Getting Data In

Community Activity

Splunk Blacklist inputs.conf for desktopexentsion.exe assistance Trying to blacklist an event that is generating a lot of logs.Previously asked this question here Solved: Re: Splunk ... by EiffelPalace Engager in Getting Data In 02-22-2024 0 0	0	0
Need assistance with a command for application. I keep getting an error message when I am attempting to this command * EventCode=* user=* WinEventLog:Application \| e... by jovnice Path Finder in Getting Data In 02-22-2024 0 8	0	8
Indexer queue sizes Hi all,We have been facing some errors with Splunk indexers, where it says something like below.```Failed processing ... by jpillai Path Finder in Getting Data In 02-22-2024 0 1	0	1
How to Declare ENV Variable in Alert Hello,I'm trying to create an alert in DEV Environment to include "DEV" with subject something like Splunk Alert: DE... by Naa_Win Path Finder in Getting Data In 02-21-2024 0 3	0	3
Not getting data in Edge Processor Hello everyone, I am trying to send syslog data to my Edge Processor and it is the first time and it seems that it i... by adrifesa95 Engager in Getting Data In 02-21-2024 0 3	0	3
INGEST_EVAL for data coming from HEC at indexer layer Hello, Please, in Splunk Enterprise, I would like to know if it is possible to apply an INGEST_EVAL processing at ind... by cafissimo Communicator in Getting Data In 02-20-2024 0 2	0	2
Not getting data from universal forwarder (ubuntu) Not getting data from universal forwarder (ubuntu).1) Installed Splunk UF version 9.2.0 and credential package from ... by kate Path Finder in Getting Data In 02-20-2024 0 1	0	1
customize log event to splunk hec I were able to send my application log to splunk via HTTP event using the splunk java logging library. But somehow th... by splunkNewbie10 New Member in Getting Data In 02-20-2024 0 2	0	2
How to merge lines based on timestamps? Attached is a screenshot of the way my logs are appearing in Splunk. They match the log files themselves exactly, sep... by thompsonsgg New Member in Getting Data In 02-20-2024 0 4	0	4
Why do variations in sourcetype appear? I have an Splunk indexer that receives IIS input from several sources. Why is the sourcetype set to "iis.1" instead ... by lguinn2 Legend in Getting Data In 02-19-2024 3 9	3	9
Why is different tsidx file's size in same index? Hi.I'm working on splunk operations team.version: Enterprise 7.3.4, centos7Environment : 3 SH, 10 IDX cluster.Search ... by dongwonn Explorer in Getting Data In 02-19-2024 0 0	0	0
Can't see data coming in from UF to Indexer Hi Guys, I am very new to Splunk Cloud and how things work here. Our current setup is: 1. UF(Linux) -> Heavy Forwarde... by MAvasthi Loves-to-Learn Everything in Getting Data In 02-19-2024 0 1	0	1
Need Help with Group-IB Threat Intel Feeds Integration Issue Hello Splunk Community,I'm currently facing an issue with integrating Group-IB threat intelligence feeds into my Splu... by Mohd_Harahsheh9 Engager in Getting Data In 02-19-2024 0 0	0	0
how to edit logs to not look like raw text Currently I am feeding Splunk Zeek logs (formerly known as bro) via the monitor command. Some of the logs in the Zeek... by Mr_Sneed Explorer in Getting Data In 02-18-2024 0 2	0	2
Monitoring OpenAI usage in Splunk We are rolling out a customer service chatbot. Has anyone needed to collect the data such as input/output and logs be... by edalbanese Engager in Getting Data In 02-16-2024 0 3	0	3
Time parsing working correctly but not able to see nanoseconds in the results Hello I have to work on a parser which has the time format like this : "time: 2024-02-15T11:40:19.843185438Z"It is js... by izzie123 Path Finder in Getting Data In 02-16-2024 0 9	0	9
Can I injest CPU, memory,eventID data in metric index by using SPLUNK app for unix and linux ? Can I injest CPU, memory,eventID data in metric index by using SPLUNK app for Windows ?I am getting data once I injes... by kate Path Finder in Getting Data In 02-16-2024 0 4	0	4
the best way to collect Windows Defender logs? Hi,I need to collect the logs from Windows Defender and I was looking for an official app and I couldn't find one.I r... by corti77 Contributor in Getting Data In 02-16-2024 0 5	0	5
How to get the diag files with debug files of the UF and the HF? Log ingesting intermittently We could not find the path referenced . We have Univerasal forwarder is Windows server a... by raghunandan1 Engager in Getting Data In 02-15-2024 0 1	0	1
Why this error after upgrade to 9.0 "ERROR TcpOutputQ [ TcpOutEloop] - Unexpected event id="? After upgrade to 9.0 seeing followingERROR TcpOutputQ [<thread id> TcpOutEloop] - Unexpected event id=<eventid> by hrawat Splunk Employee in Getting Data In 02-14-2024 0 19	0	19
Best way to extract _time from file name and text Hello to everyone!I have a curious situation:I have log files that I collecting via SplunkUFThis log file does not co... by NoSpaces Contributor in Getting Data In 02-14-2024 0 2	0	2
Cloud flare TA logs are not getting parsed Hi,we had deployed cloud flare ta app on one of our sh,could anyone help me in fixing the logs parsing issue in splun... by Raj Builder in Getting Data In 02-13-2024 0 0	0	0
splunk hec ingestion of data file Been struggling for a while on this one.On-prem Splunk Enterprise. v9.1.2, running on CentOS 7.9--Just trying to fin... by labrat045 Observer in Getting Data In 02-13-2024 0 0	0	0
Windows universal forwarder localappdata Hello, I need to monitor log files that are in the following directory('s'): "c:\users\%username%\appdata\local\app\$... by Niro Explorer in Getting Data In 02-13-2024 0 5	0	5
Using INDEX_EVAL Lookup to Route Data to New Index and Sourcetype Hello,I'm looking to change our indexing architectureWe have dozens of AWS accounts. We use the Splunk AWS app to ing... by nateloepker Explorer in Getting Data In 02-13-2024 0 0	0	0