Getting Data In

Community Activity

Need Help with Group-IB Threat Intel Feeds Integration Issue Hello Splunk Community,I'm currently facing an issue with integrating Group-IB threat intelligence feeds into my Splu... by Mohd_Harahsheh9 Engager in Getting Data In 02-19-2024 0 0	0	0
how to edit logs to not look like raw text Currently I am feeding Splunk Zeek logs (formerly known as bro) via the monitor command. Some of the logs in the Zeek... by Mr_Sneed Explorer in Getting Data In 02-18-2024 0 2	0	2
Monitoring OpenAI usage in Splunk We are rolling out a customer service chatbot. Has anyone needed to collect the data such as input/output and logs be... by edalbanese Engager in Getting Data In 02-16-2024 0 3	0	3
Time parsing working correctly but not able to see nanoseconds in the results Hello I have to work on a parser which has the time format like this : "time: 2024-02-15T11:40:19.843185438Z"It is js... by izzie123 Path Finder in Getting Data In 02-16-2024 0 9	0	9
Can I injest CPU, memory,eventID data in metric index by using SPLUNK app for unix and linux ? Can I injest CPU, memory,eventID data in metric index by using SPLUNK app for Windows ?I am getting data once I injes... by kate Path Finder in Getting Data In 02-16-2024 0 4	0	4
the best way to collect Windows Defender logs? Hi,I need to collect the logs from Windows Defender and I was looking for an official app and I couldn't find one.I r... by corti77 Contributor in Getting Data In 02-16-2024 0 5	0	5
How to get the diag files with debug files of the UF and the HF? Log ingesting intermittently We could not find the path referenced . We have Univerasal forwarder is Windows server a... by raghunandan1 Engager in Getting Data In 02-15-2024 0 1	0	1
Why this error after upgrade to 9.0 "ERROR TcpOutputQ [ TcpOutEloop] - Unexpected event id="? After upgrade to 9.0 seeing followingERROR TcpOutputQ [<thread id> TcpOutEloop] - Unexpected event id=<eventid> by hrawat Splunk Employee in Getting Data In 02-14-2024 0 19	0	19
Best way to extract _time from file name and text Hello to everyone!I have a curious situation:I have log files that I collecting via SplunkUFThis log file does not co... by NoSpaces Contributor in Getting Data In 02-14-2024 0 2	0	2
Cloud flare TA logs are not getting parsed Hi,we had deployed cloud flare ta app on one of our sh,could anyone help me in fixing the logs parsing issue in splun... by AL3Z Builder in Getting Data In 02-13-2024 0 0	0	0
splunk hec ingestion of data file Been struggling for a while on this one.On-prem Splunk Enterprise. v9.1.2, running on CentOS 7.9--Just trying to fin... by labrat045 Observer in Getting Data In 02-13-2024 0 0	0	0
Windows universal forwarder localappdata Hello, I need to monitor log files that are in the following directory('s'): "c:\users\%username%\appdata\local\app\$... by Niro Explorer in Getting Data In 02-13-2024 0 5	0	5
Using INDEX_EVAL Lookup to Route Data to New Index and Sourcetype Hello,I'm looking to change our indexing architectureWe have dozens of AWS accounts. We use the Splunk AWS app to ing... by nateloepker Explorer in Getting Data In 02-13-2024 0 0	0	0
How to add custom log file to splunk universal forwarder? How to add custom log file to splunk universal forwarder? I have an application which generate the log. I need to ad... by tirusplunk Engager in Getting Data In 02-13-2024 0 5	0	5
UF - WinEventLog Security collection error - GUID translation failure Hi,We deployed an UF on a Win server 2022 and enabled the [WinEventLog://Security] log collection. The log collection... by olivier_guisneu Engager in Getting Data In 02-13-2024 0 4	0	4
Splunk forwarder does not run any script for a period of time Good morning,Let me tell you about my case. In my company, we have five indexers, one for development and the other f... by cfernaca Explorer in Getting Data In 02-13-2024 0 2	0	2
Timezone and Timestamp modification at search/report time? We have standardized our infrastructure on UTC, but we want to generate reports in PST. Is there a way to specify a ... by paymon Engager in Getting Data In 02-13-2024 5 25	5	25
Sourcetype - checkpoint -aad :aure I Am having Hf and it is configured to send data via sourcetype AAfter sometime it stops sending data to AThen i move... by arunsundarm Engager in Getting Data In 02-12-2024 0 3	0	3
Hidden syslog configuration on heavy forwarders My organization has a handful of heavy forwarders that were configured to listen to syslog sources through udp://514.... by Dominic32 Explorer in Getting Data In 02-12-2024 0 3	0	3
How to activate forwarder server? Hi Guys, I am struggling to send data from remote machine to Splunk server. I have tried the steps mentioned in the... by jhl226116 Explorer in Getting Data In 02-12-2024 0 32	0	32
GPO GUID Resolve Hi everyone.Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change an... by faiq1999 Explorer in Getting Data In 02-11-2024 0 4	0	4
Windows Security Logs not forwarding to Splunk Cloud Have UFs configured on several Domain Controllers that point to a Heavy Forwarder and that points to Splunk Cloud. Tr... by WumboJumbo675 Explorer in Getting Data In 02-10-2024 0 4	0	4
How to use heavy forwarder to replace rather than append data. Hello -Admitted new guy here,I have a heavy forwarder sending data from a MySql database table into Splunk once a day... by twanie Engager in Getting Data In 02-09-2024 0 4	0	4
Google Drive Age Monitoring? Hi,So I’m working on creating an alert in Splunk, but I’m having some issues with setting up the query. The goal of t... by tonyngassi New Member in Getting Data In 02-09-2024 0 0	0	0
Ubuntu not shown up in Forwarder Management Hello everybody I'm new here and recently I created this : Ubuntu : splunk serverUbuntu : splunk forwarder Windows 1... by Tybe Engager in Getting Data In 02-09-2024 0 4	0	4