Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hello, We are looking at deploying splunk for our application servers log files, these log files are about 3GB per d... by iokoluke New Member in Getting Data In 09-17-2010 0 2 | 0 | 2 | |
 | I have splunk set up on a few redhat boxes, and I am getting duplicate events from them. One event will list the hos... by muebel SplunkTrust  in Getting Data In 09-17-2010 0 2 | 0 | 2 | |
| | I have records that consist of fairly large (200+ lines, > 20 Kb per record) XML documents. When I export the result... by pde Path Finder in Getting Data In 09-17-2010 0 2 | 0 | 2 | |
| | Hi, I'm new to splunk, so my question might be lame. I am trying to setup a splunk lightweight forwarder, my problem ... by ultra Explorer in Getting Data In 09-17-2010 0 1 | 0 | 1 | |
| | One Splunk instance is forwarding data to a receiver, however the receiver is indexing the data and getting the wrong... by Caio_Santos Path Finder in Getting Data In 09-16-2010 0 2 | 0 | 2 | |
| | So I have the following in inputs.conf: [udp://10005] connection_host = index = serverlogs sourcetype = syslog disab... by tedder Communicator in Getting Data In 09-16-2010 0 3 | 0 | 3 | |
| | I'm forwarding data from a windows splunk instance to a freebsd. I checked the index that i'm forwarding data to, so ... by Caio_Santos Path Finder in Getting Data In 09-15-2010 0 1 | 0 | 1 | |
| | I am checking out a sample application where an eventtype's search contains "sourcetype=..." . I having difficulty d... by dleung Splunk Employee  in Getting Data In 09-14-2010 1 4 | 1 | 4 | |
| | How do I know which index forwarded data goes to receiver instance ? I'm not sure about that, but i've created 2 inde... by Caio_Santos Path Finder in Getting Data In 09-14-2010 1 2 | 1 | 2 | |
| | How do I monitor how often my users are using Splunk? by devilears New Member in Getting Data In 09-14-2010 0 1 | 0 | 1 | |
| | Good Morning, I have a question that I would love to be answered if possible. I have written the following xml c... by Ant1D Motivator in Getting Data In 09-14-2010 0 11 | 0 | 11 | |
 | Hi there, I would like to know how to handle international character code in Splunk. The environment I have here i... by melonman Motivator in Getting Data In 09-14-2010 0 6 | 0 | 6 | |
| | I've been testing Splunk for several months now, and am consistently having problems with duplicate events appearing ... by chjpcert Explorer in Getting Data In 09-14-2010 1 8 | 1 | 8 | |
| | So we know about lost forwarders, but how about lost logs? I recently discovered that some of my Windows systems were... by rgcox1 Communicator in Getting Data In 09-13-2010 0 4 | 0 | 4 | |
| | Hi all, I have the following output from a Perl script that runs every 5 mins: 09-13-2010 16:21:20 - Inventory Rep... by Nicholas_Key Splunk Employee in Getting Data In 09-13-2010 1 2 | 1 | 2 | |
| | I'm noticed tons of duplicate events and the following message in splunkd.log correlates with the time I started seei... by SK110176 Path Finder in Getting Data In 09-13-2010 1 1 | 1 | 1 | |
| | Hey everybody, I'm going through some problems trying to set my receiver splunk instance. I performed exactely the w... by Caio_Santos Path Finder in Getting Data In 09-13-2010 1 2 | 1 | 2 | |
| | Folks, Im trying to troubleshoot an issue where syslog data seems to stop for a couple of days, then pick up again. ... by Genti Splunk Employee in Getting Data In 09-13-2010 1 6 | 1 | 6 | |
| | Going through other splunk answers questions I couldn't get anything that I think should be working to work here. Es... by skippylou Communicator in Getting Data In 09-13-2010 0 8 | 0 | 8 | |
| | i downloaded the following logs to my workstation running xp and i have splunk running on it. how do i import them i... by cookdg New Member in Getting Data In 09-13-2010 0 3 | 0 | 3 | |
| | At a high level... how would one filter the content itself being indexed. Example: i was indexing ..say.. xml docs ... by hiddenkirby Contributor in Getting Data In 09-13-2010 2 1 | 2 | 1 | |
| | We are having an issue where we would like to route all events from a specific source to a third-party (ArcSight) but... by Dan Splunk Employee in Getting Data In 09-13-2010 1 1 | 1 | 1 | |
| | Hi All - I'm using the WMI input to gather some custom WMI data. Some of the queries (such as below) result in duplic... by briguy Engager in Getting Data In 09-13-2010 0 2 | 0 | 2 | |
| | I remember reading somewhere i could do this but cannot find any docs on it. I have a scripted input that wants to p... by Erik_Swan Splunk Employee in Getting Data In 09-12-2010 2 4 | 2 | 4 | |
| | How do I force splunk to index new files in the directory that is being monitored immediately? sometimes it takes re... by fcastano Engager in Getting Data In 09-11-2010 2 3 | 2 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
480 -
development
5 -
eval
2 -
field extraction
557 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
946 -
host
156 -
HTTP Event Collector
439 -
index
539 -
indexer
705 -
indexing performance
1 -
inputs.conf
830 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
191 -
monitor
309 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
979 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
319 -
time
204 -
transforms.conf
577 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
