How to export splunkd.log from 1 system and import... - Splunk Community

Getting Data In

I would to export splunkd.log from production and import it into my sandbox for analysis.

Once I export the splunkd.log using raw format, the file is like this.

"01-17-2020 13:53:20.815 +0800 INFO  loader - Splunkd starting (build 2dc56eaf3546)."
"01-17-2020 13:53:20.816 +0800 INFO  loader - Detected 8 (virtual) CPUs, 8 CPU cores, and 7822MB RAM"
"01-17-2020 13:53:20.816 +0800 INFO  loader - Maximum number of threads (approximate): 3911"

It got double quote around the actual raw data.
Any quick method to remove it so that I can add it to my sandbox.

You can use below awk and sed to remove the leading double quote and trailing double quote.

cat my_splunkd_log.csv | awk '{print substr($0,2);}' | sed 's/.$//' > my_splunkd_log.txt

Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away. Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...