Getting Data In

Community Activity

How to activate forwarder server? Hi Guys, I am struggling to send data from remote machine to Splunk server. I have tried the steps mentioned in the... by jhl226116 Explorer in Getting Data In 02-12-2024 0 32	0	32
GPO GUID Resolve Hi everyone.Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change an... by faiq1999 Explorer in Getting Data In 02-11-2024 0 4	0	4
Windows Security Logs not forwarding to Splunk Cloud Have UFs configured on several Domain Controllers that point to a Heavy Forwarder and that points to Splunk Cloud. Tr... by WumboJumbo675 Explorer in Getting Data In 02-10-2024 0 4	0	4
How to use heavy forwarder to replace rather than append data. Hello -Admitted new guy here,I have a heavy forwarder sending data from a MySql database table into Splunk once a day... by twanie Engager in Getting Data In 02-09-2024 0 4	0	4
Google Drive Age Monitoring? Hi,So I’m working on creating an alert in Splunk, but I’m having some issues with setting up the query. The goal of t... by tonyngassi New Member in Getting Data In 02-09-2024 0 0	0	0
Ubuntu not shown up in Forwarder Management Hello everybody I'm new here and recently I created this : Ubuntu : splunk serverUbuntu : splunk forwarder Windows 1... by Tybe Engager in Getting Data In 02-09-2024 0 4	0	4
Adding an Interval to a Monitor Stanza Is there a way to add an interval setting to define the polling for a flat file? Not sure why it was requested but i ... by ericg57 Engager in Getting Data In 02-09-2024 0 1	0	1
Error occurred during trying to delete an Data TCP Input I have the problem that I can't delete an input filter that I probably formulated incorrectly so that I can take it o... by AchimK Engager in Getting Data In 02-08-2024 0 4	0	4
Create fields for a csv log Hi, I have ingested an csv file by creating an input on a windows server.But the challenge is the logs are not gettin... by Dayalss Engager in Getting Data In 02-08-2024 0 3	0	3
Halp! My data is being rolled to frozen and I don't know why! I need to know why my data is being rolled to frozen - is it because of time or disk space? by bosburn_splunk Splunk Employee in Getting Data In 02-08-2024 4 7	4	7
WinEventLog vs XmlWinEventLog Good Morning,I am running into an issue where my two newest Server 2022 endpoints have events that are showing up non... by thebankitgui Path Finder in Getting Data In 02-07-2024 0 1	0	1
Network device logs Hello!I wanted to ask what is the best way/configuration to get network device logs directly into splunk?Thanks in ad... by jmrubio Path Finder in Getting Data In 02-07-2024 0 4	0	4
splunk uf takes 30-40 mins generating auth certificate on first run A snippet from strace output seems to indicate that the 30-40 mins may be taken by the ssl certificate generating ste... by masterofnone New Member in Getting Data In 02-07-2024 0 0	0	0
What are the guidelines for ingesting data from IBM CICS PA to Splunk Cluster environment? by NKP Observer in Getting Data In 02-07-2024 0 0	0	0
ExecProcessor of the forwarder doesn't detect new stanzas Good morning,Let me tell you about my situation. We have a forwarder inside a Docker container python:3.11-slim-bulls... by cfernaca Explorer in Getting Data In 02-07-2024 0 1	0	1
block queries without sourcetype Is there any efficient way to block queries without the sourcetype? Educating users is not working and we wanted to b... by bmcaetano Engager in Getting Data In 02-07-2024 0 1	0	1
Ingest only rows containing certain text from log file Have a very large log file (20,000+ lines per log file) and I only need the rows that contain "tell_group.pl" in them... by joesrepsolc Communicator in Getting Data In 02-06-2024 0 5	0	5
props Hi I am trying to divide the the logs into different evwnt based on below scenario:I have one single event currently:... by abhi04 Communicator in Getting Data In 02-06-2024 0 3	0	3
vectra integration when I go to search head to change configuration of TA_vectra_detect_json I find this (You do not have permissions to... by aly347774 Loves-to-Learn Lots in Getting Data In 02-06-2024 0 3	0	3
HTTP Event Collector Connection Actively Refused after upgrading from 9.0.5 to 9.1.1 (No Token Found) Hi,We have just upgraded to 9.1.1 and our HEC seems to have stopped working. Calling it from a simple PowerShell scri... by C_Lawrence Engager in Getting Data In 02-06-2024 2 4	2	4
Receive encrypted logs from ESET endpoint security I'm planning to start an integration between Splunk and ESET endpoint security cloud platform, but I facing the follo... by Mohali Loves-to-Learn Lots in Getting Data In 02-05-2024 0 4	0	4
bar logs with debug level enabled Is there any way to block logs coming from other servers, on a distributed server, with the debug level activated? I ... by bmcaetano Engager in Getting Data In 02-05-2024 0 2	0	2
Can Heavy Forwarder monitor a Folder and forwards to Splunk indexer ? I want to run some commands on my splunk Heavy forwarder servers and output the results to a folder. I want to monito... by premrajvs Explorer in Getting Data In 02-05-2024 0 5	0	5
How do I add metadata to events coming from a Splunk forwarder? We have Splunk running on a server at each of our locations. The NIC on the server has two IPs, one is a unique IP fo... by mctester Communicator in Getting Data In 02-05-2024 4 14	4	14
Truncate the log description after n words. How can i Truncate the log description after 20 words in splunk and store in new field. by RSS_STT Explorer in Getting Data In 02-05-2024 0 5	0	5