Getting Data In

Community Activity

	Help with SEDCMD Regex SPL for testing purposes Hello clever people, Would anyone be able to help me build a regex that would work on a SPL level e.g something like ... by DanAlexander Communicator in Getting Data In 06-13-2023 0 11	0	11
	How do I resolve universal forwarder issue with TCP connection (can telnet to 8089 and 9997 though from host)? Hello! Been using the universal forwarder for years connecting to a heavy forwarder currently forwarding to splunk cl... by ericzabowski Engager in Getting Data In 06-13-2023 0 1	0	1
	Why did universal forwarder stop forwarding data? Hi Community, We have installed Universal forwarder on windows 2019 server and were able to get the data into Splunk.... by Eshwar Engager in Getting Data In 06-13-2023 0 4	0	4
	What is causing json messages to not always be indexed? Hi everyone, For one of our client we are sending in json log data via log4j2 to the splunk cloud HEC token. we are u... by dhuynh Loves-to-Learn Everything in Getting Data In 06-13-2023 0 2	0	2
	FortiAnalyzer log interpretation problem Hi,I am completely new to Splunk and I'm forwarding directly from FortiAnalyzer to Splunk on TCP1514. I have configur... by Jambo Loves-to-Learn in Getting Data In 06-13-2023 0 0	0	0
	How to streamline getting Sterling File Gateway data into Splunk more directly? We are currently using SFG to transfer files, sending fie movement and info data to DB tables, and then using Splunk ... by tilburn Observer in Getting Data In 06-13-2023 0 2	0	2
	Why are JSON events coming in as duplicates after using the spath command? I'm using a bash script to call Cisco ESA API and I get the following JSON events. sourcetype="cisco:esa:api:by:... by haoban Path Finder in Getting Data In 06-12-2023 0 3	0	3
	How to index file with multiline events and intermittently occurring timestamps? I have a particularly challenging log format and would appreciate any inputs on how to tackle this problem. Problem L... by zapping575 Communicator in Getting Data In 06-12-2023 0 4	0	4
	How to send data to different index? Hello I have some kind of data that I want to filter to different index and in the future i would like to stop this i... by sarit_s Communicator in Getting Data In 06-12-2023 0 1	0	1
	How can I fix logs delay due to timezone difference in the UF server? Hi All i have a log source in the server timezone is in CST and logs are coming into the server as UTC time zone logs... by sekhar463 Path Finder in Getting Data In 06-11-2023 0 12	0	12
	How to configure active MQ logs to Splunk? Hi All, Could someone please provide steps to configure Active MQ logs into Splunk in the existing environment. Thank... by Srini Engager in Getting Data In 06-11-2023 0 0	0	0
	Why are props not working consistently? Hi Team, I have created a props for line breaking. I have tested it using a process of Add Data and Set sourcetype an... by sagar_shubham23 Explorer in Getting Data In 06-10-2023 0 1	0	1
	How to create an exception in imputs.conf? Hi everyone, I need to filter these events, but remove events related to RdrCEF.exeHow to create an exception in inpu... by RenanMarcelino Explorer in Getting Data In 06-10-2023 0 3	0	3
	how to view the list of Search Head Cluster Members on Deployer GUI When we connect UF/HF with Deployment Server we can see the list of UF/HF under Forwarder Mgmt-> Clients on UI Can we... by krutzagrawal Engager in Getting Data In 06-09-2023 0 2	0	2
	How to configure Splunk forwarder to encrypt data? I have recently (yesterday) installed a new instance of Splunk on a VM.Another VM in a separate datacentre has the Sp... by plenderj Engager in Getting Data In 06-09-2023 0 5	0	5
	Why are we are getting the below error while installing the Enterprise Security App? Hi Team, We are getting the below error while installing the Enterprise security App failed to extract app from ... by thahir Contributor in Getting Data In 06-08-2023 0 8	0	8
	Eventgen failing to parse csv- What am I doing wrong? I have enabled eventgen and its does generate but I keep hitting the same issue when it tries to pass a sample log wi... by hhart Splunk Employee in Getting Data In 06-08-2023 0 0	0	0
	How to fix Heavy Forwarder to Splunk Cloud logs forward error? I am using Heavy Forwarder to send logs from different sources such as Domain Controller, Windows Servers, Network Sw... by mthirumalareddy Explorer in Getting Data In 06-08-2023 0 3	0	3
	How create a tag based on field name ? Hi,I am trying create tags based on index and field name . Log:1, User.field1, User.field2, User.field32, Admin.fiel... by TanyaCnd Loves-to-Learn Lots in Getting Data In 06-07-2023 0 1	0	1
	How to stop getting garbage HEXA ASCII logs from log source? Hi SMEs, I am getting some garbage/hexa format/ASCII format logs from one of the log source integrated with Splunk, i... by pm2012 Explorer in Getting Data In 06-07-2023 0 7	0	7
	Why are syslog files are not being deleted? Hello everyone, I am having the syslog files from my Cisco Callmanager stored in my Ubuntu 22.04 using rsyslog in the... by n37w0rk Explorer in Getting Data In 06-07-2023 0 5	0	5
	Renamed serverclass, but not updated in data inputs? Hello, upgraded to 9.0.4.1 from V8.2.2, in Forwarder management we renamed Server class but when going to Data inputs... by splunkreal Influencer in Getting Data In 06-06-2023 0 5	0	5
	How to monitor the below files with extension (.json.gz) in Splunk? Hi Team, I would like to monitor the below files with extension (.json.gz) in splunk. In DS APP inputs i have given ... by Atchyuth_P Path Finder in Getting Data In 06-05-2023 0 2	0	2
	Clarification on WinEventLog vs wineventlog sourcetype? Hi all, I have data coming in, parsing and indexing correctly to a windows index. This data comes in with either one ... by TheBravoSierra Path Finder in Getting Data In 06-05-2023 0 2	0	2
	How to ingest large volume of data to Splunk via REST API call without pagination? Hi Team! I need to make a REST API GET call to ingest a fairly large amount of data to splunk and unfortunately, this... by arjitg Explorer in Getting Data In 06-05-2023 0 2	0	2