Getting Data In

Community Activity

Support for Custom Data Model I would greatly appreciate support for customer model as a correlation search option in the VT4splunk app. by ez-secops-awn Engager in Getting Data In 07-17-2025 0 5	0	5
Sending data to an index using an script Hi everyone!Quick question. I would like to know how can I send data to an index using a python script.We need to ing... by MatheoCaneva1 Engager in Getting Data In 07-17-2025 0 6	0	6
Which addon to install to onboard Cisco Catalyst 8500-12x router logs into Splunk ? I need to onboard Cisco Catalyst 8500 router logs into Splunk. When I was looking for addons, I found the below addon... by dm1 Contributor in Getting Data In 07-16-2025 0 1	0	1
Input.Conf with Version numbers [monitor://\\njros1bva0597\d$\LogFiles\warcraft-9.0.71\logs\*] disabled = false host = NJROS1BVA0621 alwaysOpenFile =... by Cheng2Ready Communicator in Getting Data In 07-16-2025 0 6	0	6
Splunk Ingest Actions Trying to filter out all perfmon data using ingest actions. so, i try and see the samples and i get this error I chec... by tbarn005 Engager in Getting Data In 07-16-2025 0 7	0	7
Receiving HTTP 303 When Using Token-Based Authentication with Splunk Cloud REST API Hi Splunk Gurus, I’m working on a script to programmatically check if logs from a specific host are available in Splu... by asah Engager in Getting Data In 07-16-2025 0 2	0	2
how can I keep the original meta when cloning the event. I'm cloning the event and before cloning extracting sourcetype to use later.transforms.conf [copy_original_sourcety... by sudha_krish Explorer in Getting Data In 07-16-2025 0 5	0	5
Splunkstream disable specified protocol Currently I have setup Splunkstream, but there is a condition where I want to disable some data sources from certain ... by elend Communicator in Getting Data In 07-15-2025 0 4	0	4
Internal Log Forwarding Configuring Internal Log Forwarding 1- 1sh 2 indx 2 if and 4 uf 1 mc2- I can see only idx internal logs though I have... by Mirza_Jaffar1 Explorer in Getting Data In 07-14-2025 0 4	0	4
Standard User – UI File Upload – What Capabilities are required? I want to provide a standard Splunk user the ability to upload files via the web UI.Specifically, so that members of ... by nickhills Ultra Champion in Getting Data In 07-14-2025 0 1	0	1
How to add 2 separate filters to a single _raw splunk data in edge processor I have created a pipeline for filtering data coming into the sourcetype = fortigate_traffic.I would like to further a... by Rani2 Loves-to-Learn in Getting Data In 07-14-2025 0 1	0	1
btool cheat sheet Does anyone have a cheat sheet for btool to help newbies?Here is my version of btool cheat sheet: splunk btool <conf_... by youngsuh Contributor in Getting Data In 07-14-2025 1 8	1	8
How to Ensure Proper Load Balancing Across Multiple Heavy Forwarders? Hi,We’re currently facing a load imbalance issue in our Splunk deployment and would appreciate any advice or best pra... by mcfabrero_acn Explorer in Getting Data In 07-14-2025 0 3	0	3
Issues Indexing SAP System Log (SM21) Dear splunk community,After successfully implementing the input from @afx :"How to Splunk the SAP Security Audit Log"... by SPLAUR Engager in Getting Data In 07-11-2025 0 6	0	6
Writing regex for specific /var/log/*.log files The Splunk app for Linux already provided a stanza for collecting all the .log files in the /var/log folder ([monitor... by Na_Kang_Lim Path Finder in Getting Data In 07-11-2025 0 4	0	4
Splunk Deployment App Filtering SharePoint Logs Hi Splunk Community,I’m trying to reduce disk space usage on my Splunk Universal Forwarder by filtering out unnecess... by tbarn005 Engager in Getting Data In 07-10-2025 0 6	0	6
Sourcetype for JSON data fails to extract the timestamp I feed data to Splunk using the HTTP Event Collector, sample event:{<!-- -->"event":{<!-- -->"event_id": "58512040","event_name": "Ac... by mmaaxx Explorer in Getting Data In 07-09-2025 0 5	0	5
Prisma Cloud Integration Guys i have Splunk Cloud , i created Http Event Collector & in prisma i gave url /service/collector but logs are not ... by XOR Loves-to-Learn in Getting Data In 07-09-2025 0 3	0	3
Adaptive filtering/Stateful cross-event logic to filter unwanted events When collecting Linux logs using a Universal Forwarder we are collecting a lot of unnecessary audit log from cronjobs... by fatsug Builder in Getting Data In 07-09-2025 0 5	0	5
CITRIX onboard via SC4S - no events in splunk Hi,I am running splunk standalone 8.4.1 with Citrix add-on installed 8.2.3. Also, I have SC4S running version 3.31.0... by corti77 Contributor in Getting Data In 07-07-2025 0 4	0	4
Why am I Getting Duplicated Data Using HEC Ingestion Method I'm getting duplicated data when using lambda function to send events from cloudwatch to splunk through HTTP Event Co... by wsmworkhard Explorer in Getting Data In 07-03-2025 0 3	0	3
Does Splunk Add-on For M365 app work in GCC HIGH tenants? We are getting the following error when trying to ingest EXO mail logs into splunk using the add-in.line 151, in __ca... by TestAdminHorst New Member in Getting Data In 07-03-2025 0 2	0	2
Cisco Security Cloud Add_on vs. Splunk Add-On for Cisco ASA Onboarding Cisco FTD firewalls presents the choice of which Add-On to use. Apparently Cisco FTD firewalls run both AS... by kfsplunk Loves-to-Learn in Getting Data In 07-02-2025 0 2	0	2
Export search results to a folder outside splunk Hello EveryoneI need to export the search results to a folder outside the Splunk. To do this job we've exportresults ... by DineshElumalai Explorer in Getting Data In 07-02-2025 0 3	0	3
I unable to initialize modular input "TA-Akamai_SIEM" defined inside the app "Splunk_TA_siem_connector"? I am getting the below error. Unable to initialize modular input "TA-Akamai_SIEM" defined inside the app "Splunk_TA_... by kaushik3g Engager in Getting Data In 07-01-2025 0 4	0	4