Getting Data In

Community Activity

regex Can someone help me with these regex on inputs.conf on universal forwarder?For some reason, isn't working. Much appre... by TheBravoSierra Path Finder in Getting Data In 11-02-2023 0 4	0	4
IMAP Connect exchange to read email Anyone figure out how to use Splunk SOAR IMAP app to connect to exchange mailbox ?The goal is to read new email comin... by hennesey Loves-to-Learn in Getting Data In 11-02-2023 0 1	0	1
define input.conf Hi Splunkers! I would like to know how to define a .evtx file, I had defined in this way, but it didn't works[mon... by smanojkumar Contributor in Getting Data In 11-02-2023 0 2	0	2
Get data using python script Hello,I want to schedule a python script which uses pandas and beautifulsoup4 as librairies. But my splunk does not h... by salt17 New Member in Getting Data In 11-02-2023 0 1	0	1
How do i disable forwarding for one sourcetype Hi,We need to send some security events to an external party. We also need this for our internal use.On my test inst... by pjcable Engager in Getting Data In 11-01-2023 0 1	0	1
How to blacklist a host (hosts is sending logs to Splunk via TCP)? Hello, I have a data input of TCP type, and is associated with an index. I have a request to remove 2 hosts that keep... by eli9714 New Member in Getting Data In 11-01-2023 0 5	0	5
Configure Splunk to get the aide log file I am trying to configure Splunk to read the aide.log file, which file(s) do I need to modify in Splunkforwarder to g... by ck26676 New Member in Getting Data In 11-01-2023 0 4	0	4
Want to replace column name with today's date I have a query to display following 3 fields \| table pp_user_action_name,Today_Calls,Avg_todayi want to replace 'Avg_... by sabari80 Explorer in Getting Data In 11-01-2023 0 4	0	4
Open Telemetry Errors in Windows Getting a ton of these Telemetry errors in Event Log of a windows server with at UF installed. They started a few day... by Dominic32 Explorer in Getting Data In 11-01-2023 0 1	0	1
How to clean Duplicates from Index? Hello, We have a use case. Using the Splunk DB Connect, we ingest data from the various systems especially from the E... by delly_fofie Engager in Getting Data In 11-01-2023 0 5	0	5
Add a new field in indexing time from data received via HEC Hi,I am using Splunk 9.0.6, and I configured HEC + Syslog Connector for Splunk for the data ingestion.At the moment, ... by corti77 Contributor in Getting Data In 11-01-2023 0 3	0	3
Additional fields extraction from json data I have field CI extracted from json payload {<!-- -->"Name": "zSeries","Severity":5,"Category":"EVENT","SubCategory":"Service... by RSS_STT Explorer in Getting Data In 11-01-2023 0 10	0	10
Endpoint data Model Services Hashes, DLLs and executables Hello ComunityI am trying to identify the following.What would be the best data source/s on Win Systems to gain visib... by DanAlexander Communicator in Getting Data In 10-31-2023 0 0	0	0
Handling breaking and field extraction from Header section plus Repeated sections in XML Hi, We need to forward XML documents from a UF to indexers that have key fields both in a one-time header section an... by rickferrante Explorer in Getting Data In 10-30-2023 0 1	0	1
ITSI no services and N/A in tree view I am very new to ITSI, the operational task is to create a business service in ITSI.I have created a test service and... by siraj Engager in Getting Data In 10-29-2023 0 0	0	0
Why is a sourcetype not being applied to a summary index that was migrated? Hello! As part of data separation activities I am migrating summary indexes between Splunk deployments. Some of thes... by andrewtrobec Motivator in Getting Data In 10-28-2023 0 2	0	2
How do I find what host sending event to Splunk using HTTP event collector? Is this possible to get source which sending the data or IP of the source. If it possible.Thanks by karu0711 Communicator in Getting Data In 10-28-2023 0 3	0	3
Syslog data going to lastchanceindex I added a new syslog source using upd port 514. The data is being ingested into "lastchanceindex". How can I find out... by Dominic32 Explorer in Getting Data In 10-27-2023 0 3	0	3
Importing lookup table to Splunk lookup table file editor Is it possible to import an already created lookup table into the Splunk lookup file editor without having to create ... by waJesu Path Finder in Getting Data In 10-27-2023 0 5	0	5
Openshift logs to Splunk Cloud Anyone can help me to onboard data and metrics from openshift to Splunk Cloud. Forwarding Logs to Splunk Using the Op... by jdtcabanglan Loves-to-Learn in Getting Data In 10-27-2023 0 0	0	0
Where does the persistent queue fit in the data pipeline? Was just going through the ‘Masa diagrams’ link: https://community.splunk.com/t5/Getting-Data-In/Diagrams-of-how-inde... by Utkc137 Explorer in Getting Data In 10-26-2023 0 1	0	1
Timeout when configuring Proofpoint TAP SIEM Modular Input I've installed the Proofpoint TAP SIEM Add-on version 1.3.140, and I'm trying to configure a modular input on my heav... by hettervik Builder in Getting Data In 10-26-2023 1 6	1	6
Integrating web apps in azure to splunk I need your support in finding a way to integrate web apps hosted in the Azure cloud with Splunk. As i tried using ma... by Yaser_111 New Member in Getting Data In 10-25-2023 0 0	0	0
xml index size greater than log file Hi, I am having an issue with my data ingestion. I have a xml log file that I am ingesting that is 1GB in size but is... by Strangertinz Path Finder in Getting Data In 10-25-2023 0 0	0	0
Multiple monitor stanzas with wildcard and single file in inputs.conf Hello,is it possible to have mydirectory\*.log monitor stanza to route data to usual indexers (or any specific monito... by splunkreal Influencer in Getting Data In 10-25-2023 0 6	0	6