Getting Data In
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to add an old ticketing system data to splunk?

splunk_user4
Explorer
‎11-20-2020 11:14 AM

I had the idea to upload our old ticketing systems data into splunk and create dashboards to search through the information instead of grep commands, I have a few csv files (9 to be exact) and was wondering the best way to move forward.  

Questions to get me started: 
Should I append them for one big CSV file?

Should I index the CSV files?

should I use a .zip file with all the CSVs inside?

 

 

Labels (4)
Labels
Tags (2)
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎11-20-2020 02:39 PM
Hi
Without knowing your exact data, I will indexing those one by one with own sourcetype (if the content of file differs). All to one index.
Based on you exact data those other options could also be a good choices.
r. Ismo
0 Karma
Reply
Get Updates on the Splunk Community!

Say goodbye to manually analyzing phishing and malware threats with Splunk Attack ...

In today’s evolving threat landscape, we understand you’re constantly bombarded with phishing and malware ...

AppDynamics is now part of Splunk Ideas

Hello Splunkers, We have exciting news for you! AppDynamics has been added to the Splunk Ideas Portal. Which ...

Advanced Splunk Data Management Strategies

Join us on Wednesday, May 14, 2025, at 11 AM PDT / 2 PM EDT for an exclusive Tech Talk that delves into ...
Top