Getting Data In

Community Activity

how to index a json file ? HI, i am trying to index a local json file, but when going trough the sourcetype the predefined json source type is ... by abilis Explorer in Getting Data In 07-27-2023 0 10	0	10
How to search to exclude part of DIR from windows log? Hello All, I'm trying to run query that will allow me to exclude events with part of a file path built in a windows ... by codedtech Path Finder in Getting Data In 07-26-2023 0 1	0	1
How can i redirect data from an index to a new one Hello, I would like to know how can i redirect data from a general index to a new one ? Example : General index :... by baroudiem New Member in Getting Data In 07-26-2023 0 5	0	5
Sending Specific Events to Separate Indexes Hi There,I am currently trying to set up specific events to be sent to a separate index.The documentation on how to d... by jamie1 Communicator in Getting Data In 07-26-2023 0 12	0	12
What is causing issue with data ingestion for xml? Hi community, I have an issue where I am ingesting some xml data but the data coming in is very sporadic. Any idea wh... by Strangertinz Path Finder in Getting Data In 07-26-2023 0 11	0	11
kvstore import - fastest way what's the fastest way to import into KVStore?I have about 650 000 rows and import is slow over "Lookup File Editig" ... by jbanAtSplunk Communicator in Getting Data In 07-26-2023 0 3	0	3
VectraAI syslog to Splunk via SC4S I have taken over a project from 2 colleagues to install and integrate VectraAI and Splunk.We have a Vectra X29 as Br... by tkrjukoff New Member in Getting Data In 07-26-2023 0 0	0	0
Enable Logging for IIS Fields Currently we have Microsoft IIS Web-Servers out in the environment, but the fields they are logging is spotty. Is the... by matthew-miller Loves-to-Learn in Getting Data In 07-25-2023 0 3	0	3
Getting xml data into Splunk consistently? I am having trouble with ingesting my data into Splunk consistently. I have an XML log file that is constantly being ... by Strangertinz Path Finder in Getting Data In 07-25-2023 0 3	0	3
How to integrate threat intel platform in splunk (OpenCTI) Hi!i want to integrate OpenCTI intel feeds to splunk and i don't find any Add-on for this integration .OpenCTI provid... by splk_user Path Finder in Getting Data In 07-25-2023 0 1	0	1
Redirecting logs to 3party only for One index Hi, I am trying to redirect logs only for a specified index of mine to 3rd party. But The target destination is recei... by nikk Engager in Getting Data In 07-25-2023 0 2	0	2
Retrieve Windows DNS Logs - best practices ? Hello Splunkers,Whats is "the best practice" to ingest DNS logs inside a distributed Splunk environment. I hesitate ... by GaetanVP Contributor in Getting Data In 07-25-2023 0 4	0	4
Splunk search to check forwarder status based on last connected time Hi Team,i am using this search to check the status of UF"down based on last connection time.but when i am removing th... by sekhar463 Path Finder in Getting Data In 07-24-2023 0 2	0	2
Jira Issue Input: Why is Add-on data not indexing? hello, I have installed the add-on (Jira issue input add-on: https://splunkbase.splunk.com/app/6168) for collecting j... by sweetie Explorer in Getting Data In 07-24-2023 0 6	0	6
Certificate error while integrating Sailpoint with Splunk Hello Experts, We are trying to integrate Sailpoint with Splunk. We used the required add-on and all the necessary in... by manishchoudhary Loves-to-Learn in Getting Data In 07-24-2023 0 2	0	2
Need to export the records morethan 50,000 from a job. Hi all,I am working on one application which needs to export the records into a CSV using splunk job.i have checked t... by gumma Loves-to-Learn in Getting Data In 07-24-2023 0 1	0	1
Change Index name of some data from HEC I have a HEC token sending various logs from AWS Cloudwatch. HEC token is set to have two indexes paloalto and aws.An... by karthikm Loves-to-Learn Everything in Getting Data In 07-23-2023 0 1	0	1
No data is getting displayed on dashboard No data is getting displayed on the dashboard. Following is the query.index=main sourcetype=wms_oracle_sessions \| bu... by pratapa Explorer in Getting Data In 07-22-2023 0 11	0	11
How to write json log data to be ingested? I have a script that I am generating a json formatted log file entries. I want to get this data into Splunk. What is ... by rufflabs Explorer in Getting Data In 07-22-2023 0 4	0	4
Windows Event Logs Not Forwarding Security Events to Splunk I've got Splunk Universal Forwarder up and running on my DC-01, and it's set to forward all Windows event logs to Sp... by abdallah_bakr Explorer in Getting Data In 07-22-2023 0 14	0	14
Why are we getting an error "SCRAM-SHA-1 authentication failed" on kvstore? Hello, I'm experiencing some issues on kvstore: [conn4556] SCRAM-SHA-1 authentication failed for __system on local fr... by tokio13 Path Finder in Getting Data In 07-22-2023 1 2	1	2
Help on strftime HiI have a field time called LastLogonDate with this format6/28/2023 1:47.35 PMI want to format this field in a new f... by jip31 Motivator in Getting Data In 07-21-2023 0 10	0	10
Old log getting stored as .csv format even before retention? Hi Team, We have defined the index retention as 420 days but when we are trying to access the logs those are in .csv ... by anil28 New Member in Getting Data In 07-21-2023 0 1	0	1
Where does token gets stored when created by splunk UI Hi Everyone, I have enabled token based authentication and created few tokens. I can see them in UI but wanted to kno... by rishav Explorer in Getting Data In 07-21-2023 0 3	0	3
How can I ingest BitWarden event logs to Splunk? Hi, I would like to ask how to ingest BitWarden event logs into Splunk Cloud. I could not find any apps for this purp... by libra04ts New Member in Getting Data In 07-21-2023 0 1	0	1