Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Importing specific source types as csv

Kerg
New Member
‎08-01-2018 10:36 AM

I have multiple csv files, exported from splunk events of different source types. (WinEventLog:Security, MSAD:NT6:DNS-Zone-Information, etc) I am trying to import these csv files into another Splunk instance. Between setting the source type at import, and changing the INDEXED_EXTRACTIONS=CSV I feel I am close to having some of the data formatted properly in terms of tag-field values and source type.
However, for some of my data, I can not get Splunk to index the values into the correct fields, regardless of the settings I use. Does anyone have any tips/walkthroughs for importing data, previously exported from Splunk? Thanks.

Tags (3)
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Index This | What is feather-light but cannot be held long?

May 2026 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

.conf26 Registration is Live: Secure Your Early Bird Pass Now

  Lock in Your Spot: Registration Open for .conf26 in Denver Hello Splunkers, I have exciting news! Your ...

Mile High Learning with Splunk University, Denver, Colorado

If Denver is known for its mile-high elevation, Splunk University is about to raise the bar on technical ...