Getting Data In

Community Activity

	Why is uploaded data missing? Hi, I am new to splunk and trying to upload data for practising. I amd using the data from the the below link. https:... by suvi1611 New Member in Getting Data In 06-19-2023 0 2	0	2
	What Splunk sourcetype is used for GCP Firewall logs, so that GCP TA is satisfied by it? I am ingesting data into Splunk Cloud using Cribl (not directly via GCP Add On) and using Google Cloud TA on the sear... by juulengineer Engager in Getting Data In 06-19-2023 0 0	0	0
	Any idea why the timestamp of data that send via logstash, change when stored in Splunk index? Hitimestamp of data that send via logstash change when store in splunk index. what is the reason? index="influx2splun... by indeed_2000 Motivator in Getting Data In 06-19-2023 0 7	0	7
	How to set workload management rules? Hi, I'm trying to set 2 rules in my workload management pool - search_type=adhoc AND runtime>1m -> Move search to alt... by saleshai Explorer in Getting Data In 06-18-2023 0 2	0	2
	Why is spath returning duplicate value for fields? Hi I'm trying to use spath to break doen json log, but it duplicates these two fields "time" and "@timestamp" when I ... by indeed_2000 Motivator in Getting Data In 06-18-2023 0 1	0	1
	Unable to initialize modular input "WinEventLog" after server restart Having this intermittent problem with UF on multiple servers where it occasionally fails to start up the WinEventLog ... by gportnoy Explorer in Getting Data In 06-17-2023 0 3	0	3
	How to achieve different index based on receiving port on heavy forwarder? Hi All, We are collecting different logs from same source on different UDP ports on Heavy forwarder. Heavy forwarder ... by shubham87 Explorer in Getting Data In 06-17-2023 0 11	0	11
	Why are Indexers not processing "Discard specific events and keep the rest"? Hi, I wana keep only logs Not containing the word "chatbot". This word is present in the _raw data I'm using the me... by _olivier_ Path Finder in Getting Data In 06-17-2023 0 7	0	7
	Best Practice for Splunk to collect rolling logs The app write log entries to a log file, say /var/theapp/thelogfile.log.The app is configured to roll the log file on... by splunkingguy Explorer in Getting Data In 06-16-2023 0 6	0	6
	Regex transforms not applied on Windows event logs I wish to remove unneeded text from Windows event logs before they are indexed. Specifically, Windows event 4624 cont... by jkalbert Explorer in Getting Data In 06-16-2023 0 2	0	2
	How to filter windows event logs in forwarder based on event codes? Hi, I am trying to pull event logs from remote machines using universal forwarders. I have done the configuration in ... by naagaraj Engager in Getting Data In 06-16-2023 0 2	0	2
	Splunk Permission denied for log files We are using Splunk Enterprise server to send logs to be indexed. The monitor config is stored in '/opt/splunk/etc/sy... by apolloops Observer in Getting Data In 06-16-2023 0 1	0	1
	Failures to restart the UF in Windows Hi! What are some common causes of failures to restart the Splunk Universal Forwarder in windows?Thank you! by TouteSplunk Engager in Getting Data In 06-15-2023 0 2	0	2
	Search results 5 times actual events for JSON data Greetings community expertsSearch results for JSON data received via curl and Rest API from AWS are five times the ac... by Seawheels51 Path Finder in Getting Data In 06-15-2023 0 0	0	0
	How to get data in from DMZ servers? Hello, I have a few Linux devices that are located within the DMZ. My 3 Splunk servers (Search Head, Indexer, Deploy... by Lwoods Path Finder in Getting Data In 06-15-2023 0 4	0	4
	How to set a source_type for CSV with headers? Hi, I'm trying to set a source_type for CSV files that contains headers, and the fields are extracted fine.The proble... by Flower Loves-to-Learn Lots in Getting Data In 06-15-2023 0 0	0	0
	How to achieve SEDCMD raw event size reduction? Hello community, I am having an issue creating appropriate SEDCMD to reduce the size of specific Win events. I am try... by DanAlexander Communicator in Getting Data In 06-15-2023 0 16	0	16
	How to create custom source type to add metadata fields to each row and parse an array? Hi,following ticket: https://community.splunk.com/t5/Splunk-Search/Join-all-objects-with-specific-object-within-the-s... by maayan Path Finder in Getting Data In 06-15-2023 0 0	0	0
	How to filter WinEventLog using SEDCMD? Hello, community, I need help reducing Events containing 4688 and ParentProcessName=*splunkd.exe There is an excerpt ... by DanAlexander Communicator in Getting Data In 06-14-2023 0 3	0	3
	How to search for blocked dns/urls in my logs? I have created a lookup table for the blocked dns/url. I want to see if there are anywhere in my logs or in my enviro... by waJesu Path Finder in Getting Data In 06-14-2023 0 3	0	3
	JSON data search stats count(field) by (field) result 5x count from single event Greetings expertsBig picture: using Bash script and curl to download Rest API/JSON from an AWS instance. The beginni... by Seawheels51 Path Finder in Getting Data In 06-14-2023 0 0	0	0
	WinEventLog sourcetype do not match when applied in SEDCMD Hello, community,I am having a problem understanding why the WinEventLog sourcetype cannot be accepted as other sourc... by DanAlexander Communicator in Getting Data In 06-14-2023 0 7	0	7
	How to achieve lookup multiple field but append the missing value? How do I perform lookup multiple field but append the missing value. ThanksFor example:Table A:Name Role ... by LearningGuy Motivator in Getting Data In 06-14-2023 0 7	0	7
	Why is Splunk OneShot not working? Hi all, Having a strange issue. splunk add oneshot suddenly stops working. I have tried to re-read a file using splu... by sini Explorer in Getting Data In 06-14-2023 0 1	0	1
	How to test a linux forwarder connection to deployment server? Hello, I've completed the following: 1. Installed Linux forwarder. 2. Assigned ownership and permissions to splunk u... by Lwoods Path Finder in Getting Data In 06-14-2023 0 1	0	1