Getting Data In

Discussions

Thread Info

Why are the logs that are being forwarded to the indexer, cannot be seen on the search head?

I can see the logs on the indexer but they aren't searchable on search head. I've already checked for - The ind...

by Path Finder in

Can we create a symbolic link for only search peer bundles in indexers?

Suppose splunk is installed in the path called SPLUNK_HOME/etc/.... and the search peers bundles are located the SPLU...

by Explorer in

How can I route os data from one set of indexers to another set of indexers?

Hi, We need to route os data from one set of indexers to another set of indexers,but while using the below setting...

by Engager in

indexes.conf location

Hi. I need to add some limits to retention in my indexes.conf file on several indexers. The documentation suggests...

by Path Finder in

How would I change the index of a sourcetype?

For example using WinEventLog: Security In props.conf [WinEventLog:Security] TRANSFORMS-routing=forexamplename ...

by New Member in

Indexing log files already (although not correctly) indexed

I am at first experience of indexing log files. Therefore I am conscious of not having a full control of what i am do...

by New Member in

How to onboard Secure Edge Data in splunk?

I want to onboard a Secure Edge device data to Splunk Enterprise Security. What will be the correct Solution to have ...

by New Member in

How to install Splunk on Windows 2012 R2 server?

Hi All, I m new to Splunk, I would like to install Splunk enterprise on Windows 2012 R2 server via RDC Manager , I c...

by Path Finder in

How to blacklist specific accounts in Windows security log event 4663?

I've seen several posts here, but none that really have a concrete answer on this. I'm trying to blacklist certain ac...

by Explorer in

iis server on board into splunk

Hello Professionals, we set up Splunk about 6 months ago, now we would like to onboard iis server to Splunk.May I kno...

by New Member in

Powershell input for Splunk universal forwarder - Windows Server

I am just trying to create a dashboard which shows Windows System information (like Task Manager) Powershell scrip...

by Contributor in

Can you put an overlay on a mstats prediction?

I had a question from one of our engineers who are looking to leverage the metric indicies to do predictions of memor...

by Builder in

input stanza for on prem codedeploy logs

we use codedeploy to deploy to some of our on prem servers with the codedepoy agent it logs to C:\Deployments\xxxxxx-...

by Explorer in

Splunk ML Toolkit, Python, Custom Algorithm: How do I output a plot in a custom algorithm?

For ex, in the supplied CorrelationMatrix example, can I plot the correlation values? Something like a 'corrplot' in ...

by New Member in

How to rename index in data sent from another splunk instance?

We are receiving data from an external splunk instance. They have indexes A,B,C. When our indexers receive there data...

by Path Finder in

Get Updates on the Splunk Community!

Getting Data In

Discussions

Why are the logs that are being forwarded to the indexer, cannot be seen on the search head?

Can we create a symbolic link for only search peer bundles in indexers?

How can I route os data from one set of indexers to another set of indexers?

indexes.conf location

How would I change the index of a sourcetype?

Indexing log files already (although not correctly) indexed

How to onboard Secure Edge Data in splunk?

How to install Splunk on Windows 2012 R2 server?

How to blacklist specific accounts in Windows security log event 4663?

iis server on board into splunk

Powershell input for Splunk universal forwarder - Windows Server

Can you put an overlay on a mstats prediction?

input stanza for on prem codedeploy logs

Splunk ML Toolkit, Python, Custom Algorithm: How do I output a plot in a custom algorithm?

How to rename index in data sent from another splunk instance?

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

Suggestions Please: REST Api, csv,html

Can you use ingest actions against _raw?

Can Data Manager import Cloudwatch ECS Fargate log...

cisco sdwan & cloud splunk: how to get data_input

Assistance Needed: Reformatting Provided Events to...