Getting Data In

Community Activity

Routing to index based on host not working Hello there.I have IIS logs being ingested into Splunk.The sourcetype is currently set to "iis:test"props.conf:[iis:t... by cmlombardo Path Finder in Getting Data In 10-02-2023 0 4	0	4
Aggregate auditd events Hello everyone! Do anybody know, is it possible to aggregate (bind) auditd events (I mean logs from audit/audit.log) ... by bosseres Contributor in Getting Data In 10-02-2023 0 3	0	3
Can I shorten frequent words? Hello comrades, I'm just curios is there anyway to shorten frequent words?For example: <Data Name='IpAddress'>::ffff:... by BoldKnowsNothin Path Finder in Getting Data In 10-02-2023 0 7	0	7
Windows Filtering Platform event logs - Username HiI'm currently working on obtaining Windows Filtering Platform event logs to identify the user responsible for runni... by CyberCyber New Member in Getting Data In 09-30-2023 0 1	0	1
Will deleting audit events be logged in the internal index? I wonder if the activity of deleting audit events from Splunk cloud will be logged/tracked in Splunk internal logs, e... by just4testsplunk New Member in Getting Data In 09-29-2023 0 6	0	6
Forwarder behind a proxy Hi, i want to send out data with an forwarder to a splunk indexer hosted in the web like splunk storm. Is it possi... by Matthias_BY Communicator in Getting Data In 09-29-2023 1 6	1	6
To Exclude all the NULL values from the index Hello,I was trying to explore all the null values in my index but is it not working as expected do we need any change... by AL3Z Builder in Getting Data In 09-29-2023 0 5	0	5
How to blacklist the logs to stop ingesting into splunk. Hi,I had blacklisted C:\\Program Files\\SplunkUniversalForwarder\\bin\\splunk.exe in inputs.conf of Deploymentserve... by AL3Z Builder in Getting Data In 09-29-2023 0 3	0	3
Splunk UF compatibility with Splunk Cloud I recently upgraded or rather installed a Splunk UF version 9.1.1 which communicates back to Splunk Cloud but I seem ... by blazingblu New Member in Getting Data In 09-28-2023 0 3	0	3
How to create a regex for these events? Hi All, Can any one pls share a regex for the below events to exclude(text in red). 1.<Event xmlns='http://schemas.mi... by AL3Z Builder in Getting Data In 09-27-2023 0 11	0	11
Tableau System Logs Hello everybody, i am wondering if anybody already do some Tableau System Monitoring with the Logs Tableau provided?... by splk Communicator in Getting Data In 09-27-2023 1 3	1	3
Behaviour of app.conf with deployment server Hello,looks like when we enable or disable app from deployment server (GUI for instance) then app.conf in deployment-... by splunkreal Influencer in Getting Data In 09-27-2023 0 0	0	0
Cisco eStreamer eNcore - filtering not working Good day, I'm trying to filter connection events from FMC eStreamer, i.e. I do not need Allowed connections in Splun... by halfreeman New Member in Getting Data In 09-27-2023 0 10	0	10
Search sequence knowledge object in splunk? I had a interview question that what is search sequence of knowledge object in splunk.Please helpme regarding this, by karthi2809 Builder in Getting Data In 09-27-2023 0 1	0	1
What is the CPU & memory utilization of Splunk Forwarder? Hi Friends, I want to know 2 things as mentioned below: What is the typical CPU & Memory consumption of Splunk Forw... by govinduk New Member in Getting Data In 09-27-2023 0 4	0	4
Evaluate search based on one index I would like help with creating the following.Search when account was created and return a list of users who have not... by KDWilk Loves-to-Learn in Getting Data In 09-26-2023 0 1	0	1
Ingest Actions error Hi Everyone,after i select the source type i am getting below error while using ingest actions. I had to update the p... by SS1 Path Finder in Getting Data In 09-26-2023 2 0	2	0
Why is my LINE_BREAKER is not working? Hello, recently I've added a new firewall as a source to the splunk solution at work but I can't figure why my LINE_B... by Berfomet96 Explorer in Getting Data In 09-26-2023 0 1	0	1
Splunk Universal Forwarder Compatibility to Splunk Indexer 8.0.2 Hi,in the official compatibility matrix there is no column for Indexer 8.0.x anymore as its no longer supported.https... by gebr Explorer in Getting Data In 09-26-2023 0 2	0	2
first Splunk install - cannot get HEC working I set up a sample VM for myself to test out Splunk configuration. I wanted a stand-alone service just to make sure I ... by ssdarkside2 Explorer in Getting Data In 09-26-2023 0 4	0	4
Archiver - Reporting reporting messages regarding ops.json The splunkd.log is reporting message regarding ops.json file. I can not find any references to what this file is used... by splunkcvc2 Engager in Getting Data In 09-26-2023 2 2	2	2
Splunk OTEL Collector throwing Timeout and Authentication error. We are seeing some Timeout and Authentication error while collecting data from OTEL kubernetes collector through HEC,... by devsru Explorer in Getting Data In 09-26-2023 0 0	0	0
LINE_BREAKER for nmap output I must be high on Easter chocolate, as I just can't get this to work right. Problem: I have nmap verbose output (... by howyagoin Contributor in Getting Data In 09-26-2023 2 8	2	8
How to add and parse XML data in Splunk? Hi, I have an XML file as my source file. It has the following structure: <photos> <photo id="123" title="Birth... by prijila Engager in Getting Data In 09-26-2023 4 9	4	9
alerts Splunk Forwarder did not send any data by alvina New Member in Getting Data In 09-26-2023 0 1	0	1