topic Re: How to Import the exported windows event logs into splunk, in Splunk Search https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405455#M174371 <P>That has more details on how to import remote evtx logs any specific details on how to import already exported logs i have the evtx files for investigation?</P> Tue, 04 Dec 2018 04:28:24 GMT ramya_k 2018-12-04T04:28:24Z How to Import the exported windows event logs into splunk, https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405453#M174369 <P>This is a onetime activity i have the evtx files and want to upload to splunk for analysis</P> Wed, 28 Nov 2018 10:37:12 GMT https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405453#M174369 ramya_k 2018-11-28T10:37:12Z Re: How to Import the exported windows event logs into splunk, https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405454#M174370 <P>Have a look at this page in the docs:<BR /> <A href="http://docs.splunk.com/Documentation/Splunk/latest/Data/MonitorWindowseventlogdata#Constraints">http://docs.splunk.com/Documentation/Splunk/latest/Data/MonitorWindowseventlogdata#Constraints</A></P> Wed, 28 Nov 2018 13:12:50 GMT https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405454#M174370 FrankVl 2018-11-28T13:12:50Z Re: How to Import the exported windows event logs into splunk, https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405455#M174371 <P>That has more details on how to import remote evtx logs any specific details on how to import already exported logs i have the evtx files for investigation?</P> Tue, 04 Dec 2018 04:28:24 GMT https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405455#M174371 ramya_k 2018-12-04T04:28:24Z Re: How to Import the exported windows event logs into splunk, https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405456#M174372 <P>The section I linked to is all about ingesting exported evtx files. As it is explained there: use a windows box and create a file monitor input that monitors the folder that holds the evtx files. Apart from some of the constraints mentioned in the docs, it is as simple as that.</P> Tue, 04 Dec 2018 08:29:11 GMT https://community.splunk.com/t5/Splunk-Search/How-to-Import-the-exported-windows-event-logs-into-splunk/m-p/405456#M174372 FrankVl 2018-12-04T08:29:11Z