Getting Data In

Community Activity

How to collect Apache logs in Splunk without a forwarder? Someone just asked me an interesting question that I don't have the answer to...but I bet this community does  Has ... by sloshburch Ultra Champion in Getting Data In 03-31-2024 1 11	1	11
does Splunk UF has capability to mask data as it send to indexer? Is it possible in Splunk to have one props.conf file on one server's Universal Forwarder (UF) for a specific app, and... by abi2023 Path Finder in Getting Data In 03-30-2024 0 8	0	8
add regular expression for cisco ISE accounting logs CmdAV=show CmdArgAV=license CmdArgAV=usage Hello all,can someone help me to to extract field 'CmdSet' from cisco ISE accouting logs. string : '[ CmdAV=show CmdA... by sushraw Engager in Getting Data In 03-30-2024 0 11	0	11
Splunk 9.2.0.1 Bug Hi all,I have faced a serious problem after upgrading indexers to 9.2.0.1! Occasionally, they stop data flow and some... by banaie Path Finder in Getting Data In 03-30-2024 0 4	0	4
thawing out multiple buckets at once? Is it possible to thaw out more than one bucket at once? Or do you have to do a rebuild for each, one by one? I hav... by rgonzale6 Path Finder in Getting Data In 03-29-2024 0 11	0	11
Is it possible to have WarmData stored partially on local indexers' storage and partially on remote storage? Is it possible to have WarmData stored partially on local indexers' storage and partially on remote storage? My total... by karthikm Loves-to-Learn Everything in Getting Data In 03-29-2024 0 2	0	2
Timestamp confusion in JSON data loaded via a Universal Forwarder We are using Splunk Cloud 9.0.2303.201 and have version 9.0.4 of the Splunk Universal Forwarder installed on a RHEL 7... by bpenny Explorer in Getting Data In 03-28-2024 0 2	0	2
Timestamp extraction config (props) is not working Hello, Log :Mar 22 10:50:51 x.x.x.21 Mar 22 11:55:00 Device version -: [2024-03-22 11:54:12] Event : , IP : , MAC : ... by dongwonn Explorer in Getting Data In 03-28-2024 0 8	0	8
JVM deadlock after splunk-library-javalogging upgrade from 1.6.1 to 1.11.1 Hi Team,Our application is having a jvm deadlock and stopping indefinetly after splunk-library-javalogging upgrade fr... by Dipabhat New Member in Getting Data In 03-27-2024 0 0	0	0
Monitor a path on the search head Hi Community, Please help me out, I am trying to monitor a path on the splunk search head in a Splunk enterprise envi... by RanjithaN99 Explorer in Getting Data In 03-27-2024 0 2	0	2
Bug: Why are there duplicate values with INDEXED_EXTRACTION? Hi, this is a long running issue with splunk creating duplicates as multi-value mv fields when JSON extraction runs a... by ololdach Builder in Getting Data In 03-26-2024 0 12	0	12
Adding custom data from file Hi all.I am ingesting data into Splunk Enterprise from a file. This file contains a lot of information, and I would l... by Be_JAR Path Finder in Getting Data In 03-26-2024 0 12	0	12
Time in palo alto events Good morning,I have started to ingest Palo Alto FW events and they are coming with a wrong timestamp, timestamp is 2 ... by adrifesa95 Engager in Getting Data In 03-26-2024 0 3	0	3
Splunk fundamentals 1 Hi, I want to go through the splunk fundamentals 1 where I can get this link? by AL3Z Builder in Getting Data In 03-26-2024 0 1	0	1
Splunk dashboard not showing up the results Hello All, I have created a dashboard and it is always showing no results found. But when i click on open in search... by gowthammahes Path Finder in Getting Data In 03-26-2024 0 1	0	1
App/Add-on Hello,I have an architecture with a single SH and two indexers. I've installed the Splunk for Microsoft 365 add-on on... by BRFZ Communicator in Getting Data In 03-26-2024 0 3	0	3
retrieve indexes from splunk.log Hello splunk community, I have this query but I would also like to retrieve the index to which the sourcetype belongs... by tay Explorer in Getting Data In 03-26-2024 0 7	0	7
SolarWinds add-on not working I'm on Splunk Enterprise 9.1.3, and I've configured the add-on (no proxy) with the SolarWinds server name, port, and ... by ilhwan Path Finder in Getting Data In 03-25-2024 1 1	1	1
Issue with Windows firewall logs not showing ample information Hye !I am trying to analyze Windoes firewall logs in splunk Enterprsie locally hosted . Follwings have ben done alrea... by hassan1214 Loves-to-Learn in Getting Data In 03-25-2024 0 1	0	1
Excluding Special Characters from OTEL Splunk Format We are having difficulty getting exclusions of logs that have fields in Camelcase or have entries that have special c... by padresman Engager in Getting Data In 03-25-2024 1 3	1	3
Why Am I getting these errors in my Heavy Forwarder? It's not sending anything Hello, I am receiving these errors and my HF is not working properly. I think that it is something related to the S... by adrifesa95 Engager in Getting Data In 03-25-2024 0 15	0	15
Windows events filtering not working Hello,I'having some problem when filtering standard Windows events. My goal is to send the events coming from my UFs ... by marco_massari11 Communicator in Getting Data In 03-23-2024 0 5	0	5
Is AIX 6.1 supported backward compatible with the latest universal forwarder ? When I want to download the latest forwarder, version listed as AIX 7.1 and AIX 8.1. What happen if I have AIX 6.1 ... by jeanfrederic New Member in Getting Data In 03-22-2024 0 6	0	6
Need to Split the events before parsing into Splunk This below mentioned lines are coming as a single event and not as separate events. So we want to get them splitted i... by anandhalagaras1 Contributor in Getting Data In 03-22-2024 0 7	0	7
rsyslog + apache access logs : How to parse correctly ? Dear splunkers,I need to ingest some apaches log files.Those log files are first sent to a syslog server by rsyslogrs... by gargantua Path Finder in Getting Data In 03-21-2024 0 3	0	3