Getting Data In

Community Activity

UF 10.0 — splunk-winevtlog.exe crashes in VCRUNTIME140.dll / KERNELBASE.dll (EventCode=1000) After upgrading to UF 10.0 we see many Application Error (EventCode=1000) crashes on a subset of servers only. Faulti... by krynol Engager in Getting Data In 12-10-2025 1 5	1	5
How can I use btool to find where a specific index was created? I've been tasked with using btool (in debug mode) to find where the settings for the “onboarding” index was written b... by brentrmc Explorer in Getting Data In 12-09-2025 0 7	0	7
Data Onboarding CPU consumption 150% system stuck. I am on-boarding data from 6 different locations the data flow is Splunk Forwarder ------> DMZ Server (Intermediate ... by kgiri253 Explorer in Getting Data In 12-08-2025 0 5	0	5
how to monitor switch, router, firewall, etc? If anyone out there has any relevant experience and could share some advice/guidance, that would be great. Thanks! by leenguyen07 Explorer in Getting Data In 12-08-2025 0 8	0	8
How to handle the log which has the "_time" field Hello Splunkers!Your help is appreciated!I have a log source coming into Splunk via HEC. The log is in json format, i... by Iris_Pi Path Finder in Getting Data In 12-08-2025 0 5	0	5
Forwarder to Splunk cloud suddenly stop: error tcpoutputfd 1158951 connection to host 9997 failed ssl error = no error Hello,I have HF and UF act as intermediate forwarders and forward logs to Splunk Cloud. We installed the credentials... by ThuLe Explorer in Getting Data In 12-07-2025 0 3	0	3
Is there any way in which we can download the apps from splunk base without having to manually download the tar file? Hi We are planning to automate the Splunk application installation and configuration process for quicker provisionin... by meoo Explorer in Getting Data In 12-04-2025 2 10	2	10
Let's think about an unique way to always and always read a log file Hi.OK, this question is totally theory, but i came in case of pratical issue on such problem.So, let's think i have a... by verbal_666 Builder in Getting Data In 12-04-2025 1 7	1	7
ServiceNow Technical Add-on for CMDB Pull General question about polling frequency and licensing. Let's say I have about 4 million events in regards to pulling... by selyian Splunk Employee in Getting Data In 12-02-2025 0 0	0	0
Bug? Logical Disk Performance counter ingest NULL instead of Zero (0) Hello,we encountered a situation today where a monitored Windows Drive disappeared from Spunk.The drive had become co... by Andre_ Path Finder in Getting Data In 12-02-2025 0 1	0	1
distsearch.conf on Search Head cluster Hi Splunkers,Long time ago we setup a SH cluster, and added search peers using CLISome time later we changed the setu... by nunoaragao Path Finder in Getting Data In 12-01-2025 0 1	0	1
Occasional trailing white space in created field Hi,I have this unusual problem where I am trying to modify the host name in my windows log (text file ingestion) in m... by yh Path Finder in Getting Data In 11-25-2025 0 6	0	6
Data onboarding issue - Splunk_TA_aws Hi,I am trying to onboard aws access logs from a S3 bucket using the Splunk Add-on for AWS installed in a Heavy Forwa... by smakwana Explorer in Getting Data In 11-19-2025 0 3	0	3
Log Parsing is not working i have a standalone splunk machine there i am monitoring a airwatch sample logNov 13 20:48:19 AirWatch AirWatch Syslo... by sivaranjiniG Communicator in Getting Data In 11-18-2025 0 4	0	4
How to add new forwarders when requireClientCert is true? Hi, We recently set up (mostly) mTLS, just have a generic forwarder cert. But with the cert being deployed via an app... by R15 Communicator in Getting Data In 11-18-2025 0 5	0	5
HEC Endpoint I wan to ingest data from a web application using HEC, but I don't understand where can I get the endpoint URL detail... by maheshnc Path Finder in Getting Data In 11-18-2025 0 7	0	7
Update @csv file on a Splunk share by allowed users We have a csv file that was uploaded into Splunk, with some interesting data for some Use-Cases.We would like to know... by BSilva New Member in Getting Data In 11-17-2025 0 2	0	2
How to set up SSL/TLS for the Splunk indexer? Hi, I am trying to establish an SSL/TLS-connection with own certificates between the UFs and the indexer. I would als... by kaurinko Communicator in Getting Data In 11-17-2025 0 14	0	14
Bangalore Splunk Usergroup meeting(Dec 2025) Hi There, As we are planning for the Bangalore Splunk Usergroup meeting around next month, if u r ready to speak(just... by inventsekar SplunkTrust in Getting Data In 11-15-2025 1 0	1	0
Uploading logs I am trying to upload logs and whenever I do the logs come out scattered.Do I have to give every colum a title e.g In... by UncleHugo Explorer in Getting Data In 11-14-2025 0 2	0	2
Parsing Multimetric Logs Hi all,I am trying to parse multiple nested Multimetric logs as metrics and am failing.The following source type work... by grexo94 Engager in Getting Data In 11-14-2025 0 2	0	2
uberAgent We looking into uberAgent to be installed on over 17000 endpoints. I'm wanting to know how many HF's would be needed ... by KenPaul New Member in Getting Data In 11-13-2025 0 1	0	1
How to configure Unviversal forwarder Props.conf for Truncate If we index JSON data from HF and want to extend TRUNCATE setting for long logs, should we also do it on (clustered) ... by splunkreal Influencer in Getting Data In 11-13-2025 0 8	0	8
Teams add-on for Splunk - missing call records Hi Team,We had successfully leveraged MS Teams Add-On for Splunk to collect Teams call records and user reports data ... by navotfk Loves-to-Learn Lots in Getting Data In 11-12-2025 0 9	0	9
DNS logs - INFO [:12345] Script exceeded maximum runtime of Hi Splunk Gurus, I use the "Windows DNS Analytical Custom" app for DNS logs onboarding to Splunk Cloud. on the DC sys... by inventsekar SplunkTrust in Getting Data In 11-12-2025 0 2	0	2