Getting Data In

Discussions

Thread Info

JSON Key/Field Extraction

I have a json formatted output, which according to jsonlint.com is valid JSON.... but, am having problems extracting ...

by Explorer in

Cloning Data on a Heavy Forwarder

by Engager in

Alfresco Logs need to be injected in to Splunk Cloud

We have the Alfresco Application as a SaaS Application, we can get the logs through the Alfresco APis. Would like to...

by Engager in

RenderXML via wmi stanza

Hi everyone, is there a possibility to get data in with renderXML=true via wmi.conf stanza? Thanks for helpi...

by Path Finder in

Masking

Hello SPlunkers!! I want to mask below client secret event and for that i am using SEDCMD in props.conf. It is ...

by Communicator in

how to integrate xml file from ftp server to splunk

Dear Members, Please go through my problem statement and suggest the solution how i can achieve this with Splunk to...

by Observer in

Are logs still kept locally?

Brand new to using the Universal Forwarder, and Splunk in general. Question: When using the forwarder/monitor...

by Engager in

indexes not passing data alerts

im trying to set up an alert that will mail me when one of my indexes hasn't passed any data for the last 3 hours, an...

by Observer in

Copy index data between different, not connected instances

Hello Splunkers. I have a question: we are now moving from old servers to new ones. We had 5 indexers, not clustere...

by Path Finder in

How do I capture both IP (ip_address) and hostname (host) information in my logs?

Hello all. I am trying to capture BOTH IP address info AND hostname in my logs. This data needs to be part of the...

by Communicator in

Curl Hec Dns not working

Hi, Actually am trying to send data to hec in splunk where the our splunk is mapped with the dns, but am facing...

by Observer in

Windows Event filtering on Heavy-Forwarder

I am ingesting 100 windows machines and the events that are affecting my license consumption the most are 5156,5157,5...

by Contributor in

I need to onboards linux and window to itsi

Hello , I need to onboards linux and window to itsi. 1) I have installed UF on linux and addon Unix and splun...

by Explorer in

Facing issue with indexer

Hi All, One of our indexer is going down very frequently and i have observed this below error in the dmesg logs ...

by Explorer in

regexp in Splunk

I tried to find a solution in order to parse some URL to obtain the base but it seems that I cannot succeed. For th...

by Explorer in

limit the data size in Docker with maxTotalDataSizeMB does not work

I am learning Splunk and I have built the following test environment in Docker: Splunk server running in a containe...

by Explorer in

How to use Organizational CloudTrail with Trumpet?

Hello Splunk Community, would you have any advice or recommendations on how to use Trumpet with an organizational Clo...

by Engager in

Sysmon TA vs Splunk TA windows

Hey, We do have Sysmom installed on our Windows servers and workstationsA quick description of what sysmon is from ...

by Explorer in

add on for cisco devices

please suggest the add on used to get pharse data for the following devices, 1. Cisco Switches2. Cisco WLC3. Ci...

by Loves-to-Learn Everything in

FreeBSD 12+ Universal Forwarder

Hi all, I've noticed that the last Universal Forwarder for FreeBSD available is for 11.3 but FreeBSD is now up to 1...

by Explorer in

*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:
SOAR (f.k.a. Phantom) >>
Enterprise Security >>
Splunk Enterprise or Cloud for Security >>
Observability >>

Or Learn More in Our Blog >>

Getting Data In

Discussions

JSON Key/Field Extraction

Cloning Data on a Heavy Forwarder

Alfresco Logs need to be injected in to Splunk Cloud

RenderXML via wmi stanza

Masking

how to integrate xml file from ftp server to splunk

Are logs still kept locally?

indexes not passing data alerts

Copy index data between different, not connected instances

How do I capture both IP (ip_address) and hostname (host) information in my logs?

Curl Hec Dns not working

Windows Event filtering on Heavy-Forwarder

I need to onboards linux and window to itsi

Facing issue with indexer

regexp in Splunk

limit the data size in Docker with maxTotalDataSizeMB does not work

How to use Organizational CloudTrail with Trumpet?

Sysmon TA vs Splunk TA windows

add on for cisco devices

FreeBSD 12+ Universal Forwarder

Why did Paloalto URL-Filtering Logs size started g...

Azure Authentication Logs - Authentication Method ...

How to add setup parameters to a new shell input i...

I developed an application to process Nessus data ...

Splunk Add-On for Google Cloud Platform Data Routi...