Getting Data In

Community Activity

REST API Python - Issue with pulling results before search job is done. I wrote a script in Python to run a search query and return the results. The code to send the search query is: sid1... by sd248011 New Member in Getting Data In 03-21-2013 0 5	0	5
Search a particular source based on earlier search Hi , I have user logs which are thousands in number per day. Iam trying to isolate users who had issues and then th... by prabhu_kar New Member in Getting Data In 03-21-2013 0 2	0	2
props.conf Does props.conf go on a forwarder or on the main splunk server? by peter_gianusso Communicator in Getting Data In 03-21-2013 0 1	0	1
Extracting hostname from filename - inputs.conf on UF - host_regex issue Having an issue with bluecoat logs that are dropped on a server with a UF. Attempting to extract the hostname with t... by dewald13 Path Finder in Getting Data In 03-21-2013 2 9	2	9
too_Small Sourcetype What would cause a file being indexed to have a sourcetype of SOAMetrics-too_small ? I am not assigning that sourc... by peter_gianusso Communicator in Getting Data In 03-21-2013 0 1	0	1
Preformat Automatic Report - CSV I have written a report that I wish to have delivered automatically by Splunk in a csv file so I can open it in excel... by rlautman Path Finder in Getting Data In 03-21-2013 0 2	0	2
Index past logs under one source I was wondering: Is there a way to index past logs and still have them show up as just one source? Example: I have... by gnovak Builder in Getting Data In 03-21-2013 0 6	0	6
Monitoring the delta changes ( new changes ) in an error logs Hello Splunk Expert, The situation: I have a logs file around 10 MB generated from web application errors. this log ... by royimad Builder in Getting Data In 03-21-2013 0 4	0	4
Splunk search of indexed CSV file does not pull out all the fields Hi, Splunk newbie here... I am trying to get a csv file of performance metrics into Splunk. Briefly, there are about... by TomJordan Explorer in Getting Data In 03-21-2013 0 2	0	2
using access-combined I am not able to get the correct date I am having problems getting splunk to read my log file correctly. as you can see from the below example, the report... by sphariss New Member in Getting Data In 03-21-2013 0 1	0	1
splunk add forward-server IP:PORT -auth user:pass - For UDP ??? Hi, Please i need to use de UDP protocol to add Forwarders (Universal in my case) buy supoust its de same command wo... by grillotron New Member in Getting Data In 03-21-2013 0 5	0	5
overwite of logging data Hi all How/where do I set inside splunk so that the logging data(ie syslog data) can be overwrite in X number of mon... by Bsa_syslog New Member in Getting Data In 03-21-2013 0 2	0	2
How to configure Universal and Heavy forwarders to filter syslog data for VMware and Cisco traffic then route to their respective index? I have the following config: 1 Splunk Indexer1 Universal Forwarder1 Heavy Forwarder Here is what is working... I ... by pdherna1 Explorer in Getting Data In 03-20-2013 0 5	0	5
Splunk 4.2 Universal Forwarder *nix app install via CLI I am running a Linux box as an indexer and have multiple servers feeding data back to the index. The issue I am havi... by monkeybox Engager in Getting Data In 03-20-2013 1 6	1	6
How do I get Splunk to log Cisco ASA Bad Password Attempts? I am trying to log "Bad Passwords" or "Access Denied" attempts on the ASA and alert on them with Splunk: I have the ... by bihslogging New Member in Getting Data In 03-20-2013 0 2	0	2
What is the security measures that i should take when introducing universal forwarder on a production environment? Hello Splunkies, I need to know what are the security measures that is should take if i want to introduce universal ... by royimad Builder in Getting Data In 03-20-2013 1 3	1	3
Cisco ASA Logging of Bad Password Attempts I am trying to log "Bad Passwords" or "Access Denied" attempts on the ASA and alert on them with Splunk: I have the ... by prosyspath New Member in Getting Data In 03-20-2013 0 1	0	1
Need to parse the data Data: [2013-03-17 23:48:23,472] [[ACTIVE] ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] INF... by tmuthuk Path Finder in Getting Data In 03-20-2013 0 1	0	1
Splunk free license, maximum sizes per day of data i need to know is if i'm sending 10 MB file to splunk instance free license from a universal forwarder and splunk onl... by royimad Builder in Getting Data In 03-20-2013 0 1	0	1
Using field values in a bash script Hello, I'm trying to write a shell script in response to attempted ssh logins from multiple IP addresses. I have use... by xureal New Member in Getting Data In 03-20-2013 0 4	0	4
problem filtering data Good morning, I have a problem filtering data from UF. The scenario: UF --> Splunk indexer configuration in UF: ... by fahrenheit New Member in Getting Data In 03-20-2013 0 6	0	6
monitoring wildcards... Hi, I need to monitor a specific file that can exist in many subdirectories. The file exists below this directory: F... by a212830 Champion in Getting Data In 03-20-2013 0 3	0	3
Parsing text I apologize in advance if this question has already been asked and answered. If it has, I am most likely demonstrati... by mfrederickson New Member in Getting Data In 03-20-2013 0 2	0	2
multiple forwarder instances on same server Hi Does anyone know if the steps in this article: http://wiki.splunk.com/Community:Run\_multiple\_Splunks\_on\_one\... by bob87 Explorer in Getting Data In 03-20-2013 1 2	1	2
What is the distinction between parsed , unparsed , and raw data? What processsing does the light forwarder do when sending unparsed data, to distinguish what it does with raw data? S... by Steve_G_ Splunk Employee in Getting Data In 03-20-2013 6 2	6	2

Get Updates on the Splunk Community!

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

AI is one of the biggest topics in the market today, and for security teams, its value goes far beyond the ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

[REGISTER HERE] This thread is for the Community Office Hours session on Detection Engineering Office Hours: ...

Getting Data In

REST API Python - Issue with pulling results before search job is done.

Search a particular source based on earlier search

props.conf

Extracting hostname from filename - inputs.conf on UF - host_regex issue

too_Small Sourcetype

Preformat Automatic Report - CSV

Index past logs under one source

Monitoring the delta changes ( new changes ) in an error logs

Splunk search of indexed CSV file does not pull out all the fields

using access-combined I am not able to get the correct date

splunk add forward-server IP:PORT -auth user:pass - For UDP ???

overwite of logging data

How to configure Universal and Heavy forwarders to filter syslog data for VMware and Cisco traffic then route to their respective index?

Splunk 4.2 Universal Forwarder *nix app install via CLI

How do I get Splunk to log Cisco ASA Bad Password Attempts?

What is the security measures that i should take when introducing universal forwarder on a production environment?

Cisco ASA Logging of Bad Password Attempts

Need to parse the data

Splunk free license, maximum sizes per day of data

Using field values in a bash script

problem filtering data

monitoring wildcards...

Parsing text

multiple forwarder instances on same server

What is the distinction between parsed , unparsed , and raw data?

Deep Dive: Accelerate threat investigation with Splunk’s AI Assistant in Security

Announcing Modern Navigation: A New Era of Splunk User Experience

Detection Engineering Office Hours: Real-World Troubleshooting & Q&A

CiscoSecurityCloud TA 3.6.7 -eStreamer ingestion f...

SC4S postfilter not dropping Fortigate east-west t...

Transilience AI threat intel feed integration

How to integrate threat armor with splunk?

How to integrate Google Cloud armor with splunk?

Getting Data In

Join the Conversation