Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi, as we know , before splunk eat a compressed file, splunk will decompress it first then index it. but, if we ha... by dmlee Communicator in Getting Data In 03-24-2011 1 2 | 1 | 2 | |
| | I have a Splunk 4.1.7, build 95063 instance and am trying to pull logs from Informix DB on Solaris 10. So I had set t... by splunktp Explorer in Getting Data In 03-24-2011 0 1 | 0 | 1 | |
| | Totally new with Splunk. Have mercy on my soul! I am trying to set up Splunk on my laptop as I am awaiting licens... by Rayj00 New Member in Getting Data In 03-23-2011 0 2 | 0 | 2 | |
| | Is a Splunk Agent the same as a Splunk Forwarder? Thanks, Ray by rayjsplunk New Member in Getting Data In 03-23-2011 0 3 | 0 | 3 | |
| | I tried out the option "source name override" when setting up a UDP data input to replace "UDP:514" with "mynetworkSy... by Mr_Robaloba Explorer in Getting Data In 03-23-2011 1 3 | 1 | 3 | |
| | I am trying to filter a log file coming in via a universal forwarder (both installs are 4.2) so that messages contain... by Mr_Robaloba Explorer in Getting Data In 03-23-2011 0 2 | 0 | 2 | |
 | I have a simple setup. A light forwarder, forwarder and an indexer. The light forwarder stopped working about 5 day... by DTERM Contributor in Getting Data In 03-23-2011 0 3 | 0 | 3 | |
| | Hi Splunkers, We have a macro here we're using to allow users to search their previous search history. It relies on ... by ickymettle Explorer in Getting Data In 03-23-2011 1 1 | 1 | 1 | |
| | I have about 50 forwarders in my environment. Somewhere I have screwed up, and included the same set of host data tw... by seanlon11 Path Finder in Getting Data In 03-22-2011 0 1 | 0 | 1 | |
| | We just updated to 4.2 on our splunk server, and I am in the midst of pushing the Universal Forwarder out to replace ... by bkaspar Engager in Getting Data In 03-21-2011 1 2 | 1 | 2 | |
| | Is it necessary to use si* command for summary index and we need to make it as scheduled save? Since I recall the sa... by hochit Path Finder in Getting Data In 03-21-2011 2 2 | 2 | 2 | |
| | A new type of log file has been added to an existing data input by amending the whitelist and blacklist. (new data in... by fox Path Finder in Getting Data In 03-21-2011 2 2 | 2 | 2 | |
| | I have a forwarder that appears to be a LWF (SplunkLightForwarder app is enabled) however I am seeing messages about ... by Jason Motivator in Getting Data In 03-21-2011 0 2 | 0 | 2 | |
| | History: Using splunk 4.2, and added the Windows App. I noticed there are some prebuilt searches, for instance logon... by jgauthier Contributor in Getting Data In 03-20-2011 0 4 | 0 | 4 | |
| | I have Splunk monitor a log directory in /etc/log. The logs in this directory are updated and rotated. However, Spl... by elusive Splunk Employee  in Getting Data In 03-18-2011 3 1 | 3 | 1 | |
| | Hello, I just started evaluating Splunk. So please apologize if I should ask for the obvious. My test case is a pos... by maf New Member in Getting Data In 03-18-2011 0 3 | 0 | 3 | |
| | Hello everybody, We have four Cisco ipsen. As described in the manual, the Cisco IPS Addon was installed. The Cisco ... by Mountain1 New Member in Getting Data In 03-18-2011 0 1 | 0 | 1 | |
| | Scenario: I want to forward syslog data using a splunk universal forwarder. However, when it gets to the central splu... by acalvo Explorer in Getting Data In 03-18-2011 0 3 | 0 | 3 | |
| | Upgrade from 4.1.x to 4.2, when I try to start Splunk Splunkd starts but splunkweb fails with the following message: ... by elusive Splunk Employee in Getting Data In 03-18-2011 5 2 | 5 | 2 | |
| | How do you restart the windows universal forwarder after a post-install change in the configuration? by Corey Explorer in Getting Data In 03-18-2011 2 2 | 2 | 2 | |
| | I have a couple of clusters with logfiles that reside on a shared cluster filesystem that all hosts in the cluster lo... by cfrantsen Explorer in Getting Data In 03-18-2011 0 9 | 0 | 9 | |
 | I have an environment set-up such that syslog-ng redirects syslog to my central log host in this format: /server/... by Branden Builder in Getting Data In 03-17-2011 1 5 | 1 | 5 | |
| | I’m trying to take a subset of our regular logs and forward them on to another department. Am I doing this right? Is... by dhaffner Path Finder in Getting Data In 03-17-2011 2 1 | 2 | 1 | |
| | I have configured a forwarder on Linux and receiver on different Linux box. After restarting the forwarder I can see... by kmisaal New Member in Getting Data In 03-16-2011 0 1 | 0 | 1 | |
| | I am getting ready for a new install of Splunk. I am going to start with version 4.2. I would like to do a universa... by jec013 Explorer in Getting Data In 03-16-2011 0 2 | 0 | 2 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
479 -
development
5 -
eval
2 -
field extraction
557 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
946 -
host
156 -
HTTP Event Collector
439 -
index
539 -
indexer
705 -
indexing performance
1 -
inputs.conf
830 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
190 -
monitor
309 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
978 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
318 -
time
204 -
transforms.conf
576 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
Purpose in Action: How Splunk Is Helping Power an Inclusive Future for All
At Cisco, purpose isn’t a tagline—it’s a commitment. Cisco’s FY25 Purpose Report outlines how the company is ...
[Upcoming Webinar] Demo Day: Transforming IT Operations with Splunk
Join us for a live Demo Day at the Cisco Store on January 21st 10:00am - 11:00am PST
In the fast-paced world ...
