Getting Data In

Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
rufflabs

How to write json log data to be ingested?

I have a script that I am generating a json formatted log file entries. I want to get this data into Splunk. What is ...
by rufflabs Explorer in Getting Data In 07-22-2023
0 4
0
4
abdallah_bakr

Windows Event Logs Not Forwarding Security Events to Splunk

 I've got Splunk Universal Forwarder up and running on my DC-01, and it's set to forward all Windows event logs to Sp...
by abdallah_bakr Explorer in Getting Data In 07-22-2023
0 14
0
14
tokio13

Why are we getting an error "SCRAM-SHA-1 authentication failed" on kvstore?

Hello, I'm experiencing some issues on kvstore: [conn4556] SCRAM-SHA-1 authentication failed for __system on local fr...
by tokio13 Path Finder in Getting Data In 07-22-2023
1 2
1
2
jip31

Help on strftime

HiI have a field time called LastLogonDate with this format6/28/2023 1:47.35 PMI want to format this field in a new f...
by jip31 Motivator in Getting Data In 07-21-2023
0 10
0
10
anil28

Old log getting stored as .csv format even before retention?

Hi Team, We have defined the index retention as 420 days but when we are trying to access the logs those are in .csv ...
by anil28 New Member in Getting Data In 07-21-2023
0 1
0
1
rishav

Where does token gets stored when created by splunk UI

Hi Everyone, I have enabled token based authentication and created few tokens. I can see them in UI but wanted to kno...
by rishav Explorer in Getting Data In 07-21-2023
0 3
0
3
libra04ts

How can I ingest BitWarden event logs to Splunk?

Hi, I would like to ask how to ingest BitWarden event logs into Splunk Cloud. I could not find any apps for this purp...
by libra04ts New Member in Getting Data In 07-21-2023
0 1
0
1
lorscardala985

How can I take the second timestamp in props.conf?

how can i in the props.conf file tell Splunk to take the second timestamp as opposed to the first
by lorscardala985 Explorer in Getting Data In 07-21-2023
0 3
0
3
DanAlexander

Active Directory AD actual logs collection

Hello, community,I wanted to ask a fundamental question regarding specific logs collection.The question is: Do we rea...
by DanAlexander Communicator in Getting Data In 07-21-2023
0 4
0
4
andrewtrobec

Why is _time in my JSON payload parsed correctly with milliseconds via manual upload but not via HEC?

Hello!I have a JSON payload whose _time field gets parsed no issue when I perform a manual upload, but when that same...
by andrewtrobec Motivator in Getting Data In 07-21-2023
0 6
0
6
scaglietti

Just installed SA-Eventgen and get the following error: Unable to initialize modular input "modinput_eventgen" defined inside the app "SA-Eventgen": Introspecting scheme=modinput_eventgen: script running failed (exited with code 1)

Unable to initialize modular input "modinput_eventgen" defined inside the app "SA-Eventgen": Introspecting scheme=mod...
by scaglietti New Member in Getting Data In 07-20-2023
0 5
0
5
Lwoods

Add-on for Cisco Webex video conference

Hello,I would like to find an add-on for my webex devices.  I know there's the Cisco WebEx Meetings Add-on for Splunk...
by Lwoods Path Finder in Getting Data In 07-20-2023
0 4
0
4
anilkapoor123

How to forward txt files or data from window server using Splunk forwarder to remote server?

Hi Team, i want to check whether is it feasible to send data or txt files exist in a folder using splunk forwarder to...
by anilkapoor123 Explorer in Getting Data In 07-20-2023
0 4
0
4
itsmevic

How to query a List of Domain Controllers?

I'd like to pull a complete listing of all domain controllers in my environment and I'd like to do it through Splunk....
by itsmevic Communicator in Getting Data In 07-20-2023
0 3
0
3
lavster

Notification when indexes stop receiving data

Hi, we’ve had a problem recently where data has stopped flowing to an index, and it’s a few days before we find out a...
by lavster Path Finder in Getting Data In 07-19-2023
0 3
0
3
SudarshanChakra

Powershell scripts giving blank / no outputs

Hello, I have observed a strange issue in few of my universal forwarders. This is with Splunk addon for windows. I ha...
by SudarshanChakra Loves-to-Learn in Getting Data In 07-19-2023
0 0
0
0
Lwoods

Add-on or app for wireless lan controller

Hello,I'm trying to find an app or add-on for my cisco wlc.  Should I use the current cisco IOS add-on to index wlc d...
by Lwoods Path Finder in Getting Data In 07-19-2023
0 3
0
3
teco_akelly

Unique CSV Regex- Process Alarm issue?

I have raw data file (similar to a CSV) with various records as follows:   Process alarm,5/31/2023,23:19:45,20,11PC_0...
by teco_akelly Engager in Getting Data In 07-19-2023
0 4
0
4
lorscardala985

transform.conf

how can i modify the transforms.conf file so that when i ingest the data it throws away all the events that have the ...
by lorscardala985 Explorer in Getting Data In 07-19-2023
0 3
0
3
ravir_jbp

How can I table format data from csv raw data?

I have the below events getting generated which has list of file counts on diffrent directories with date. creating a...
by ravir_jbp Explorer in Getting Data In 07-18-2023
0 5
0
5
telecity

syslog facility and severity (loglevel)

I've added the following to etc/system/local/limits.conf [udp://514] no_priority_stripping = true no_appending_times...
by telecity Engager in Getting Data In 07-18-2023
6 21
6
21
dersa

Indexes in an Index Cluster

Hi, we have an Indexer Cluster with a dedicated Cluster Manager. The indexers have an additional hard drive attached ...
by dersa Path Finder in Getting Data In 07-18-2023
0 3
0
3
Anto

Forward logs to third party and no duplicates in splunk

I want to forward logs to third party system (syslog) without index these data into splunk but i can't accomplish it,...
by Anto Explorer in Getting Data In 07-18-2023
0 10
0
10
nivedita_viswan

"search head Timed out waiting for peer" How can I check the network health between a search head and indexer?

Our environment consists of 1 indexer and 1 search head. Our indexer is currently indexing close to 400GB per day, si...
by nivedita_viswan Path Finder in Getting Data In 07-17-2023
1 4
1
4
JGP

What is the setting for TCP Line Breaking?

what could be the settings to break the tcp data in splunk. Need to break after @sign to another event. L202308710290...
by JGP Explorer in Getting Data In 07-17-2023
0 5
0
5
Get Updates on the Splunk Community!

Quantify Your Splunk Investment Impact: Introducing Savings Metrics to Value Insights

Building on the foundation established in our initial Value Insights releases, we are introducing the Savings ...

Event Series: Telemetry Pipeline Management

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...
Top Solution Authors
View All