Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is there any way to find out the HF which was in use to send the data to the Splunk SH?

AShwin1119
Explorer
‎02-08-2023 12:44 AM

We got an issue where earlier someone created input on the HF and done the data onboarding but now data stopped coming to the Splunk. but we are unable to find out which HF was used earlier to create the Input.

is there any way to find out the HF which was in use to send the data to the Splunk SH.

 

0 Karma
Reply

shivanshu1593
Builder
‎02-08-2023 12:57 AM

What does the following search tell you when you run it for the log source under question? The host value should give you the name of the HF.

index=<your_index> sourcetype="your_sourcetype"
| dedup host
| table host

 
If this doesn't give you the desired result, then try the following (Ignore the name of the indexers in the search and focus on the others. You'll find the name of the HF):

index=_internal "sourcetype_name"
| dedup host
| table host

 ++If this helps, please consider accepting as an answer++

Thank you,
Shiv
###If you found the answer helpful, kindly consider upvoting/accepting it as the answer as it helps other Splunkers find the solutions to similar issues###
Reply
Get Updates on the Splunk Community!

The Latest Cisco Integrations With Splunk Platform!

Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco &#43; Splunk! We’ve ...

Enterprise Security Content Update (ESCU) | New Releases

In April, the Splunk Threat Research Team had 2 releases of new security content via the Enterprise Security ...

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...
Top