Getting Data In

Community Activity

Indexqueue blocked on Heavy Forwarder I know there are similar posts about this, but I am not sure on what to do or tweak here.Messages I am getting are si... by cmlombardo Path Finder in Getting Data In 01-05-2024 0 3	0	3
deployment-app controlled outputs.conf not working Hello,I have a standalone Splunk Enterprise system (version 9.x) with 10 UFs reporting (Splunk Enterprise and the UFs... by dkr3500 Path Finder in Getting Data In 01-04-2024 0 1	0	1
How to troubleshoot why my PowerShell scripted input is not being run? I've set up a new scripted input using powershell as follows: Inputs.conf: [script://$SPLUNK_HOME\bin\scripts\RESEN... by mark19632 New Member in Getting Data In 01-04-2024 0 6	0	6
Splunk Blacklist DesktopExtension.exe addition inputs.conf Hello all,I am trying to blacklist this app that is generating a ton of Windows Event logs; till I find what app it i... by EiffelPalace Engager in Getting Data In 01-03-2024 0 5	0	5
Only first line from logfile is logged. Hi.We are seeing weird behaviour on one of our universal forwarders. We have been sending logs from this forwarder fo... by OGJ Engager in Getting Data In 01-03-2024 0 3	0	3
Forwarding data from splunk forwarder to splunk dashboards I am new to splunk, and need help configuring the log files collected from my honeypot to monitoring VM. They are on ... by jaxxxx New Member in Getting Data In 01-03-2024 0 1	0	1
Indexing Hi folks, Happy new year to you all:-)In my org the Splunk deployment is as follows:Heavy forwarders running (HF1, HF... by vishenps Path Finder in Getting Data In 01-02-2024 0 2	0	2
How to get list of summary index and sourcetype in Splunk I want to get the list of summary index configured in splunk. Please help me with queries to get the summary index an... by harishsplunk7 Explorer in Getting Data In 01-02-2024 0 2	0	2
Splunk Calls for given time period Hello Splunk Members,Need some help on below queries,-How many calls(read/writing) can we make in Splunk in a given t... by spampari Observer in Getting Data In 01-02-2024 0 1	0	1
SC4S: avoid sending metrics to Splunk Hi all,I am very new to Splunk and trying to avoid sending metrics to Splunk from the sc4s container.Memory consumpti... by pepitogrillospl Loves-to-Learn Lots in Getting Data In 01-02-2024 0 2	0	2
btool installation on windowds Hi i would like to know how to install btool on windows and can you please tell how to locate the file. i was trying ... by pm11 Engager in Getting Data In 01-02-2024 0 5	0	5
Redundancy in Data Using UF I am using a single universal forwarder on my windows machine to send a log file to my Splunk host machine deployed o... by tahaahmed354 Loves-to-Learn in Getting Data In 01-02-2024 0 3	0	3
Http Event Collector vs Add-on Some of my customers are using Splunk as their SIEM solution.I have a security platform that needs to integrate into ... by noamm91 Explorer in Getting Data In 01-01-2024 0 8	0	8
Regex extraction with different field delimiters Hi all,I have a very specifc regex extraction (search time extraction)_raw data example:\| union[\| makeresults\| eval _... by michael_vi Path Finder in Getting Data In 12-31-2023 0 10	0	10
When I edit inputs.conf and outputs.conf using the cli command, is there a reason why the paths to the modified files ar If I use the command ./splunk add monitor /var/log,-> /splunk/etc/apps/search/local/inputs.conf file will be modified... by munang Path Finder in Getting Data In 12-31-2023 0 4	0	4
Apps on Indexers I was thinking about this just now... How is it possible to have more than 1 app/add-on functioning on an Indexer? Be... by IAskALotOfQs Path Finder in Getting Data In 12-29-2023 0 3	0	3
Help parsing incoming data We have data coming in that we need to alert on, however because of the formatting of the data, this is very hard to ... by secphilomath1 Explorer in Getting Data In 12-28-2023 0 6	0	6
How to use REST to find LDAP mapped groups (roles and the AD group(s) they are mapped to) I needed to find my roles were mapped to LDAP active directory groups. I ended up with the search below. It works, bu... by blacknight659 Explorer in Getting Data In 12-28-2023 0 3	0	3
Report to monitor logon/logoff time and duration on Windows I was using the following question/answer: How can I use windows events to monitor logon sessions https://answers.sp... by ejwade Contributor in Getting Data In 12-27-2023 0 13	0	13
log injection configuration Recently configured a new input that has successfully ingesting logs but appears to be working intermittently. There ... by raghunandan1 Engager in Getting Data In 12-27-2023 0 2	0	2
Universal forwarder が新規ファイルをモニターしない日本語で失礼します。私はLinuxにUFをインストールし、input.confを以下のように設定しました。[monitor:///xxxx/]whitelist = xxxx_list_<yyyymmdd>.csvUFを再起動し、Sp... by nobunari New Member in Getting Data In 12-25-2023 0 1	0	1
Double sourcetype overriding Hi at all,I have a problem similar to one already solved by @PickleRick in a previous question:I have a flow from a... by gcusello SplunkTrust in Getting Data In 12-22-2023 0 9	0	9
french timestamp not understood Hello, I have a log where the timestamp is written with a abbreviated name for the month. My problem is that the abre... by pfoucher Engager in Getting Data In 12-22-2023 1 5	1	5
How do I add sample data to a cloud based trial instance? How do I add sample data to a cloud based trial instance? by bkenn07 Explorer in Getting Data In 12-21-2023 0 5	0	5
SC4S and McAfee EPO not working? So I have been trying to get SC4S working and I know where the docs are--> https://splunk.github.io/splunk-connect-fo... by domino30 Path Finder in Getting Data In 12-21-2023 0 1	0	1