Getting Data In

Community Activity

deployment server not updating inputs.conf on clients When pushing the Windows add on for Splunk using a deployment server, my inputs.conf files on the clients are not upd... by pc1 Path Finder in Getting Data In 09-01-2023 0 5	0	5
Deployed apps to Windows Forwarders are malformed Sometimes after an app has a change made to it when it is deployed to our Universal Forwarders on Windows computers t... by nathanhfraenkel New Member in Getting Data In 09-01-2023 0 1	0	1
CSV file ingest, exclude header I'm ingesting logs from DNS (Next DNS via API) and struggling to exclude the header. I have seen @woodcock resolve so... by NullZero Path Finder in Getting Data In 09-01-2023 0 2	0	2
How can I use CLONE_SOURCETYPE to send a cloned modified event to a 3rd party without indexing the cloned event? How can I use the CLONE_SOURCETYPE feature to clone an event that I need to modify and send to a 3rd party without in... by rphillips_splk Splunk Employee in Getting Data In 09-01-2023 0 5	0	5
Sometime the logs are missing, and it's not tracked the logs in consistence way- Mulesoft Logs Hello All, I am using splunk to store the logs in one of my projects. While I am using the developer org for my POC, ... by DineshRK New Member in Getting Data In 09-01-2023 0 1	0	1
Is it possible read content of /etc/passwd in machines which Splunk is agent installed? Hi there,Our system administration wanted something from Blue Team. They want to view root privilege users except roo... by 10061987 Engager in Getting Data In 08-31-2023 0 10	0	10
How to Forward Data from Splunk Enterprise to TCP Syslog Server? Hi, I have a simple TCP syslog server in the same network where I have setup my Splunk Enterprise platform 9.10. I am... by jamaluddin-k Explorer in Getting Data In 08-31-2023 0 4	0	4
How to make a search for some analytics with SPL? Hi,I need some analytics result in Splunk but i couldn't achieve. Here what i need.1) Which EventIDs is repeated in w... by 10061987 Engager in Getting Data In 08-31-2023 0 2	0	2
How do you create saved search using REST API call? Works in curl: curl -k -u admin:changeme http://localhost:8089/servicesNS/admin/search/saved/searches -d name=MySav... by sp04355 New Member in Getting Data In 08-30-2023 0 5	0	5
How to rename sourcetype at index time? Hi Experts, I would like rename sourcetype at index time with below config. props.conf [source::test/source.txt] TRAN... by rsannala Engager in Getting Data In 08-30-2023 0 1	0	1
Fields not recognized in Events from HTTP Event Collector (HEC) We are noticing that that same data received via the HTTP Event Collector is not searchable by Field like data receiv... by jfrankman Loves-to-Learn Lots in Getting Data In 08-30-2023 0 0	0	0
How to create Python Script to get logs from an API in ERROR ExecProcessor? Hello,we are a from a software editor integration team and we would like to help our customer to integrate easily our... by TrustBuilder New Member in Getting Data In 08-30-2023 0 0	0	0
Why is San server not sending logs to syslog? I have a Dell Equallogic Group Manager (san server) that's hasn't been sending logs to syslog. I've added all the ... by Lwoods Path Finder in Getting Data In 08-30-2023 0 0	0	0
How to get docker system events (not container logs) into Splunk? We have already enabled the Splunk logging driver, but this forwards logs from inside the containers. I want to ca... by hughkelley Path Finder in Getting Data In 08-30-2023 1 0	1	0
How to breakup data that has no timestamp? Here is a sample of my data. I want to separate each hours/min/sec since I have no timestamp I'm unable to make it w... by NanSplk01 Communicator in Getting Data In 08-30-2023 0 0	0	0
Splunk_ta_windows: Why are Index, source, and sourceType missing from my search? Hi I have installed splunk_ta_windows using deployment server using UF on windows clients and everything is fine. I ... by yr Loves-to-Learn Everything in Getting Data In 08-29-2023 0 16	0	16
Best way to use git for source version control with our Splunk infrastructure? Hi all, I'm looking for some advice on source version control. We have a couple deployers, a deployment server, ind... by maciep Champion in Getting Data In 08-29-2023 6 9	6	9
Why is the Sourcetype Not Showing Up? So I noticed today for whatever reason that my graphs were not giving up to date information. I looked into the issue... by MollyDS Explorer in Getting Data In 08-29-2023 0 5	0	5
How to create regex for multiple lines of a field value? I want to extract numeric values into seperate field "combinedrules": ["3000039", "3000081", "958052", "973335", "XSS... by RahulMisra Engager in Getting Data In 08-29-2023 0 5	0	5
How to create a field of stats to string for search in eval? Hi splunkers Why when I do the following query if it gives me the correct data Query \| inputlookup append=t mitre_... by m0rt1f4g0 Explorer in Getting Data In 08-28-2023 0 6	0	6
Why are Armis alerts logs not parsing correctly? hi, The Armis alerts in Splunk Cloud appear to be not being parsed correctly. We do have a technology addon for armis... by AL3Z Builder in Getting Data In 08-28-2023 0 3	0	3
How to ingest excel from UF Hi, I have a excel file on a linux server at a particular path.I have created a input file to monitor this file , but... by Dayalss Engager in Getting Data In 08-28-2023 0 2	0	2
Windows log having special characters when received in HF and Indexer- Air gapped environment Hi there,we have setup splunk in airgapped environment. Windows forwarding log to HF via UF agent port 9997. HF then ... by Aleena Explorer in Getting Data In 08-28-2023 0 0	0	0
Can we setup TLS connection without private key for third party certificates. Hi Team,I would like to establish an SSL/TLS-connection with third party CA certificates between the UFs -> HFs -> in... by VK18 Explorer in Getting Data In 08-28-2023 0 2	0	2
Is there a template for SimData for Threat and Vulnerability Data Generation? Has anyone used SimData for threat and vulnerability data generation? Is there a template available somewhere?Thanks. by dpguru New Member in Getting Data In 08-25-2023 0 0	0	0