Getting Data In

Community Activity

Lopping Off Dot Notation Field Names I am working with Linux auditd events based on the auditd message and field dictionaries, that we call type and field... by tom_porter Explorer in Getting Data In 12-07-2023 0 0	0	0
Finding the file path of a deleted file input Hi Brains Trust,I'm trying to find the location of a CSV file that used to be a file input in 2019 but the file input... by Tyrian01 Explorer in Getting Data In 12-07-2023 0 5	0	5
Excluding log entries based on specific String in msg field Hi,I have a problem excluding or including only entries that contain specific String values in the msg field. For exa... by bblackmon New Member in Getting Data In 12-07-2023 0 1	0	1
Splunk on GCP: what's the benefit of running dataflow template when pubsub natively supports HTTPS push So I'm new to the splunk on GCP still learning, one thing I'm trying to wrap my head around is this:GCP pubsub provid... by daxiao New Member in Getting Data In 12-06-2023 0 0	0	0
How to create index field? Hi we want an indexed field called ‘actual_server’ to indicate the hostname of the forwarder that passed us the da... by rashid47010 Communicator in Getting Data In 12-06-2023 0 7	0	7
Beyond Trust logs are not getting parsed Hi, The beyond trust log fields are not getting extracted. I tried both Index time field extraction and Search time f... by js1235 Loves-to-Learn in Getting Data In 12-06-2023 0 7	0	7
Regex of .txt file in Splunk Hello,I'm integrating the .txt file in Splunk, however while integrating the file my events are breaking into single ... by mukhan1 Explorer in Getting Data In 12-06-2023 0 4	0	4
scheduler.log broken korean I wrote the description of the saved search using Korean.When the search operates and is recorded in scheduler.log,Ko... by doree Loves-to-Learn Lots in Getting Data In 12-05-2023 0 0	0	0
Suggestions Please: REST Api, csv,html Hello Members,I would like to import/show data in a splunk dashboard.This data is results from a mysql query run by p... by eholz1 Builder in Getting Data In 12-05-2023 0 0	0	0
Heavy Forwarder License Type? I have a doubt. If we are using heavy forwarder to parse the data and forward it to indexers, does it need Enterprise... by phularah Communicator in Getting Data In 12-05-2023 0 8	0	8
How do we Parse logs of Secret Server in Splunk Cloud Hi,Are there any available applications to address the issue of incorrect parsing of secret server logs in Splunk clo... by AL3Z Builder in Getting Data In 12-05-2023 0 60	0	60
Convert ingested WinEventLog in JSON format Hi Splunkers, I have a request by my customer.We have, like in many prod environments, Windows logs. We know that we ... by SplunkExplorer Contributor in Getting Data In 12-05-2023 0 15	0	15
Add Search bar to custom app built with Add On builder Hi Splunkers, I have a doubt about a custom app customization.For a customer, we created with Splunk Addon Builder a ... by SplunkExplorer Contributor in Getting Data In 12-05-2023 0 2	0	2
How do I send Cisco HSL format logs to Splunk Cloud? I am trying to send Cisco SD-WAN router logs to Splunk Cloud. I have installed Universal forwarder on the log server ... by arc Loves-to-Learn in Getting Data In 12-05-2023 0 2	0	2
Splunkforwarder pushes multiple lines as single event from windows machine logs Hi Team, I came across an issue where I have below sample logs in a file 15:30:31.396\|Info\|Response ErrorMessage: \|\|1... by mayurkale471757 Explorer in Getting Data In 12-04-2023 0 4	0	4
Can you use ingest actions against _raw? When I apply ingest actions and I specify host field and put in the IP address, it works fine but when I try to use _... by red2play Loves-to-Learn in Getting Data In 12-04-2023 0 0	0	0
Can Data Manager import Cloudwatch ECS Fargate logs? I'm using current Cloud Splunk:It appears the older "Splunk Add-on for AWS" can stream in Cloudwatch log-group data t... by nramella Engager in Getting Data In 12-04-2023 0 0	0	0
Why has The TCP output processor paused data flow? Hi, i am not able to receive any data from my forwarder. It stopped working yesterday.port 9997 is open.connection i... by carlyleadmin Contributor in Getting Data In 12-04-2023 0 10	0	10
sourcetypes size trend HelloWhat is the best way to calculate sourcetypes size trend by time index and level ? i tried this two options but... by SplunkySplunk Explorer in Getting Data In 12-04-2023 0 2	0	2
cisco sdwan & cloud splunk: how to get data_input hello,i'm running a cisco sdwan fabric and i was curious if i can send data directly to cloud_splunk. according to Ci... by bazil New Member in Getting Data In 12-03-2023 0 0	0	0
[powershell://...] input working example and some pitfalls Hi Splunkerds,I have struggled with powershell for a while and thought that after all the great tips I got from you, ... by ololdach Builder in Getting Data In 12-02-2023 2 4	2	4
Assistance Needed: Reformatting Provided Events to Match Structure of 'blacklist3' Hi,Is it possible for someone to aid me in reformatting the given events to align with the structure present in black... by AL3Z Builder in Getting Data In 12-01-2023 0 0	0	0
XML Regex Conversion Hi, Could anyone pls help me to conver this Blacklist to xml regex ? blacklist1 = EventCode="4662" Message="Object Ty... by AL3Z Builder in Getting Data In 12-01-2023 0 0	0	0
Blue Prism Data Gateway integration with Splunk Hi,I am new to Splunk, and I am doing some testing with Blue Prism Data gateway with Splunk. How can I get the Splunk... by blueprism-akin Observer in Getting Data In 12-01-2023 0 3	0	3
Need to convert the timezone dynamically Hello there,I would like to convert the default time to the local country timezone and place the converted timezone ... by manojchacko78 Path Finder in Getting Data In 12-01-2023 0 2	0	2