https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696967#M236833 <P>System having a splunk forwarder</P> Wed, 21 Aug 2024 14:44:15 GMT jagan_vannala 2024-08-21T14:44:15Z https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696884#M236821 <P>I need a help for writing a query to fetch logs in the system</P> Tue, 20 Aug 2024 18:29:09 GMT https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696884#M236821 jagan_vannala 2024-08-20T18:29:09Z https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696886#M236823 <P>What kind of logs are you trying to fetch? Does the system have a forwarder or Splunk Enterprise installed on it?</P> Tue, 20 Aug 2024 18:41:11 GMT https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696886#M236823 marnall 2024-08-20T18:41:11Z https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696919#M236830 <P>Hi&nbsp;<a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/271343">@jagan_vannala</a>&nbsp;,</P><P>as also <a href="https://community.splunk.com/t5/user/viewprofilepage/user-id/263556">@marnall</a>&nbsp; said, your question is too vague: which kind of logs are you speaking of?</P><P>did you already ingested or do you have to index them?</P><P>i you already indexed them, you must know index and sourcetype of them.</P><P>If you have to index them, see at&nbsp;<A href="https://docs.splunk.com/Documentation/SplunkCloud/8.1.10/Data/Getstartedwithgettingdatain" target="_blank">https://docs.splunk.com/Documentation/SplunkCloud/8.1.10/Data/Getstartedwithgettingdatain</A>&nbsp;the ways to ingest and to index logs.</P><P>Ciao.</P><P>Giuseppe</P> Wed, 21 Aug 2024 06:31:07 GMT https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696919#M236830 gcusello 2024-08-21T06:31:07Z https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696967#M236833 <P>System having a splunk forwarder</P> Wed, 21 Aug 2024 14:44:15 GMT https://community.splunk.com/t5/Splunk-Search/Need-a-help-in-writing-a-query-in-splunk/m-p/696967#M236833 jagan_vannala 2024-08-21T14:44:15Z