Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | How do you restart the windows universal forwarder after a post-install change in the configuration? by Corey Explorer in Getting Data In 03-18-2011 2 2 | 2 | 2 | |
| | I have a couple of clusters with logfiles that reside on a shared cluster filesystem that all hosts in the cluster lo... by cfrantsen Explorer in Getting Data In 03-18-2011 0 9 | 0 | 9 | |
 | I have an environment set-up such that syslog-ng redirects syslog to my central log host in this format: /server/... by Branden Builder in Getting Data In 03-17-2011 1 5 | 1 | 5 | |
| | I’m trying to take a subset of our regular logs and forward them on to another department. Am I doing this right? Is... by dhaffner Path Finder in Getting Data In 03-17-2011 2 1 | 2 | 1 | |
| | I have configured a forwarder on Linux and receiver on different Linux box. After restarting the forwarder I can see... by kmisaal New Member in Getting Data In 03-16-2011 0 1 | 0 | 1 | |
| | I am getting ready for a new install of Splunk. I am going to start with version 4.2. I would like to do a universa... by jec013 Explorer in Getting Data In 03-16-2011 0 2 | 0 | 2 | |
| | I am running into trouble getting splunk to properly break down events from bacula. Below is an example of a bacula e... by ebailey Communicator in Getting Data In 03-16-2011 0 4 | 0 | 4 | |
| | We are testing in a high throughput environment capturing logs that grow to 251MB in ~ 4-6 minutes at which time the ... by ericrobinson Path Finder in Getting Data In 03-16-2011 0 3 | 0 | 3 | |
| | Somehow I have a duplicate remote directory input listed in my inputs it is in the format ///servername//direcotory//... by udiggity New Member in Getting Data In 03-16-2011 0 4 | 0 | 4 | |
| | How much memory can I expect the Universal Forwarder to require on a machine? Is there a hard ceiling for the virtual... by Rob Splunk Employee  in Getting Data In 03-16-2011 2 2 | 2 | 2 | |
| | I've just upgraded to Splunk 4.2 and have installed and started the UF on a Linux box. But when I try to run, ./splu... by Mike_McMurray Engager in Getting Data In 03-16-2011 2 3 | 2 | 3 | |
| | I have a server that had a corrupted Security Log. In order to resolve that problem I backed up the security log and... by taylorchase Engager in Getting Data In 03-16-2011 5 1 | 5 | 1 | |
| | I've noticed LWF's metrics.log were forwarded to the indexer as default in some version of splunk. But, not all the v... by Masa Splunk Employee in Getting Data In 03-15-2011 2 3 | 2 | 3 | |
| | I suspect that this has something to do with the fact that my log files are being generated by appending to the end ... by keycoldstorage Explorer in Getting Data In 03-15-2011 0 1 | 0 | 1 | |
| | I would like to know if there is a way to read from splunk DB and redirect that data to some other application. I hav... by sys1pmp Explorer in Getting Data In 03-14-2011 1 1 | 1 | 1 | |
| | I am using Splunk to collect logs from a diverse environment. The same events, or at least a large subset, need to b... by npatellis Explorer in Getting Data In 03-14-2011 0 1 | 0 | 1 | |
| | Hi All, Does anyone know if it's possible to take logs that have been grabbed from Windows WMI and indexed, and then... by Scarecrowddb Explorer in Getting Data In 03-14-2011 0 1 | 0 | 1 | |
| | I have installed Splunk as a forwarder/light forwarder on a few of our Win2003 x86 servers as a test and am receiving... by ccit Engager in Getting Data In 03-13-2011 0 2 | 0 | 2 | |
| | i have the lea-loggrabber.sh script working well and reliably getting all new logs from checkpoint cma into splunk. ... by EricPartington Communicator in Getting Data In 03-13-2011 0 2 | 0 | 2 | |
| | I am not very familiar with Splunk and syslog servers in general, but I am trying to learn. There is a "Broadcast on ... by Pierre Engager in Getting Data In 03-12-2011 0 3 | 0 | 3 | |
| | I recently copied the splunk-forwarder.license details mentioned in our indexer to splunk.license (into one of our fo... by heterodyned Path Finder in Getting Data In 03-10-2011 1 3 | 1 | 3 | |
| | At a few customers now I have seen a 1MB (forwarder) license with an expiration of early March. I'm not sure where th... by Jason Motivator in Getting Data In 03-10-2011 2 9 | 2 | 9 | |
| | Hi folks, I'd like to route WMI logs to different indexes based off the host name (I have a few environments) Going... by Yancy Path Finder in Getting Data In 03-10-2011 2 10 | 2 | 10 | |
| | 2011-03-09T11:21:34-04:00 ab-wtsk-mg3200-2 [Src=10.157.32.26/49842 Dst=4070 PType=6] ErrMgs=1 Cid=23: 1 RTP packets l... by Joel_Gerber Explorer in Getting Data In 03-10-2011 0 2 | 0 | 2 | |
| | Hi I've enabled the script input /opt/splunk/etc/apps/unix/bin/rlog.sh to read audit events. However I noticed ther... by remy06 Contributor in Getting Data In 03-10-2011 0 2 | 0 | 2 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
208 -
data
474 -
development
5 -
encryption
1 -
eval
2 -
field extraction
552 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
939 -
host
155 -
HTTP Event Collector
437 -
index
539 -
indexer
704 -
indexing performance
1 -
inputs.conf
829 -
installation
5 -
intermediate forwarder
142 -
introduction
3 -
JSON
390 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
189 -
monitor
308 -
monitoring console
1 -
other
49 -
proactive Splunk component monitoring
2 -
props.conf
975 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
search job inspector
1 -
source
291 -
sourcetype
493 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
317 -
time
204 -
transforms.conf
575 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Data Management Digest – December 2025
Welcome to the December edition of Data Management Digest!
As we continue our journey of data innovation, the ...
Index This | What is broken 80% of the time by February?
December 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...
Hello Splunk Community,
We're thrilled to share an exciting update that will help you manage your data more ...
