Getting Data In

Discussions

Thread Info

Solaris SPARC server integration with Splunk

Hi All,I need to collect system metrics and monitor local files on Solaris servers. I'm considering installing the Un...

by Loves-to-Learn in

Not getting normal logs from UPS, but test logs work at any severity level

I'm not very experienced with Splunk, but I've been asked to set up syslog forwarding from our UPS's to our Splunk se...

by New Member in

Sample C++ Boost code to send msg to Splunk

Hi, I'm trying to run this below sample code to send msg to Splunk, but getting error - Host not found. Am I doin...

by New Member in

Local Event Log Collection on Mac

Hello, I am brand new to Splunk and after watching a short tutorial to get started, I saw that Settings => Data Inp...

by New Member in

Data Models mapping not working for me

Hello, community, I wanted to share a challenge that I have mapping fields to Data Models. The issue is that I h...

by Communicator in

How do we define collections.conf in SplunkCloud?

Creating Lookup Definition (transforms stanza) can be done on Splunk Web UI. But since we need to point a kv definiti...

by Builder in

Filter which events to be ingested

Hello everyone , I need to onboard a huge amount of logs which the 90% of them is unnecessary . My goal is to i...

by Engager in

How to ingest file that need to calculate timestamp for each events using elasped time and trigger time

How to this the following file based on trigger time and elapsed time? "File name","AUTO_231126_012051_0329.CSV","V...

by Explorer in

HF not send the logs to Splunk Cloud instance

Hi Splunkers, i already done configuration of HF and install uf credentials. but i can't see the logs of palo a...

by Loves-to-Learn in

Assistance Needed for Setting Up Assets and Identity from Scratch

Hi, Can someone please assist me in setting up assets and identity from the scratch, and what prerequisites are nec...

by Builder in

How to monitor a log file that is getting trimmed at beginning of file

We are using Splunk 9 and are seeing a situation where a file gets re-ingested entirely each time the vendor product ...

by Explorer in

Slack notification error code 1

I'm trying to get Slack alerts set on my Splunk Cloud instance but the test give me the following output: 04-14-202...

by New Member in

No events from Universal Forwarder

I installed Universal Forwarder On Linux Machine and integrate it with Splunk , but their is no logs returned on Splu...

by Loves-to-Learn Lots in

How to convert the time from hh:mm:ss.6Q into hh:mm:ss ?

HI Can someone please let me know how to convert the time from the format hh:mm:ss.6Q to hh:mm:ss ??

by Path Finder in

Difference between the 2 time fields

Hi Can someone please let me know how i can find the difference between the 2 fields Start-Time and End-Time in th...

by Path Finder in

How to restart Universal Forwarder from a Deploy Server?

Hi, I need restart many servers (Universal Forwarders) Unix from a Deploy Server. Is there any way to do it? T...

by Engager in

calls indexing 'in the future' on a HEC using a custom source type

So...I have a HEC receiving JSON for phone calls using a custom sourcetype which parses calls from a field called tim...

by Path Finder in

CPU Performance Monitoring in Splunk Cloud

Hi There, I use a Splunk Cloud instance with Universal Forwarders installed on each server. From here I have edited...

by Communicator in

PAVO Getwatchlist - nested array parsing and other woes

Good day, First I want to say that this add-on is an absolute lifesaver when it comes to getting structured data in...

by Loves-to-Learn in

summary indexing

Hello. Im using Splunk cloud and thinking about add summary index or data model. I'm trying to understand the dif...

by Explorer in

splunk group in linux

Hello,I noticed that in versions upper 9.1, the user and group were changed to "splunkfwd" I have updated the unive...

by Explorer in

How to configure to mask the sensitive field dob and ssn value in below logs?

2023-08-04 08:53:00.473, ID="15438391", EventClass="10", textdata="exec up_tcsbs_ess_ins_ipsysuser @IID=2023...

by Loves-to-Learn Lots in

Splunk Cloud - How do data configurations get specified with UF's and Splunk SaaS indexers + Search Heads

Hi all, I am coming from Splunk on-prem so this is a bit confusing to me. I have looked at architectures regard...

by Path Finder in

Expired key microsoft 365 app

I have configured the APP for microsoft 365 which was working properly but it stopped working and after checking ...

by Builder in

SPLUNK TA to Write Log from SPLUNK HF server to S3 and SQS

Hello, Do we have any SPLUNK TA that can write logs from SPLUNK Server with HF to AWS S3/SQS. Any recommendation w...

by Motivator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Solaris SPARC server integration with Splunk

Not getting normal logs from UPS, but test logs work at any severity level

Sample C++ Boost code to send msg to Splunk

Local Event Log Collection on Mac

Data Models mapping not working for me

How do we define collections.conf in SplunkCloud?

Filter which events to be ingested

How to ingest file that need to calculate timestamp for each events using elasped time and trigger time

HF not send the logs to Splunk Cloud instance

Assistance Needed for Setting Up Assets and Identity from Scratch

How to monitor a log file that is getting trimmed at beginning of file

Slack notification error code 1

No events from Universal Forwarder

How to convert the time from hh:mm:ss.6Q into hh:mm:ss ?

Difference between the 2 time fields

How to restart Universal Forwarder from a Deploy Server?

calls indexing 'in the future' on a HEC using a custom source type

CPU Performance Monitoring in Splunk Cloud

PAVO Getwatchlist - nested array parsing and other woes

summary indexing

splunk group in linux

How to configure to mask the sensitive field dob and ssn value in below logs?

Splunk Cloud - How do data configurations get specified with UF's and Splunk SaaS indexers + Search Heads

Expired key microsoft 365 app

SPLUNK TA to Write Log from SPLUNK HF server to S3 and SQS

Building Reliable Asset and Identity Frameworks in Splunk ES

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

Automatic Discovery Part 3: Practical Use Cases

Parsing Multimetric Logs

SC4S Syslog server update fails during download wi...

SplunkForwarder flooding splunkd.log with reconnec...

Event break multiline PowerShell Transcript Log

uberAgent

Getting Data In

Are you a member of the Splunk Community?

Discussions