Splunk Cloud Platform

Discussions

Thread Info

Why am I unable to install the Microsoft Sentinel add-on for Splunk?

Hi everyone, I'm on Victoria experience and want to perform a self-installation of the following app: Microsoft Senti...

by New Member in

Changing the Searchable retention of index- Is there a way to pull data earlier than the 90 day mark?

Hello All, One of our indexes ( Name: okta ) has a searchable retention period of 90days as shown in the screenshot...

by Builder in

How to identify date as the timestamp(_time value)?

Hello, I'm using Splunk Cloud. I have date with this format and i want splunk to identify date as the timestam...

by Path Finder in

How to get recipients email ID and owner of email alerts in Splunk?

Hi Team ,Can someone help with query to get recipients email ID and owner of email alerts in splunk.Thanks in advance...

by Explorer in

How to find earliest time when there is a gap in events

Hi Team ,How to get below output using Splunk SPL query from below input .INPUT : _timeurlscannedissues1-Febabc.com...

by Explorer in

How to use proxy server to relay the traffic for the onprem federated search head to a Splunk Cloud instance?

Hi everyone, Just wondering how to use proxy server to relay the traffic for the onprem federated search head to a...

by Contributor in

Why does json data get duplicated after tabling the events?

I have a Splunk On Call webhook that is using a POST request to send data to my index and sourcetype. Anytime a user ...

by Explorer in

What is Splunk Cloud Authentication?

explain splunk authentication.

by Communicator in

How to integrate Splunk with BetterCloud so that event log data can be pushed to Splunk?

Hi, Doing a poc on trail version of Splunk, I'm trying to integrate Splunk with BetterCloud so that event log data...

by New Member in

Splunk DB connect: Where to place configurations- in heavy forwarder or on Splunk cloud, and where to get the JRE path?

Hi All, I am working on Splunk cloud classic and got a request to onboard the MySQL server database logs to splunk...

by Path Finder in

Where does data go in Splunk Cloud?

Hello! My question is: When I send logs into the Splunk Cloud platform, where exactly do they go? Are they also st...

by New Member in

Why is Universal forwarder failing to configure in windows system?

Hi, We are taken Splunk cloud community edition trail. and we have installed universal forwarder in windows but i...

by Engager in

How to enable fully qualified domain name or IP of the load balancer on SAML Configuration?

I'm trying to enable SAML SSO for my splunk test instance. In the "Fully qualified domain name or IP of the load bal...

by New Member in

How to enable the macro 'summariesonly'?

Error in 'SearchParser': The search specifies a macro 'summariesonly' that cannot be found. Reasons include: the macr...

by Engager in

Need to Data Balancing after upsizing

Need to Data Balancing after upsizing of indexer ??

by Engager in

How to create an email notification for Event Identification?

Hello all, In our company I need to create a daily email notification for Remote lognDisabled accountEvent Log...

by Explorer in

CrowdStrike Falcon Event Streams Technical Add-On support for jQuery 3.5

Hi All, We are currently using CrowdStrike Falcon Event Streams Technical Add-On" in our instance.https://splunkba...

by Explorer in

SC4s and index 514 udp port

I am using splunk sc4s, I am currently receiving events from a data source that is WAF through the udp port 514 and t...

by Loves-to-Learn in

Can you help me raise a case to Splunk Cloud support?

I am seeing only one entitlement for raising cases with support(which is going for the Splunk on-prem support team). ...

by Explorer in

Logs from `splunk_ta_o365` vs `Splunk_TA_microsoft-cloudservices`

Hello friends. We are in the process of moving the collection of o365 events which we currently do on an on-prem HF...

by Builder in

Certificate upgrade on universal forwarders

Hello all, One of the certificates associated with our universal forwarders is due to expire this week. While we ha...

by Explorer in

Is it possible to use KV Store on Splunk Cloud to read and write values?

I am trying to build a modular data input using the Splunk Add-on Builder and the input should be statefull - it shou...

by Engager in

Logs

What app and add-on can best work with logs from imprivata.? Can Cisco Networks Add-on for Splunk Enterprise work? Ha...

by Explorer in

Boss of the SOC

Is there a way to upload the BOTS data set to my cloud environment so my team can practice regularly? I'm looking for...

by New Member in

Forwarding ID

Is there a way to find which forwarder a devices event logs came from.I have hundreds of devices sending WEC logs thr...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Cloud Platform

Discussions

Why am I unable to install the Microsoft Sentinel add-on for Splunk?

Changing the Searchable retention of index- Is there a way to pull data earlier than the 90 day mark?

How to identify date as the timestamp(_time value)?

How to get recipients email ID and owner of email alerts in Splunk?

How to find earliest time when there is a gap in events

How to use proxy server to relay the traffic for the onprem federated search head to a Splunk Cloud instance?

Why does json data get duplicated after tabling the events?

What is Splunk Cloud Authentication?

How to integrate Splunk with BetterCloud so that event log data can be pushed to Splunk?

Splunk DB connect: Where to place configurations- in heavy forwarder or on Splunk cloud, and where to get the JRE path?

Where does data go in Splunk Cloud?

Why is Universal forwarder failing to configure in windows system?

How to enable fully qualified domain name or IP of the load balancer on SAML Configuration?

How to enable the macro 'summariesonly'?

Need to Data Balancing after upsizing

How to create an email notification for Event Identification?

CrowdStrike Falcon Event Streams Technical Add-On support for jQuery 3.5

SC4s and index 514 udp port

Can you help me raise a case to Splunk Cloud support?

Logs from `splunk_ta_o365` vs `Splunk_TA_microsoft-cloudservices`

Certificate upgrade on universal forwarders

Is it possible to use KV Store on Splunk Cloud to read and write values?

Logs

Boss of the SOC

Forwarding ID

Observe and Secure All Apps with Splunk

What’s New & Next in Splunk SOAR

Observability Unlocked: Kubernetes Monitoring with Splunk Observability Cloud

Microsoft Teams Add-on for Splunk

Best practice to send FortiMail Cloud logs to Splu...

AWS EKS Addon

Formatting container logs from non structured json...

How to create multiples query of IPs on Splunk SOA...

Splunk Cloud Platform

Are you a member of the Splunk Community?

Discussions