Getting Data In

Community Activity

Filter which events to be ingested Hello everyone , I need to onboard a huge amount of logs which the 90% of them is unnecessary . My goal is to ingest ... by stamatoc Engager in Getting Data In 01-25-2024 0 2	0	2
How to ingest file that need to calculate timestamp for each events using elasped time and trigger time How to this the following file based on trigger time and elapsed time?"File name","AUTO_231126_012051_0329.CSV","V2.1... by kyokei Explorer in Getting Data In 01-25-2024 0 6	0	6
HF not send the logs to Splunk Cloud instance Hi Splunkers, i already done configuration of HF and install uf credentials. but i can't see the logs of palo alto in... by Unnamed16 Loves-to-Learn in Getting Data In 01-24-2024 0 1	0	1
Assistance Needed for Setting Up Assets and Identity from Scratch Hi,Can someone please assist me in setting up assets and identity from the scratch, and what prerequisites are necess... by AL3Z Builder in Getting Data In 01-24-2024 0 2	0	2
How to monitor a log file that is getting trimmed at beginning of file We are using Splunk 9 and are seeing a situation where a file gets re-ingested entirely each time the vendor product ... by whitepaw00 Explorer in Getting Data In 01-24-2024 0 4	0	4
Slack notification error code 1 I'm trying to get Slack alerts set on my Splunk Cloud instance but the test give me the following output:04-14-2023 2... by Alicynx New Member in Getting Data In 01-24-2024 0 1	0	1
No events from Universal Forwarder I installed Universal Forwarder On Linux Machine and integrate it with Splunk , but their is no logs returned on Splu... by aly347774 Loves-to-Learn Lots in Getting Data In 01-23-2024 0 6	0	6
How to convert the time from hh:mm:ss.6Q into hh:mm:ss ? HI Can someone please let me know how to convert the time from the format hh:mm:ss.6Q to hh:mm:ss ?? by Real_captain Path Finder in Getting Data In 01-23-2024 0 1	0	1
Difference between the 2 time fields Hi Can someone please let me know how i can find the difference between the 2 fields Start-Time and End-Time in the b... by Real_captain Path Finder in Getting Data In 01-23-2024 0 1	0	1
How to restart Universal Forwarder from a Deploy Server? Hi, I need restart many servers (Universal Forwarders) Unix from a Deploy Server. Is there any way to do it? Thank... by kisero Engager in Getting Data In 01-23-2024 6 12	6	12
calls indexing 'in the future' on a HEC using a custom source type So...I have a HEC receiving JSON for phone calls using a custom sourcetype which parses calls from a field called tim... by loganramirez Path Finder in Getting Data In 01-22-2024 0 7	0	7
CPU Performance Monitoring in Splunk Cloud Hi There,I use a Splunk Cloud instance with Universal Forwarders installed on each server. From here I have edited th... by jamie1 Communicator in Getting Data In 01-22-2024 0 2	0	2
PAVO Getwatchlist - nested array parsing and other woes Good day,First I want to say that this add-on is an absolute lifesaver when it comes to getting structured data into ... by K_Sukumar Loves-to-Learn in Getting Data In 01-22-2024 0 0	0	0
summary indexing Hello.Im using Splunk cloud and thinking about add summary index or data model.I'm trying to understand the differenc... by SplunkySplunk Explorer in Getting Data In 01-22-2024 0 4	0	4
splunk group in linux Hello,I noticed that in versions upper 9.1, the user and group were changed to "splunkfwd"I have updated the universa... by maede_yavari Explorer in Getting Data In 01-21-2024 0 4	0	4
How to configure to mask the sensitive field dob and ssn value in below logs? 2023-08-04 08:53:00.473, ID="15438391", EventClass="10", textdata="exec up_tcsbs_ess_ins_ipsysuser @IID=20231619,@R... by Hemant93 Loves-to-Learn Lots in Getting Data In 01-21-2024 0 1	0	1
Splunk Cloud - How do data configurations get specified with UF's and Splunk SaaS indexers + Search Heads Hi all, I am coming from Splunk on-prem so this is a bit confusing to me. I have looked at architectures regarding Sp... by IAskALotOfQs Path Finder in Getting Data In 01-21-2024 0 1	0	1
Expired key microsoft 365 app I have configured the APP for microsoft 365 which was working properly but it stopped working and after checking it ... by splunkcol Builder in Getting Data In 01-20-2024 0 5	0	5
SPLUNK TA to Write Log from SPLUNK HF server to S3 and SQS Hello,Do we have any SPLUNK TA that can write logs from SPLUNK Server with HF to AWS S3/SQS. Any recommendation will... by SplunkDash Motivator in Getting Data In 01-20-2024 0 6	0	6
How to fix vetting issues while uploading app to cloud ? Hi,Which I am trying to upload the custom app to splunk cloud it is not passing the vetting, how we can fix this issu... by AL3Z Builder in Getting Data In 01-20-2024 0 10	0	10
Why am I getting "This path does not exist or is not accessible." using Splunk Web in Splunk Light to monitor a certain folder? I just installed Splunk Light 6.2.5 on CentOS 7. Using the web interface, I go to AddData screen, then Monitor, then... by jmichelgarcia Engager in Getting Data In 01-20-2024 0 3	0	3
Windows log file data is not coming hai i have configured below log file stanza but not getting data into splunk from windows UFhaving latest on Jan 4th ... by sekhar463 Path Finder in Getting Data In 01-19-2024 0 5	0	5
Mutlivalue Field Extraction Hello,I'm writing some field extractions for a Tomcat access log. The logging format is"%{E M/d/y @ hh:mm:ss.S a z}t ... by nateloepker Explorer in Getting Data In 01-19-2024 0 2	0	2
extract field between two single quotes Sorry i am a noob to regex and splunk regex especially.Regex to extarct all that is between the two single quotes. th... by sam90651 Loves-to-Learn Lots in Getting Data In 01-18-2024 0 11	0	11
remove prefix on every events using SEDCMD Hi Guys We are getting logs through syslog with its priority / facility data “ <14>1” prepended with every events as ... by roopeshetty Path Finder in Getting Data In 01-18-2024 0 4	0	4