Getting Data In

Community Activity

Invalid Key In Stanza - index and sourcetype On my deployment server, when running btool check against inputs.conf and 'grep'ing for the name of my manually creat... by StuartMacL Path Finder in Getting Data In 08-11-2023 0 6	0	6
Splunk 9 blacklist or denylist? Did the blacklist/whitelist got replaced by denylist/allowlist in Splunk 9?In some Blogs i read that Splunk 9 replace... by TheEggi98 Path Finder in Getting Data In 08-11-2023 0 1	0	1
Use foreach, inputlookup, subsearch and index Hi Splunkers.I've been trying for weeks to do the following:I have a search that outputs a table with MITRE technique... by m0rt1f4g0 Explorer in Getting Data In 08-11-2023 0 1	0	1
sharing of calculated fields Hello,I have deployed an app to a distributed Search Head Cluster. This app contains only a props.conf file in the de... by dersa Path Finder in Getting Data In 08-11-2023 0 4	0	4
How to change segmenters to make my data working with PREFIX directive in tstats? Hi,I'm trying to use the PREFIX directive in TSTATS (here : https://docs.splunk.com/Documentation/Splunk/9.1.0/Search... by cdaviet Explorer in Getting Data In 08-11-2023 0 2	0	2
How to log results to an index? I'm trying to figure out why you would use the various methods for sending search results to an index. Note, I'm not ... by ejwade Contributor in Getting Data In 08-10-2023 0 4	0	4
how can I check 7 years of old data from splunk? Hi Team,how can I check 7 years old data that means the first ingestion was on 26 dec of 2016 I need total data size ... by prasireddy Explorer in Getting Data In 08-10-2023 0 9	0	9
How do I enable KMS encryption for Ingest Actions writes to S3? by fjiang Splunk Employee in Getting Data In 08-09-2023 0 1	0	1
Why are Total events not matching with breakdown searches? Hello, I'm creating a visualization and attempting to show the total amount of events, and break them down by a speci... by hperez Explorer in Getting Data In 08-09-2023 0 3	0	3
How to correctly implement tokens in a base search format ? Hey All, I'm trying to implement tokens in my base-search dashboard. But it seems like when I'm changing the token va... by Manta_ray Loves-to-Learn in Getting Data In 08-09-2023 0 6	0	6
Why am I getting a "/root/.splunk": Permission Denied error when running './splunk add forward-server ip:9997 While Forwarding Linux logs to Splunk I'm getting the error shown in the picture. Let me know if someone can me. I've... by Sudarshankumawa Engager in Getting Data In 08-08-2023 0 3	0	3
How to Join Command to compare 2 fields as a basis of comparison? Hello, How can we use 2 Fields to compare in Join Command. I have lookup table with tix1, tix2, tx3, and tx4 fields ;... by SplunkDash Motivator in Getting Data In 08-08-2023 0 5	0	5
Reusable Script - How to Reset All Tokens with a Single Click? Hello,I want to create a script that will reset all tokens in a dashboard. However, I would like this script to be re... by genesiusj Builder in Getting Data In 08-08-2023 0 10	0	10
Are there any SPLUNK recommended TAs on SteelCentral? Hello, Do you know if there are any SPLUNK recommended TAs on SteelCentral. I was looking at them in SPLUNK BASE, but... by SplunkDash Motivator in Getting Data In 08-08-2023 0 0	0	0
How to ping a list of IP address based on search results? Hi all,I have a search that run a query to a database and as a results i have several IP address.I would like to ping... by ngerosa Path Finder in Getting Data In 08-08-2023 0 12	0	12
Multiple Unix monitoring - How to do Splunk TA Nix distribution? Hello Splunkers ! Context : I want to deploy Splunk conf to monitor Unix system logs.Let's suppose I have two groups ... by GaetanVP Contributor in Getting Data In 08-08-2023 0 3	0	3
Why I am getting this error "The search you requested could not be viewed"? i am receiving the splunk alerts from the mail after that when i click on the "view result" i am getting this error... by Mahi4rus Explorer in Getting Data In 08-07-2023 0 7	0	7
Why is there Universal forwarder error from splunk-wmi.exe? I have been trouble shooting this problem for a little while now and no luck. Anyone have any guidance on what is cau... by chrisfilor Engager in Getting Data In 08-07-2023 1 1	1	1
How to replace field during parsing? Hello everyone, I have logs like 2022-11-23 12:47:42.000 id="123" event="some text text2 text3 text4" I w... by bosseres Contributor in Getting Data In 08-07-2023 0 5	0	5
How to create source type for 13 digit epoch? I have json data coming in that contains a 13 digit epoch value in eventTime, but %s appears to only support 10 digit... by loganramirez Path Finder in Getting Data In 08-07-2023 0 4	0	4
How to fix UNIX log parsing issue? Hi Team, I could see logs coming from UNIX devices in the below format <38>Aug 1 13:20:29 dns.customer.net 10.32.9.... by pm2012 Explorer in Getting Data In 08-07-2023 0 6	0	6
Splunk Heavy forwarder: How to fix the problem on port 9997? HI,i'm facing one of the issue on my heavy forwarder is not able to get the logs on 9997, where we have already confi... by MayurMangoli Loves-to-Learn Everything in Getting Data In 08-05-2023 0 2	0	2
Opentelemetry Splunk Hec Exporter x509: certificate is not valid for any names, but wanted to match Hi,I am trying to export data into Splunk using splunkhecexporter by Opentelemetry with TLS insecure_skip_verify=fals... by ericaooi Explorer in Getting Data In 08-04-2023 0 1	0	1
How to monitor logs 7 directories deep? Hi, I’m trying to monitor changing log files within directories that change regularly. These log files are 7 layers d... by ned692000 Engager in Getting Data In 08-04-2023 0 1	0	1
Do we have a function or way to determine network address provided we have ip address and subnet mask? Do we have a function or way to determine network address provided we have ip address and subnet mask? For instance 1... by nabeel652 Builder in Getting Data In 08-03-2023 0 9	0	9