Getting Data In

Community Activity

can't find data 我現在遇到一個問題，我在SH放置好一個apps並連到uf上，在uf上也有監控到資料路徑，但我在search時就沒有辦法找以下是我的 inputs.conf： [monitor:///tutorialdata/www*/access.... by ryanaa Explorer in Getting Data In 03-17-2024 0 1	0	1
Transforms and Props for Linux Syslog Filtering Hello, Our customer has decided to end use of Splunk in lieu of Sumo Logic, but we are looking to keep up internal us... by gkstev87 Loves-to-Learn Lots in Getting Data In 03-16-2024 0 5	0	5
Extract timestamp from two json fields I need to extract timestamp from a JSON log where date and time are on two separate fields. Example below: { "Date"... by alec_stan Explorer in Getting Data In 03-16-2024 0 1	0	1
Issue excluding Windows events for a specific new process Hi Folks, I'm running into trouble excluding new process creation events for Teams from being indexed. It's an expect... by SplunkUser5 Explorer in Getting Data In 03-15-2024 0 7	0	7
pfsense logs to splunk I want to get pfsense logs to splunk to make some analysis.I tired this method "https://www.jaycroos.com/splunk-to-mo... by Navaneedhan Observer in Getting Data In 03-15-2024 0 1	0	1
Splunk licensing for Splunk Cloud Hi all, could someone please explain how licensing works for both Events and Metrics in Splunk Cloud. I've looked at ... by IAskALotOfQs Path Finder in Getting Data In 03-15-2024 0 1	0	1
How to edit my WinRegMon configuration to filter out certain Windows registry events? Hello! I need some help filtering Windows registry events in Splunk. Here is my inputs.conf file [WinRegMon://defa... by lelandtheg Engager in Getting Data In 03-15-2024 1 2	1	2
Metrics indexes volume Hi all, I'm looking at volume of indexes and how much they ingest to calculate the volumes of licenses. I am aware I ... by IAskALotOfQs Path Finder in Getting Data In 03-15-2024 0 0	0	0
Data delay in events Using props.conf i'm able to extract the fields but on the Splunk dashboard, the data is not visible for the timing 0... by jahnavi Loves-to-Learn in Getting Data In 03-15-2024 0 5	0	5
Data getting indexed twice in every field of splunk cluster environment Hi All,I have a splunk cluster environment where, while pulling data from a source, itgets indexed twice, not as a se... by architkhanna Path Finder in Getting Data In 03-15-2024 0 5	0	5
How to prevent the default logs from being forwarded (Windows UF) Hello,Whenever I forward something, these logs always get forwarded despite I blacklisted it in the inputs .conf. Is... by xnx_1012 Explorer in Getting Data In 03-14-2024 0 4	0	4
How to modify sourcetype and host based off of the new sourcetype Hello, I'm attempting to change the sourcetype and host on a single event. The tricky part is I want the second trans... by nateloepker Explorer in Getting Data In 03-14-2024 0 3	0	3
Universal Forwarder - Repeating message TcpOutputProc - Found currently active indexer... I am getting the following messages on my forwarder running on Windows 10: 04-06-2020 18:05:52.171 -0700 INFO TcpOu... by dlpco Path Finder in Getting Data In 03-14-2024 0 5	0	5
Separate business hours intervals from off-business-hours I am new to splunk. How do we write a splunk query for a support ticket that is "In Progress" status to calculate the... by avi123 Explorer in Getting Data In 03-14-2024 0 6	0	6
How to optimize the ingestion of data from Splunk Universal Forwarder to Splunk Indexer I have a splunk universal forwarder, which is indexing a 1 GB log file to a Splunk Indexer. The problem I am facing i... by sdhiren Explorer in Getting Data In 03-14-2024 0 2	0	2
HOw to import ODL files Is Oracle Diagnostic Logging ( ODL) format supported in any way by Splunk ?On the forum I have found only one topic r... by kp_pl Path Finder in Getting Data In 03-14-2024 0 2	0	2
line breaker event breaker 當我在SH設置好props.conf後去看我的uf端並重啟就會出現以下錯誤:Checking conf files for problems...Invalid key in stanza [web:access] in /opt/s... by ryanaa Explorer in Getting Data In 03-14-2024 0 1	0	1
how to identify sourcetype forbetter parsing I need help in understanding that what sourcetype would be ideal to parse logs of this File type by krutika_ag Path Finder in Getting Data In 03-14-2024 0 2	0	2
Splunk - Rest API - Curl - Failing with Unbalanced Quotes Hi, I'm trying to write data to outputlookup file by doing a REST API Call (by running a search query).The below comm... by Maries Explorer in Getting Data In 03-14-2024 0 4	0	4
Cant ingest .gz syslog files - was already indexed as a non-archive, skipping I have .gz syslog files but I am unable to fetch all filesFor each host(abc) it has 23 .tgz files with extension l... by power12 Communicator in Getting Data In 03-13-2024 0 1	0	1
Error proofpoint TAP : When trying to retrieve the last poll time, multiple kvstore records were found We have installed "Proofpoint TAP Modular Input" add-on on victoria search head and created input (api call) to fetch... by as_lyric New Member in Getting Data In 03-13-2024 0 0	0	0
What could prevent the monitoring of papercut logs? I'm collecting all other logs ie. wineventlogs, splunkd logsthe inputs.conf is accuratethe splunk user has full acces... by dspencer Path Finder in Getting Data In 03-12-2024 0 1	0	1
Duplicated values on count When I do an stats count my field it return the double of the real number index=raw_fe5_autsust Aplicacao=HUB Endpoin... by vinihei_987 New Member in Getting Data In 03-12-2024 0 3	0	3
Spike in log ingestion only on weekends Hello,Can anyone assist in determining why my splunk instance ingest large amounts of data ONLY on the weekends? Thi... by ayoungUSU New Member in Getting Data In 03-12-2024 0 2	0	2
How to consolidate Thousand Eyes into Splunk to centralize alerts on the dashboard? Hi Team,Hi Splunk Team, could you guide me through the process on how to consolidate Thousand Eyes into Splunk to cen... by Pooja1 Loves-to-Learn Everything in Getting Data In 03-12-2024 0 4	0	4