Getting Data In

Community Activity

Splunk Calls for given time period Hello Splunk Members,Need some help on below queries,-How many calls(read/writing) can we make in Splunk in a given t... by spampari Observer in Getting Data In 01-02-2024 0 1	0	1
SC4S: avoid sending metrics to Splunk Hi all,I am very new to Splunk and trying to avoid sending metrics to Splunk from the sc4s container.Memory consumpti... by pepitogrillospl Loves-to-Learn Lots in Getting Data In 01-02-2024 0 2	0	2
btool installation on windowds Hi i would like to know how to install btool on windows and can you please tell how to locate the file. i was trying ... by pm11 Engager in Getting Data In 01-02-2024 0 5	0	5
Redundancy in Data Using UF I am using a single universal forwarder on my windows machine to send a log file to my Splunk host machine deployed o... by tahaahmed354 Loves-to-Learn in Getting Data In 01-02-2024 0 3	0	3
Http Event Collector vs Add-on Some of my customers are using Splunk as their SIEM solution.I have a security platform that needs to integrate into ... by noamm91 Explorer in Getting Data In 01-01-2024 0 8	0	8
Regex extraction with different field delimiters Hi all,I have a very specifc regex extraction (search time extraction)_raw data example:\| union[\| makeresults\| eval _... by michael_vi Path Finder in Getting Data In 12-31-2023 0 10	0	10
When I edit inputs.conf and outputs.conf using the cli command, is there a reason why the paths to the modified files ar If I use the command ./splunk add monitor /var/log,-> /splunk/etc/apps/search/local/inputs.conf file will be modified... by munang Path Finder in Getting Data In 12-31-2023 0 4	0	4
Apps on Indexers I was thinking about this just now... How is it possible to have more than 1 app/add-on functioning on an Indexer? Be... by IAskALotOfQs Path Finder in Getting Data In 12-29-2023 0 3	0	3
Help parsing incoming data We have data coming in that we need to alert on, however because of the formatting of the data, this is very hard to ... by secphilomath1 Explorer in Getting Data In 12-28-2023 0 6	0	6
How to use REST to find LDAP mapped groups (roles and the AD group(s) they are mapped to) I needed to find my roles were mapped to LDAP active directory groups. I ended up with the search below. It works, bu... by blacknight659 Explorer in Getting Data In 12-28-2023 0 3	0	3
Report to monitor logon/logoff time and duration on Windows I was using the following question/answer: How can I use windows events to monitor logon sessions https://answers.sp... by ejwade Contributor in Getting Data In 12-27-2023 0 13	0	13
log injection configuration Recently configured a new input that has successfully ingesting logs but appears to be working intermittently. There ... by raghunandan1 Engager in Getting Data In 12-27-2023 0 2	0	2
Universal forwarder が新規ファイルをモニターしない日本語で失礼します。私はLinuxにUFをインストールし、input.confを以下のように設定しました。[monitor:///xxxx/]whitelist = xxxx_list_<yyyymmdd>.csvUFを再起動し、Sp... by nobunari New Member in Getting Data In 12-25-2023 0 1	0	1
Double sourcetype overriding Hi at all,I have a problem similar to one already solved by @PickleRick in a previous question:I have a flow from a... by gcusello SplunkTrust in Getting Data In 12-22-2023 0 9	0	9
french timestamp not understood Hello, I have a log where the timestamp is written with a abbreviated name for the month. My problem is that the abre... by pfoucher Engager in Getting Data In 12-22-2023 1 5	1	5
How do I add sample data to a cloud based trial instance? How do I add sample data to a cloud based trial instance? by bkenn07 Explorer in Getting Data In 12-21-2023 0 5	0	5
SC4S and McAfee EPO not working? So I have been trying to get SC4S working and I know where the docs are--> https://splunk.github.io/splunk-connect-fo... by domino30 Path Finder in Getting Data In 12-21-2023 0 1	0	1
Need help on json data i have below stanza to ingest json data file and added in deployment server as below an in HF added props.conf file i... by sekhar463 Path Finder in Getting Data In 12-21-2023 0 4	0	4
Securely store API key for modular input app? Hello all,I'm writing my first Modular Input app, and I'm wondering what's the best way to store a REST API key for m... by koocies Path Finder in Getting Data In 12-21-2023 0 1	0	1
Data is not ingesting into splunk from UF i have added this file in monitoring to ingest data but data is not getting ingesting log file path is /tmp/mountchec... by sekhar463 Path Finder in Getting Data In 12-20-2023 0 2	0	2
What is the maximum value for maxQueueSize that can be used in outputs.conf for Splunk version 6.6.0? I'm migrating my Splunk Instance from an outdated OS. I want to increase the buffer size for my Splunk forwarder so t... by nehabhuti New Member in Getting Data In 12-20-2023 0 2	0	2
Challenge with splunk forwarder and csv file Hello,I need some help. Icreate a csv file on remote server from a mysql quert.I forward the csv file from the remote... by eholz1 Builder in Getting Data In 12-20-2023 0 2	0	2
Splunk 6.2.3 Universal Forwarder maxQueueSize: What is the algorithm used to determine the amount of memory to use? The outputs.conf.spec shows a default value of "auto". The Splunk Universal Forwarder version is 6.2.3 on RHEL 6.6. ... by lisaac Path Finder in Getting Data In 12-20-2023 0 4	0	4
Splunk Otel Collector 0.83.2 and High CPU Throttling We are using OpenShift version 4.13.24 and it is actually on the ROSA AWS managed solution. I've been looking at some... by ve23 New Member in Getting Data In 12-19-2023 0 0	0	0
find disconnected Universal Forwarder Hi,I have installed Splunk Universal Forwarder on several Windows servers, and they send their Windows logs to the in... by maede_yavari Explorer in Getting Data In 12-19-2023 0 2	0	2