Getting Data In

Community Activity

	spliting a field without multipling events Hello,I would like to properly parse rspamd logs that look like this (2 lines sample): 2023-11-12 16:06:22 #28191(rsp... by patpro Path Finder in Getting Data In 11-12-2023 0 2	0	2
	Universal Forwarder is not reading the log files Hello Splunkers, I have an issue with the UF file monitoring where the input is not being monitored/ not forwarding t... by iamsplunker Communicator in Getting Data In 11-11-2023 0 2	0	2
	Best recommendation for serach head cluster load balancer Hi,I have deployed a search head cluster with 3 members and one deployer. based on splunk document, is recommends tha... by maede_yavari Explorer in Getting Data In 11-11-2023 0 3	0	3
	Health Check: msg="A script exited abnormally with exit status: 1 issue in the ES SH. Hi ,How we can fix this issue in ES SH "Health Check: msg="A script exited abnormally with exit status: 1" input=".$S... by AL3Z Builder in Getting Data In 11-11-2023 0 1	0	1
	Matching the fields on 2 hosts Being fairly new to many features in Splunk, I wish to verify that the fields on 2 different hosts match for consiste... by Hawkins Loves-to-Learn in Getting Data In 11-10-2023 0 7	0	7
	Importing logs from Parquet into Splunk Hi Guys, I am performing a POC to import our parquet files into splunk, i have manage to write a python script to ext... by w344423 Explorer in Getting Data In 11-10-2023 0 1	0	1
	Pre-processing and save data I want to deal with big data uising Splunk.To reduce time for searching data, I want to select specific data from ori... by cross521 Engager in Getting Data In 11-09-2023 0 3	0	3
	Convert json array to table how to convert below json array to table{<!-- --> "Group10": {<!-- --> "owner": "Abishek Kasetty", "fail": 2, "total": 12, ... by Thulasiraman Explorer in Getting Data In 11-09-2023 0 4	0	4
	UF inputs.conf blacklist rege based not working Hi Splunkers, I have a problem with a blacklist filter.On customer's UF, we filtered out some events changing the inp... by SplunkExplorer Contributor in Getting Data In 11-09-2023 0 11	0	11
	Mysterious Log Feed I have a log feed which was configured by a previous employee. Documentation does not exist, of course...The feed sto... by StuartMacL Path Finder in Getting Data In 11-09-2023 0 1	0	1
	Installing Splunk 9.1.1.0 as a Local Admin on Windows OS using Ansible Playbook Hi, most of the splunk forwarder installed on servers are on NT Authority and will like to change this to local admi... by FAA Observer in Getting Data In 11-09-2023 0 3	0	3
	How did you integrate your Radware CWAF in Splunk? I am trying to integrate this solution into Splunk but I am finding problems. The most relevant as far is the number ... by JohnnyMnemonic Explorer in Getting Data In 11-09-2023 0 0	0	0
	[Error 409 Object Exists] is this a bug? Hallo.Don't know if it's a bug or not, but... SPLUNK 8.2.12...1. Create a simple EventType for "MYTEST" with tag "MYT... by verbal_666 Builder in Getting Data In 11-08-2023 0 1	0	1
	Extracting data from Elastic Search Hi at all,I have to extract raw data from an Elastic Search infrastructure ingesting them in Splunk Enterprise 9.1.1.... by gcusello SplunkTrust in Getting Data In 11-08-2023 0 0	0	0
	LINUX ESCU field values Hello partnersI request your kind support as I intend to activate the Linux ESCU correlations, however these do not w... by herguzav Explorer in Getting Data In 11-07-2023 0 3	0	3
	LINE_BREAKER- how to add How to add the LINE_BREAKER in propd .conf for the below events to get it split to different events . Currently these... by ethanthomas Path Finder in Getting Data In 11-07-2023 0 1	0	1
	How can I only display results where a field is in a table returned by another query I have data in two different applications. I need to get fields from one query to use as filters for another, like th... by jacu86 Engager in Getting Data In 11-07-2023 0 1	0	1
	Reassign Knowledge Object app Hi Splunkers, in our Splunk Cloud environment we had 2 need:Reassign knowledge object ownerReassign Knowledge object ... by SplunkExplorer Contributor in Getting Data In 11-07-2023 0 1	0	1
	Splunk Free- Exporting/Importing Data Hello, I am looking to use Splunk free edition to teach students about searching through logs. I plan on setting up S... by CSReviews Loves-to-Learn in Getting Data In 11-06-2023 0 1	0	1
	Get list of active indexes that are ingesting logs Hello,We have a splunk instance where we have configured security related logs. There are hundreds of indexes created... by koyachi Explorer in Getting Data In 11-06-2023 0 4	0	4
	Onboarding AWS Cloudwatch logs We followed the steps in https://docs.splunk.com/Documentation/DM/1.8.1/User/AWSAbout to onboard the data from a sing... by cxnsalvi Engager in Getting Data In 11-03-2023 0 0	0	0
	Use CLONE_SOURCETYPE only for matching events Hello, I'm currently trying to convert some mixed-text events into JSON. The log file is made of some pure text log l... by patpro Path Finder in Getting Data In 11-03-2023 0 5	0	5
	A better way to extract JSON? Hello,I want to get Rspamd logs into Splunk with every info available. The best I could do with Rspamd config yields ... by patpro Path Finder in Getting Data In 11-03-2023 0 0	0	0
	Azure Service Bus Hello,I have installed the Add on for Microsoft Azure.How can i get data in from Azure Service Bus? by Germaine1989 Engager in Getting Data In 11-03-2023 0 3	0	3
	My splunk agent service runs as NT SERVICE/SplunkForwarder user and I want to move it to a local account. I'm installing Splunk Universal Frowarder using the following command:choco install splunk-universalforwarder --versi... by giulianisanches Engager in Getting Data In 11-03-2023 0 5	0	5