Getting Data In

Community Activity

	Solaris UFs have different build hash than others This just makes things confusing - why do the RPM and DEB versions (both x86 and ARM) and Windows of v9.3.3 have buil... by haraksin Communicator in Getting Data In 08-23-2025 0 3	0	3
	XmlWinEventLog:ForwardedEvents sourcetype field extraction issue Hi,I’m currently receiving Windows logs in Splunk via the (UF → HF → Splunk Cloud). The logs are being assigned to tw... by tech_g706 Path Finder in Getting Data In 08-22-2025 0 1	0	1
	Indexed Extractions not working properly Hi all,we collect some json data from a logfile with a universal forwarder.Most times the events were indexed correct... by klowke_svbz Loves-to-Learn in Getting Data In 08-22-2025 0 4	0	4
	Timestamp extractor issue on UF I have two time stamps in each record 2025-08-20 17:37:00.317 and SEN_20250820153640.1703351.txt.And want to use firs... by LIS Path Finder in Getting Data In 08-22-2025 0 9	0	9
	Event Time does not match We are using SC4S to collect local logs from FortiAnalyzer. We've noticed a error: the timestamp within the log file ... by phamanh1652 Path Finder in Getting Data In 08-21-2025 0 14	0	14
	Filter TCP traffic on Heavy Forwarder to Drop a Sourcetype I have noticed that my vmware logs which are forwarded to my HF via TCP are very large. We would like to filter out ... by splunk_admin Observer in Getting Data In 08-21-2025 0 2	0	2
	UF Data . by Priya70 Explorer in Getting Data In 08-21-2025 0 5	0	5
	Splunk Observability Cloud/SignalFx - Related Content Feature is not immediately shown Hello Splunkers!After deploying the Splunk Otel Collector I wanted to check all of the traces and metrics send from o... by chuvii New Member in Getting Data In 08-20-2025 0 0	0	0
	Power Platform audit logs We are looking for Power Platform audit logs to ensure that these logs will automatically show up in SPLUNK if they a... by bellb New Member in Getting Data In 08-19-2025 0 1	0	1
	Inputs not getting deleted when the mapped global account is deleted I have developed splunk add on using splunk ucc.Where the inputs can be created adding a global account value. [It sh... by TestUser Loves-to-Learn Lots in Getting Data In 08-19-2025 0 1	0	1
	Install Universal Forwarder on Exchange Server I’ve installed the Universal Forwarder on an Exchange Server 2016. It successfully collects most of the logs defined ... by phamanh1652 Path Finder in Getting Data In 08-18-2025 0 6	0	6
	XML Parsing in transforms.conf Hi, I am having some big issues trying to parse certain XML logs into Splunk.A sample online log which is in the same... by ta1 Explorer in Getting Data In 08-17-2025 0 5	0	5
	timestamp and itime does not match We’re using Splunk Cloud and have configured SC4S to collect logs from FortiAnalyzer, which receives logs from both F... by phamanh1652 Path Finder in Getting Data In 08-15-2025 0 6	0	6
	Add on for IIS: sourcetypes I am wondering why the search-time configurations for this app have been deprecated.You can't do additional parsing s... by cmeo-bcit Explorer in Getting Data In 08-15-2025 0 2	0	2
	Configure Alert Actions to collect data for the Splunk Add-on for Microsoft Security In the documentation to configure an alert action for Advanced Hunting it says to Navigate to Add-on UI > Settings > ... by edhealea Path Finder in Getting Data In 08-14-2025 0 2	0	2
	user specific browser timeout I want to create a dedicated role with its own browser timeout settings, while keeping the default timeout settings f... by viku7474 Explorer in Getting Data In 08-13-2025 0 2	0	2
	Role or User Specific Web Session Timeout Hi all,I have read through the splunk documentation for session timeout here, but these seems to be for splunk overal... by yh Path Finder in Getting Data In 08-13-2025 0 4	0	4
	Data missing from universal forwarder on a Linux host I have a puzzle with a Linux host running RHEL 8.10, which is running Splunk Universal Forwarder 9.4.1, configured to... by ww9rivers Contributor in Getting Data In 08-12-2025 0 11	0	11
	Trying to extract fields from a hybrid log Syslog/JSON nested logs Trying to extract some data from a hybrid log where the log format is <Syslog header> <JSON Data>.Have had success wi... by atme Loves-to-Learn Lots in Getting Data In 08-11-2025 0 1	0	1
	Enabling of Splunk PDF scheduler Hi Splunk Community,I would appreciate your guidance regarding enabling Scheduled PDF Delivery in Splunk. Currently, ... by uagraw01 Motivator in Getting Data In 08-11-2025 0 11	0	11
	Data ingest Monitor set to pull in a watched log that has no props/transforms configs applied. This would ingest the entire file ... by splunkville Observer in Getting Data In 08-11-2025 0 4	0	4
	Why is Splunk Universal Forwarder unable to interpret checkpoint files for ausearch when running it as a Scripted Input? I’m running Splunk in a Linux Red Hat environment and trying to collect logs generated by the auditd service. I coul... by miketbrand0 Explorer in Getting Data In 08-08-2025 0 8	0	8
	splunk how to get splunk add-on for unix and linux 9.2.0 version splunk how to get splunk add-on for unix and linux 9.2.0 version and 6.0.2 version..?? by silverKi Path Finder in Getting Data In 08-07-2025 0 2	0	2
	How to edit my props and transforms to route data to an index based on index field name ? Hi allI'm building a distributed Splunk architecture with:1 Search Head2 Indexers (not in a cluster)1 Heavy Forwarder... by Sot_Sochetra Explorer in Getting Data In 08-07-2025 0 8	0	8
	Is it possible to do search time field extraction based punct I have events in a log file and they have different formats from event to event. I'm wondering if there is any way to... by fredclown Builder in Getting Data In 08-07-2025 0 4	0	4