Getting Data In

Community Activity

	Multiline logs coming in single log Hi SMEs, there are logs coming from one of the application in one single event. How to split it in a seperate log eve... by pm2012 Explorer in Getting Data In 02-26-2024 0 1	0	1
	HTTP event collector -- error with data format? I want to try to inputting a simple event to HTTP event collector just to test if it works. I think it was able to fi... by tamduong16 Contributor in Getting Data In 02-26-2024 0 7	0	7
	help with regex for masking? I need to mask data before it being index. my sample his log structure."2023-11-02 06:53:00 xx.xxx.xxx.xx GET /Securi... by abi2023 Path Finder in Getting Data In 02-26-2024 0 3	0	3
	Azure MFA ingestion into Splunk - does "Splunk Add on for Microsoft Azure" support that ingestion? My company is transitioning from an on-premise MFA setup within ADFS to the Azure MFA setup. What's the best approac... by dkmcclory Explorer in Getting Data In 02-26-2024 0 1	0	1
	Splunk report to fetch Azure active snapshot details. Hello experts... I need help... I want to fetch Azure snapshot details... I want active snapshots only... I don't nee... by jatin Explorer in Getting Data In 02-26-2024 0 4	0	4
	Splunk report to fetch Azure orphaned disk details. Hello experts... I need help... I want to fetch Azure orphaned disk details... Can someone share splunk query for the... by jatin Explorer in Getting Data In 02-26-2024 0 5	0	5
	How to find a seach file I have inherited a Splunk system and this is one of the alerts \| metadata index=index-cc* type=hosts \| eval age = now... by mwcentracomm Explorer in Getting Data In 02-26-2024 0 1	0	1
	export large amount of data HelloI'm using Splunk cloud and I have a user that wants to export search results that contains 277,500 eventsHe is g... by SplunkySplunk Explorer in Getting Data In 02-26-2024 0 0	0	0
	Unable to delete indexes on splunk cloud I have created some indexes on splunk cloud can we not delete this indexes ? Because the option for delete is disable... by Afak New Member in Getting Data In 02-25-2024 0 2	0	2
	Trying to properly perform an ingestion time SED Hello,Currently I'm attempting to make a CommandHistory field a bit more readable for our analysts but I'm having tro... by Cornisgud Loves-to-Learn Lots in Getting Data In 02-25-2024 0 2	0	2
	Heavy Forwarder System Logs - Best Practices I have Heavy Forwarders that are running on Windows and Linux servers that still need to be monitored. Are there best... by rbakeredfi Explorer in Getting Data In 02-25-2024 0 8	0	8
	Logs are not getting ingested Hello All,Logs are not indexing into splunk.My configurations are below inputs.conf:[monitor:///usr/logs/Client.log... by gowthammahes Path Finder in Getting Data In 02-24-2024 0 2	0	2
	Send events to null queue which dont have time I have the following sample events coming from source="/project/admin/git/ys/es/perf/de/pure/abc0/logs//results.csv... by power12 Communicator in Getting Data In 02-23-2024 0 2	0	2
	Splunk report to fetch disabled AD accounts. Hello experts... I need help... I want to fetch disabled AD account users... Can someone share splunk query for the s... by jatin Explorer in Getting Data In 02-23-2024 0 3	0	3
	File/Directory Information Input app help @LukeMurphey I'm trying to run the File/Directory Information Input app (v1.4.5) on a universal forwarder. It's a win... by R15 Communicator in Getting Data In 02-22-2024 0 1	0	1
	Change the alert action SNOW group from windows to sql team. Hi Team,We have DB alerts for server sitpdb0033 are assigning to windows support team first , it needs to be assign t... by raghunandan1 Engager in Getting Data In 02-22-2024 0 3	0	3
	Splunk Blacklist inputs.conf for desktopexentsion.exe assistance Trying to blacklist an event that is generating a lot of logs.Previously asked this question here Solved: Re: Splunk ... by EiffelPalace Engager in Getting Data In 02-22-2024 0 0	0	0
	Need assistance with a command for application. I keep getting an error message when I am attempting to this command * EventCode=* user=* WinEventLog:Application \| e... by jovnice Path Finder in Getting Data In 02-22-2024 0 8	0	8
	Indexer queue sizes Hi all,We have been facing some errors with Splunk indexers, where it says something like below.```Failed processing ... by jpillai Path Finder in Getting Data In 02-22-2024 0 1	0	1
	How to Declare ENV Variable in Alert Hello,I'm trying to create an alert in DEV Environment to include "DEV" with subject something like Splunk Alert: DE... by Naa_Win Path Finder in Getting Data In 02-21-2024 0 3	0	3
	Not getting data in Edge Processor Hello everyone, I am trying to send syslog data to my Edge Processor and it is the first time and it seems that it i... by adrifesa95 Engager in Getting Data In 02-21-2024 0 3	0	3
	INGEST_EVAL for data coming from HEC at indexer layer Hello, Please, in Splunk Enterprise, I would like to know if it is possible to apply an INGEST_EVAL processing at ind... by cafissimo Communicator in Getting Data In 02-20-2024 0 2	0	2
	Not getting data from universal forwarder (ubuntu) Not getting data from universal forwarder (ubuntu).1) Installed Splunk UF version 9.2.0 and credential package from ... by kate Path Finder in Getting Data In 02-20-2024 0 1	0	1
	customize log event to splunk hec I were able to send my application log to splunk via HTTP event using the splunk java logging library. But somehow th... by splunkNewbie10 New Member in Getting Data In 02-20-2024 0 2	0	2
	How to merge lines based on timestamps? Attached is a screenshot of the way my logs are appearing in Splunk. They match the log files themselves exactly, sep... by thompsonsgg New Member in Getting Data In 02-20-2024 0 4	0	4