Getting Data In

Discussions

Thread Info

TRANSFORMS-ROUTING filtering out source address

I have set up a TRANSFORMS-ROUTING and it is forwarding data to a 3rd party however, they do not want to see the sour...

by Contributor in

Heavy Forwarder vs. Reduced Splunk Enterprise & DB Connect App

Hello everyone! My team and I are attempting to create a service for our departments' applications that enable the...

by Communicator in

Search fields not updating on token set

I am attempting to set a token via a drilldown in a simple xml dashboard as a way to filter a table. <input t...

by Engager in

How does Splunk work on Workstation after a network disconnect?

Hello I am trying to understand how SPLUNK works on Workstation after a network disconnect. Is it the same proces...

by Motivator in

How to override the props source?

I have the below configured but source is not being over written. I am trying to wild card anything after Windows in ...

by Path Finder in

How to include a unique ID to rsyslog client config?

Is there a way to assign a unique id to each rsyslog client node. I'm trying to build a solution where multiple rsysl...

by Explorer in

Minimizing or disabling json Syntax Highlighting automatically

Hello, I have a dataset that consists of json data (using the _json sourcetype), where each event has about 30 fie...

by Explorer in

Unable to drop event

I'm trying to drop some failed messages from an imported txt file, but they continue to be in the sourcetype. The reg...

by New Member in

How to use the last import for my source?

I have a file that gets imported every time it changes. Each line in the file shows up as an event and I want to use ...

by Path Finder in

how to pick values by latest source

Hi, My source file gets updated every 5 minutute . How to chart values of a field by the latest source file?

by Path Finder in

Splunk Monitor File and Folder: Not uploading all files

HI All, I am trying to monitor 3 CSVs from a same folder via Splunk : Settings -> Data Input -> Files & Directorie...

by Communicator in

How to configure a standalone splunk enterprise ?

I am setting a local splunk setup with 1 Search Head , 1 Indexer , I HF . Please guide me steps to configure all 3 co...

by New Member in

Why does a group not see the all of the events they should see?

We have a security group that only sees a portion of the hosts they should be seeing from specified sourcetypes. For ...

by Explorer in

Search Filters (srchFilter) when a user is in multiple groups/roles

When a user is in multiple Splunk roles (possibly because they are assigned to multiple LDAP/AD groups that are mappe...

by Splunk Employee in

Splunk Forwarder preventing application from logging

Our Splunk Forwarder on Windows Server is monitoring 2 folders containing approximately 1k log files total. I am igno...

by New Member in

Get Updates on the Splunk Community!

Getting Data In

Discussions

TRANSFORMS-ROUTING filtering out source address

Heavy Forwarder vs. Reduced Splunk Enterprise & DB Connect App

Search fields not updating on token set

How does Splunk work on Workstation after a network disconnect?

How to override the props source?

How to include a unique ID to rsyslog client config?

Minimizing or disabling json Syntax Highlighting automatically

Unable to drop event

How to use the last import for my source?

how to pick values by latest source

Splunk Monitor File and Folder: Not uploading all files

How to configure a standalone splunk enterprise ?

Why does a group not see the all of the events they should see?

Search Filters (srchFilter) when a user is in multiple groups/roles

Splunk Forwarder preventing application from logging

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

Reports are not indexed correctly

Journald exclude specific services

Combine multiple index searches into one overall s...

Custom Attribute Retrieval in VMware App (Add-on f...

Import csv with header that change column order be...