Getting Data In

Discussions

Thread Info

how to get Logs from Azure servers to On-prem splunk?

Hello, What is the best way to get windows logs and linux logs from aroung 200+ servers in Azure to on-prem splunk...

by Builder in

Inputlookup usage

I have an inputlookup table with list of email addresses . I already have a pre existing field called user . How do I...

by Path Finder in

How to use the date in a CSV filename as the timestamp in events when there is no date or time field?

Hi, We are monitoring a csv file which has date included in the filename, with the filename format: abc_xxx_yz-201...

by Contributor in

Event not showing full log entry.. newline issue?

For some reason Splunk is indexing one of my log files a bit oddly. In the following excerpt, the Splunk event is onl...

by New Member in

Why are props and transforms preconfigured to sanitize the hostname for pretrained sourcetypes like 'syslog' and 'linux_syslog_messages'?

Hello, Just a simple question about pretrained sourcetypes like 'syslog' and 'linux_syslog_messages'. Why are thos...

by Explorer in

After installing Splunk SDK for Python, why am I getting "ImportError: No module named spluklib.client" in my python code?

Hi, I just started trying Splunk SDK in Windows. I installed Python and Splunk SDK. However I have an error "Impor...

by Engager in

Heavy forwarder isn't forwarding data from UDP port to indexer

Hello team, I have a HF in place and it is supposed to listen to a UDP port and forward the data to the indexer. Its ...

by Engager in

How to configure the timestamp configuration on below event types.

Hi Folks, i have events on below format which does not have time stamp on first 20 lines and i tried to create the...

by Explorer in

How to disable Windows universal forwarder service auto start after first installation?

I am using Citrix provisioning system to install Windows UFW (Universal Forwarder) 6.5.2 and got an issue: after ins...

by New Member in

DB Connect 3.1 Errors

Our Splunk (6.2.2) is running on a Linux box. I downloaded Java JDK 1.8 131 and verified: Java(TM) SE Runtime Envi...

by Engager in

monitor - File& directories - file is not getting updated on recent changes

I have added file ABC.csv from my local directory and uploaded it on splunk by "monitor" adding data option. sourc...

by New Member in

Getting this error version `OPENSSL_1.0.0' not found

Can any one please suggest, how to fix this error: ERROR BucketMover - coldToFrozenScript /usr/bin/python: /opt/splun...

by Path Finder in

JSON timestamp not parsed via HTTP Event Collector in Splunk cluster

I have a similar issue as described in another question "JSON timestamps not parsed via HTTP Event Collector". But I'...

by Explorer in

How to get the Multiselect input to create a search without " when selecting multiple values

I'm trying to create a training dashboard based on Multiselect and the HTTP status code. If I create the Multiselect ...

by Splunk Employee in

How to filter out only the accelerated reports in splunk ?

Hi All, I need to filter out only the reports that are configured as Accelerated Reports in searches,Reports and Aler...

by Motivator in

Get Updates on the Splunk Community!

Getting Data In

Discussions

how to get Logs from Azure servers to On-prem splunk?

Inputlookup usage

How to use the date in a CSV filename as the timestamp in events when there is no date or time field?

Event not showing full log entry.. newline issue?

Why are props and transforms preconfigured to sanitize the hostname for pretrained sourcetypes like 'syslog' and 'linux_syslog_messages'?

After installing Splunk SDK for Python, why am I getting "ImportError: No module named spluklib.client" in my python code?

Heavy forwarder isn't forwarding data from UDP port to indexer

How to configure the timestamp configuration on below event types.

How to disable Windows universal forwarder service auto start after first installation?

DB Connect 3.1 Errors

monitor - File& directories - file is not getting updated on recent changes

Getting this error version `OPENSSL_1.0.0' not found

JSON timestamp not parsed via HTTP Event Collector in Splunk cluster

How to get the Multiselect input to create a search without " when selecting multiple values

How to filter out only the accelerated reports in splunk ?

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!

What’s New in Splunk Cloud Platform 9.1.2308?

Calculating math on three different searches

Reports are not indexed correctly

Journald exclude specific services

Combine multiple index searches into one overall s...

Custom Attribute Retrieval in VMware App (Add-on f...