Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 |  Soo I have been able to setup and create the different monitors for my universal forwarder. Im working in a test envi... by socks Loves-to-Learn Lots in Getting Data In 10-17-2022 0 0 | 0 | 0 | |
| | HelloSomeone will have happened that the logs come with a length of 1000 characters at most, and these are indexed in... by jrodriguezap Contributor in Getting Data In 10-17-2022 0 10 | 0 | 10 | |
 | Hi All, I'm getting the below splunk add oneshot ./kaseya.txt -index main -sourcetype asset☁️kaseya-edge:agent ER... by jwhughes58 Contributor in Getting Data In 10-17-2022 0 1 | 0 | 1 | |
| | hai all How to monitor a windows service, send an alert and restart the service?what was the required configuration. by sekhar463 Path Finder in Getting Data In 10-17-2022 0 5 | 0 | 5 | |
| | There is a log file I want want monitor with splunk universal forwarder (on windows) which receives line writes only ... by dstaulcu Builder in Getting Data In 10-17-2022 0 7 | 0 | 7 | |
| | I have forwarding the logs from the below directory. Below is the inputs.conf file [monitor:///u01/app/oracle/scripts... by yuvasree Explorer in Getting Data In 10-15-2022 0 7 | 0 | 7 | |
 | I have few zip file (after extend is thound of csv files) in a folder, each zip file size is over 1GB. I use monitor ... by dillencehsu Path Finder in Getting Data In 10-14-2022 0 7 | 0 | 7 | |
 | Hello everyone, Have you ever wondered why microsoft does not documented Operation types with Unicode + meaning? You ... by Hons Engager in Getting Data In 10-14-2022 2 2 | 2 | 2 | |
| | i have events for port listening on 443 how can i create search and alert if port was down or not liseting below are... by sekhar463 Path Finder in Getting Data In 10-14-2022 0 9 | 0 | 9 | |
| | I have the data has "1111|xxx, xxx y|000000|111111|firstname, lastname|10/13/22 02:12:09|" I used TIME_FORMAT = %m/%d... by poojithavasanth Explorer in Getting Data In 10-14-2022 0 10 | 0 | 10 | |
| | Does anybody know a good way to filter out AWS Cloudtrail events? I'd like to send to null queue events that contains... by martaBenedetti Path Finder in Getting Data In 10-13-2022 0 0 | 0 | 0 | |
| | I am creating a dashboard for reporting and one of the values of my search is called 'start date' when I check the co... by queryboy Explorer in Getting Data In 10-13-2022 0 1 | 0 | 1 | |
| | I've been able to deploy universal forwarders to dozens of Windows servers that run IIS logs. I have created a dedica... by Dmikos1271 Explorer in Getting Data In 10-13-2022 0 0 | 0 | 0 | |
| | I'm looking for a query to see my splunk users that havent logged into splunk in x days. Currently looking at this q... by smithke Explorer in Getting Data In 10-13-2022 0 5 | 0 | 5 | |
| | For those of you who have installed SC4S in a Docker for Windows environment, what differences were there in the inst... by paulgo Explorer in Getting Data In 10-12-2022 0 0 | 0 | 0 | |
| | I have a search that gathers a bunch of data from various sources and appends to 1 big stats that I have reporting in... by maxsteel Explorer in Getting Data In 10-12-2022 0 5 | 0 | 5 | |
| | I'm trying to get our syslogs forwarded via UF to Splunk Cloud. I've got the UF listening on port 514 and added [ud... by paulgo Explorer in Getting Data In 10-12-2022 0 4 | 0 | 4 | |
 | Hi Splunkers, Any Best practices for field extraction and line breaking. i want to know something like , if we all th... by restinlinux Explorer in Getting Data In 10-12-2022 0 1 | 0 | 1 | |
| | I have the csv file which has the below lines. ========================= METRIC_NAME,METRIC_UNIT,BEGIN_TIME,END_TIME,... by yuvasree Explorer in Getting Data In 10-12-2022 0 2 | 0 | 2 | |
| | Getting errors as Failed to start KV Store process. See mongod.log and splunkd.log for details. tried few steps by rm... by sekhar463 Path Finder in Getting Data In 10-12-2022 0 0 | 0 | 0 | |
| | Hello, I realize this is a rather specific request so I'll keep it short and simple to see if anyone has had previous... by cfloquet Path Finder in Getting Data In 10-11-2022 0 0 | 0 | 0 | |
| | Hi, Got a message from Splunk that our universal forwarder certificate package will be expiring soon and trying to up... by cpkg Engager in Getting Data In 10-11-2022 0 2 | 0 | 2 | |
 | Hello All, I have a file that is created/appended via a bash script (varialbe >> file.txt) It puts the newest data at... by eholz1 Builder in Getting Data In 10-11-2022 0 5 | 0 | 5 | |
 | Dear all, I have configured the HTTP Event Collector but can't successfully send events. My configuration in inputs.c... by ecoquelin Explorer in Getting Data In 10-10-2022 1 7 | 1 | 7 | |
| | I'm trying to get both JSON and syslog information from our firewall into Splunk Cloud using universal forwarder. So... by paulgo Explorer in Getting Data In 10-10-2022 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
480 -
development
5 -
eval
2 -
field extraction
557 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
946 -
host
156 -
HTTP Event Collector
439 -
index
539 -
indexer
705 -
indexing performance
1 -
inputs.conf
830 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
191 -
monitor
309 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
979 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
319 -
time
204 -
transforms.conf
577 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
