forwarding Dynamic DNS Update events I have the following stanza in etc\system\local\inputs.conf. However I don't see dynamic DNS update events being forw... by billy Loves-to-Learn Everything in Getting Data In 03-20-2024 0 7	0	7
Indexing issue- Why is data going on and off? Hi Team, We are ingesting data from syslot to splunk using Cyberark App . Data is going ON and OFF even though data... by ssuluguri Path Finder in Getting Data In 03-19-2024 0 4	0	4
Adding text file into splunk I have a script containing ip and value. Sh basic.sh>>sample.out Know to get the logs i need to add this sample.out f... by prathapkcsc Explorer in Getting Data In 03-19-2024 0 11	0	11
Unable to get SEDCMD to mask SSNs (on Indexer) Hello, I am testing using SEDCMD on a single Splunk server architecture.Below is the current configuration which is p... by srseceng Explorer in Getting Data In 03-19-2024 0 14	0	14
Splunk query to find systems with wireshark installed Is there a way to use Splunk to find out if wireshark is installed on any of the systems? Is there a query for this by lexesco99 Engager in Getting Data In 03-19-2024 0 2	0	2
Unable to drop windows XML formatted events Dears, I'm trying to filter out XML formatted events and below is sample event and REGEX which we used: Sample Even... by Suraj1 Loves-to-Learn in Getting Data In 03-19-2024 0 2	0	2
Need help in displaying process status in Dashboard from the mentioned log entries Hi Splunk experts,I am looking to display status as Green/Red in Splunk dashboard after comparing the values of Up &... by Sishad Explorer in Getting Data In 03-18-2024 0 1	0	1
Windows: Installed Splunk Enterprise but cannot launch I installed the Enterprise version for Windows, but when I try to launch it, I get: "Not Found HTTP Error 404. The ... by vanderl3 New Member in Getting Data In 03-18-2024 0 4	0	4
Split sourcetype + indexed fields I have an issue with adding indexed fields to each of the new (splatted) sourcetype:Configuration that "duplicated" i... by michael_vi Path Finder in Getting Data In 03-18-2024 0 3	0	3
Time drift between logs and time column Hi all,I have installed and configured fortiweb for splunk app. The problem is that the time in the log is correct, ... by sigma Path Finder in Getting Data In 03-18-2024 0 2	0	2
Why are universal forwarders reporting error "Metric with the name thruput:thruput already registered"? Hi there, By examining the _internal logs I found the following, Metric Error: ERROR Metrics - Metric with name thr... by pilzi81 Explorer in Getting Data In 03-18-2024 20 9	20	9