I am writing an log file on my host using below command- " for ACCOUNT in \"$TARGET_DIR\"/*/; do", " if [ -d \"$ACCOUNT\" ]; then", " cd \"$ACCOUNT\"", " AccountId=$(basename \"$ACCOUNT\")", " AccountSize=$(du -sh . | awk '{print $1}')", " ProfilesSize=$(du -chd1 --exclude={events,segments,data_integrity,api} | tail -n1 | awk '{print $1}')", " NAT=$(curl -s ifconfig.me)", " echo \"AccountId: $AccountId, TotalSize: $AccountSize, ProfilesSize: $ProfilesSize\" >> \"$LOG_FILE\"", " fi", " done"   I have forwarded this log file to Splunk using the Splunk Forwarder. This script appends new log entries to the file after successfully completing each loop. However, I am not seeing the logs with the correct timestamps, as shown in the attached screenshot. The logs are from 2022, but I started sending them to Splunk on 17/01/2025. Additionally, the Splunk Forwarder is sending some logs as single-line events and others as multi-line events. Could you explain why this is happening?   ... View more

Considering our current setup i.e authentication and Authorization integrated with SAML, how do we 1. mark an user inactive 2. what do we do with his/her knowledge objects. ... View more

In my splunk cloud , when i search for index index="asterisk" and trigger any deployment to get logs for this index and select last 15 minute to get latest logs but no logs are there. But when i change time from last 15 minute to last 6 hours then i can see my latest logs, this is weird . Log time for asterisk is in UTC. Can someone please help me here? ... View more

I have uploaded the screenshots of logs of same time but in one log stack and task field is empty and in one it is filled . What is the reason behind ?  Can someone help me to figure it out? ... View more

I want to remove host(Default field) field from splunk cloud permanently .Since we don't need the host field in our search results. ... View more

i am trying to create a custom field like host and source by making changes in atteched  photos of entrypoint.sh and input.conf. when I deployed with this changes it does not create field for me with name task . Please check i am on right path. If did i do anything wrong let me know  ... View more

 Here i am using splunk with the version 8.2.5, and now i have found this vulnerability( CVE-2022-33891 ) for Apache Spark package and Apache hive package. hive-exec-3.1.2.jar spark-core_2.12-3.0.1.jar Can someone to suggest to which version of splunk should i use such that i can get rid of this vulnerability ... View more

why it's showing blank lines in logs. What is the reason callsock is sending blank lines https://drive.google.com/file/d/19XH55gFxpuIwZbklD8Lgf4tIVSY3DKbn/view?usp=sharing ... View more

Hi,    How to give access to Splunk user accounts so they have visibility of cloud monitoring console. Can you help to know the exact process  ... View more