...vents. How can I modify the sourcetype for the WAF security events from _json to waf_sec and then create a new HEC datainput for the WAF request events with a sourcetype of waf_req, yet r...
...nd it hasn't work. I run in python idle and the scripts actually index data into my splunk enviroment. But when I want to add it as a script input, I don't get anything back. It looks like python s...
Dear Splunkers,
We are using Splunk in a distributed environment with an SHC; now, what is the best approach to use Datainputs?
For example: can I create a TCP or UDP c...
Hi,
I am new to splunk and when i add datainputs i was not known about the timestamp issue and later i explored it. when i am trying to delete a datainput and trying to reinsert it with proper f...
...ilter the incoming data.
Ideally we would be able to place a filer on each input to filter out and collect only Java errors. This is to help cut down on the amount of space we need to store the i...
I have the below query which updates from an input lookup but what I want is trend data that shows what the total amount was each day.
i.e it was 275 on the 07/08 and it was 260 14/08
| input...
Is it possible to share a sourcetype'd data between two apps? I have pfsense sending both firewall logs and Suricata eve json logs to the same UDP datainput. The TA-pfsense app is s...