Getting Data In

Community Activity

How to forward indexes to different port of the same server? Dear Support, I have 2 indexes (indexA, indexB) and one receiving server with 2 different ports (10.10.10.10:xx, 10.... by Adpafer Loves-to-Learn Everything in Getting Data In 09-05-2023 0 9	0	9
How to use Lookup table to analyze events? I created a lookup table for blacklisted DNS queries. I need a query that uses the lookup table to see if domains in ... by waJesu Path Finder in Getting Data In 09-05-2023 0 9	0	9
Is it possible to have multiple hosts for one LDAP Strategy? Hi all, We have Splunk connected to 5 LDAP domains and each one with at least 10 servers. Today Splunk is pointing ... by fjmelo Engager in Getting Data In 09-05-2023 1 3	1	3
Cisco Mobility Express data into Splunk Hi.I've tried to get Splunk to understand syslog messages coming from a Cisco Mobility Express setup.Mobility Express... by amuso Loves-to-Learn in Getting Data In 09-04-2023 0 0	0	0
How to send data to two different Cloud instances? Hi folks, I have a HF already sending data to one cloud instance, however I'd like to start sending data to a diffe... by splunk_luis12 Path Finder in Getting Data In 09-04-2023 0 5	0	5
How to use props.conf to parse json file in splunk HiI am new to splunk. I set up a single-site cluster to parse a JSON-formatted log. I use cm in the path of /opt/splu... by camellia Engager in Getting Data In 09-03-2023 0 1	0	1
deployment server not updating inputs.conf on clients When pushing the Windows add on for Splunk using a deployment server, my inputs.conf files on the clients are not upd... by pc1 Path Finder in Getting Data In 09-01-2023 0 5	0	5
Deployed apps to Windows Forwarders are malformed Sometimes after an app has a change made to it when it is deployed to our Universal Forwarders on Windows computers t... by nathanhfraenkel New Member in Getting Data In 09-01-2023 0 1	0	1
CSV file ingest, exclude header I'm ingesting logs from DNS (Next DNS via API) and struggling to exclude the header. I have seen @woodcock resolve so... by NullZero Path Finder in Getting Data In 09-01-2023 0 2	0	2
How can I use CLONE_SOURCETYPE to send a cloned modified event to a 3rd party without indexing the cloned event? How can I use the CLONE_SOURCETYPE feature to clone an event that I need to modify and send to a 3rd party without in... by rphillips_splk Splunk Employee in Getting Data In 09-01-2023 0 5	0	5
Sometime the logs are missing, and it's not tracked the logs in consistence way- Mulesoft Logs Hello All, I am using splunk to store the logs in one of my projects. While I am using the developer org for my POC, ... by DineshRK New Member in Getting Data In 09-01-2023 0 1	0	1
Is it possible read content of /etc/passwd in machines which Splunk is agent installed? Hi there,Our system administration wanted something from Blue Team. They want to view root privilege users except roo... by 10061987 Engager in Getting Data In 08-31-2023 0 10	0	10
How to Forward Data from Splunk Enterprise to TCP Syslog Server? Hi, I have a simple TCP syslog server in the same network where I have setup my Splunk Enterprise platform 9.10. I am... by jamaluddin-k Explorer in Getting Data In 08-31-2023 0 4	0	4
How to make a search for some analytics with SPL? Hi,I need some analytics result in Splunk but i couldn't achieve. Here what i need.1) Which EventIDs is repeated in w... by 10061987 Engager in Getting Data In 08-31-2023 0 2	0	2
How do you create saved search using REST API call? Works in curl: curl -k -u admin:changeme http://localhost:8089/servicesNS/admin/search/saved/searches -d name=MySav... by sp04355 New Member in Getting Data In 08-30-2023 0 5	0	5
How to rename sourcetype at index time? Hi Experts, I would like rename sourcetype at index time with below config. props.conf [source::test/source.txt] TRAN... by rsannala Engager in Getting Data In 08-30-2023 0 1	0	1
Fields not recognized in Events from HTTP Event Collector (HEC) We are noticing that that same data received via the HTTP Event Collector is not searchable by Field like data receiv... by jfrankman Loves-to-Learn Lots in Getting Data In 08-30-2023 0 0	0	0
How to create Python Script to get logs from an API in ERROR ExecProcessor? Hello,we are a from a software editor integration team and we would like to help our customer to integrate easily our... by TrustBuilder New Member in Getting Data In 08-30-2023 0 0	0	0
Why is San server not sending logs to syslog? I have a Dell Equallogic Group Manager (san server) that's hasn't been sending logs to syslog. I've added all the ... by Lwoods Path Finder in Getting Data In 08-30-2023 0 0	0	0
How to get docker system events (not container logs) into Splunk? We have already enabled the Splunk logging driver, but this forwards logs from inside the containers. I want to ca... by hughkelley Path Finder in Getting Data In 08-30-2023 1 0	1	0
How to breakup data that has no timestamp? Here is a sample of my data. I want to separate each hours/min/sec since I have no timestamp I'm unable to make it w... by NanSplk01 Communicator in Getting Data In 08-30-2023 0 0	0	0
Splunk_ta_windows: Why are Index, source, and sourceType missing from my search? Hi I have installed splunk_ta_windows using deployment server using UF on windows clients and everything is fine. I ... by yr Loves-to-Learn Everything in Getting Data In 08-29-2023 0 16	0	16
Best way to use git for source version control with our Splunk infrastructure? Hi all, I'm looking for some advice on source version control. We have a couple deployers, a deployment server, ind... by maciep Champion in Getting Data In 08-29-2023 6 9	6	9
Why is the Sourcetype Not Showing Up? So I noticed today for whatever reason that my graphs were not giving up to date information. I looked into the issue... by MollyDS Explorer in Getting Data In 08-29-2023 0 5	0	5
How to create regex for multiple lines of a field value? I want to extract numeric values into seperate field "combinedrules": ["3000039", "3000081", "958052", "973335", "XSS... by RahulMisra Engager in Getting Data In 08-29-2023 0 5	0	5