Getting Data In

Community Activity

Install Universal Forwarder on Exchange Server I’ve installed the Universal Forwarder on an Exchange Server 2016. It successfully collects most of the logs defined ... by phamanh1652 Path Finder in Getting Data In 08-18-2025 0 6	0	6
XML Parsing in transforms.conf Hi, I am having some big issues trying to parse certain XML logs into Splunk.A sample online log which is in the same... by ta1 Explorer in Getting Data In 08-17-2025 0 5	0	5
timestamp and itime does not match We’re using Splunk Cloud and have configured SC4S to collect logs from FortiAnalyzer, which receives logs from both F... by phamanh1652 Path Finder in Getting Data In 08-15-2025 0 6	0	6
Add on for IIS: sourcetypes I am wondering why the search-time configurations for this app have been deprecated.You can't do additional parsing s... by cmeo-bcit Explorer in Getting Data In 08-15-2025 0 2	0	2
Configure Alert Actions to collect data for the Splunk Add-on for Microsoft Security In the documentation to configure an alert action for Advanced Hunting it says to Navigate to Add-on UI > Settings > ... by edhealea Path Finder in Getting Data In 08-14-2025 0 2	0	2
user specific browser timeout I want to create a dedicated role with its own browser timeout settings, while keeping the default timeout settings f... by viku7474 Explorer in Getting Data In 08-13-2025 0 2	0	2
Role or User Specific Web Session Timeout Hi all,I have read through the splunk documentation for session timeout here, but these seems to be for splunk overal... by yh Path Finder in Getting Data In 08-13-2025 0 4	0	4
Data missing from universal forwarder on a Linux host I have a puzzle with a Linux host running RHEL 8.10, which is running Splunk Universal Forwarder 9.4.1, configured to... by ww9rivers Contributor in Getting Data In 08-12-2025 0 11	0	11
Trying to extract fields from a hybrid log Syslog/JSON nested logs Trying to extract some data from a hybrid log where the log format is <Syslog header> <JSON Data>.Have had success wi... by atme Loves-to-Learn Lots in Getting Data In 08-11-2025 0 1	0	1
Enabling of Splunk PDF scheduler Hi Splunk Community,I would appreciate your guidance regarding enabling Scheduled PDF Delivery in Splunk. Currently, ... by uagraw01 Motivator in Getting Data In 08-11-2025 0 11	0	11
Data ingest Monitor set to pull in a watched log that has no props/transforms configs applied. This would ingest the entire file ... by splunkville Observer in Getting Data In 08-11-2025 0 4	0	4
Why is Splunk Universal Forwarder unable to interpret checkpoint files for ausearch when running it as a Scripted Input? I’m running Splunk in a Linux Red Hat environment and trying to collect logs generated by the auditd service. I coul... by miketbrand0 Explorer in Getting Data In 08-08-2025 0 8	0	8
splunk how to get splunk add-on for unix and linux 9.2.0 version splunk how to get splunk add-on for unix and linux 9.2.0 version and 6.0.2 version..?? by silverKi Path Finder in Getting Data In 08-07-2025 0 2	0	2
How to edit my props and transforms to route data to an index based on index field name ? Hi allI'm building a distributed Splunk architecture with:1 Search Head2 Indexers (not in a cluster)1 Heavy Forwarder... by Sot_Sochetra Explorer in Getting Data In 08-07-2025 0 8	0	8
Is it possible to do search time field extraction based punct I have events in a log file and they have different formats from event to event. I'm wondering if there is any way to... by fredclown Builder in Getting Data In 08-07-2025 0 4	0	4
Has anyone experienced this squid error with splunk_recommended_squid log format? i am running Squid 5.2 and having an issue adding the splunk_recommended_squid log format to my squid configuration. ... by rsd0991 Engager in Getting Data In 08-05-2025 0 3	0	3
Extract public and private IP addresses fields separately I have trouble with getting public and private IP addresses fields separately. How can I extract private and public I... by cs308 Loves-to-Learn in Getting Data In 08-02-2025 0 3	0	3
information certifications ISO 27001 Team, do you know where I can find information about certifications like ISO 27001 that apply to our agents as Hotel ... by daniela1 Loves-to-Learn Lots in Getting Data In 08-01-2025 0 3	0	3
KVStore Failed 9.4.3 Hi,I upgraded Splunk Enterprise from 9.2.3 to 9.4.3, and the KVSotre status is failed.It was migrated successfully to... by tech_g706 Path Finder in Getting Data In 08-01-2025 0 5	0	5
SC4S parser Hello, I need to send all syslog data from opnsense to a specific index. As this is not a known vender source what is... by L_Petch Path Finder in Getting Data In 07-31-2025 0 2	0	2
Can't find "local event logs" option in splunk Hey, I installed splunk enterprise free trial on ubuntu server and this is the first time I am using splunk so I am f... by obuobu Engager in Getting Data In 07-30-2025 1 4	1	4
Splunk access to RHEL audit.log Running Splunk 9.3.5 on RHEL 8. STIG hardened environment. The non-Splunk RHEL instances running a Universal Forward... by ewok Explorer in Getting Data In 07-30-2025 0 4	0	4
Using Splunk UF to send data to ELK Hi, as the question suggest, I am trying to send 2 streams of logs.From the document Forward data to third-party syst... by Na_Kang_Lim Path Finder in Getting Data In 07-30-2025 0 1	0	1
Index time field extraction problem with space Hi all,I want to extract fields from a custom log format. Here's my transforms.conf:REGEX = ^\w+\s+\d+\s+\d+:\d+:\d+\... by sigma Path Finder in Getting Data In 07-29-2025 0 2	0	2
Splunk add on AWS connection pool is full HelloI'm collecting cloudtrail logs by installing Splunk add on AWS in the Splunk heavy forwarder.The following logs ... by KwonTaeHoon Path Finder in Getting Data In 07-28-2025 0 1	0	1