Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi,I have the log file,i need to search the part of line in bold(which as only EmployeeServices/com) and index only ... by Ashwini008 Builder in Getting Data In 03-17-2021 0 1 | 0 | 1 | |
 | Hi,We have an index that is feeding in data from an EKS/K8s infrastructure and getting roughly 4million events / 15 m... by jmc94 Loves-to-Learn in Getting Data In 03-16-2021 0 4 | 0 | 4 | |
| | I'm a new Splunk user that needs to perform some analysis on a set of logs with the following format:Status, Starttim... by matthewe25 Engager in Getting Data In 03-16-2021 0 1 | 0 | 1 | |
| | I'm having an issue running a python script to generate the contents of an email body to splunk.I've had to install a... by dianasmith Loves-to-Learn in Getting Data In 03-16-2021 0 1 | 0 | 1 | |
| | Hi Splunkers ,I'm collecting logs from S3 through heavy forwarder which are in json format . After indexing i see the... by spl_unker Explorer in Getting Data In 03-16-2021 0 14 | 0 | 14 | |
| | Has anyone managed to get SmartStore working with an Azure Storage Account? I know the requirement is S3 compatibili... by port7 Explorer in Getting Data In 03-16-2021 6 5 | 6 | 5 | |
 | “BLUF: Looks like a TLS/cipher problem in addition to ca_bundel. I was able to connect without errors after specifyin... by youngsuh Contributor in Getting Data In 03-16-2021 0 4 | 0 | 4 | |
| | Greetings All,I'm indexing a bunch of metrics files written every 10 minutes. Just after midnight I get a file contai... by Random_Walk Path Finder in Getting Data In 03-16-2021 0 3 | 0 | 3 | |
| | Hi Splunk,I am using Splunk with the enterprise version, we have a plan to migrate the current Splunk server in AWS t... by itsaigon05 New Member in Getting Data In 03-16-2021 0 0 | 0 | 0 | |
 | First Issue: I've been trying to ingest 1 XML file into 1 event only in Splunk. But Splunk always splitting it into 2... by mariannedave Explorer in Getting Data In 03-16-2021 0 11 | 0 | 11 | |
| | Hi Guys,could anyone help me to split the following json file in multiple events?I tried in different ways, adding KV... by mariobisio Explorer in Getting Data In 03-16-2021 0 6 | 0 | 6 | |
 | Hi community.We are trying to integrate the new InfoSec app with the AD monitoring. For this, we have deployed a wind... by MLGSPLUNK Path Finder in Getting Data In 03-15-2021 0 0 | 0 | 0 | |
 | Hi ,I am trying to connect Azure Storage account with the Splunk Add-on for Microsoft Cloud Services following the be... by rahul2gupta Path Finder in Getting Data In 03-15-2021 0 2 | 0 | 2 | |
| | Hi,Within our splunk environment we have 1 search head, 3 search peers, 1 deployer/master/license and 500+ UF. The uf... by jorambokma Explorer in Getting Data In 03-15-2021 0 2 | 0 | 2 | |
 | Hi, is there any solution to create a notable event for missing forwarders? Now missing forwarders generate an alert ... by jg91 Path Finder in Getting Data In 03-13-2021 0 2 | 0 | 2 | |
| | Hello Splunk Community, I could certainly use you help getting myself out of a rather large jam I'm in. I need guidan... by TheColorBlack Path Finder in Getting Data In 03-13-2021 0 1 | 0 | 1 | |
| | Hi,I have below log files under path /path/to/app/usera-x.loguserb-x.loguserc-x.loguserd-y.logusere-y.loguserf-z.logu... by SS1 Path Finder in Getting Data In 03-13-2021 0 5 | 0 | 5 | |
 | I have the latest SA-LDAP, Splunk_TA_Windows and Windows Infra apps installed. I have sourcetype WinHostMon data com... by token2 Path Finder in Getting Data In 03-12-2021 0 3 | 0 | 3 | |
| | Hello! I am having trouble uploading any files to Splunk using Add Data. This is the whole error message I am getting... by althoffarick New Member in Getting Data In 03-12-2021 0 0 | 0 | 0 | |
| |  We are logging one application deployed in Kubernetes and ingesting its tomcat localhost access logs in Splunk via HE... by barora21 Engager in Getting Data In 03-12-2021 0 1 | 0 | 1 | |
| | Hi Splunkers,I'm working on Splunk and ServiceNow integration. Where ServiceNow team wants pull a report from Splunk ... by revanthammineni Path Finder in Getting Data In 03-12-2021 0 1 | 0 | 1 | |
 | Hey guys, i want to log dns audit events such as the deletion/creation of dns entries. I've installed Splunk app fo... by itinfrastructur New Member in Getting Data In 03-12-2021 0 2 | 0 | 2 | |
| | Good Morning,We are having a bit on an issue with our data "layout". In our wineventlogs we have a field in the XML c... by defikes Explorer in Getting Data In 03-12-2021 0 3 | 0 | 3 | |
| | I'm having som issues with how Splunk is handling event breaking for CSV files.A sample of the CSV file in question:U... by mortf Explorer in Getting Data In 03-12-2021 0 1 | 0 | 1 | |
| |    My Environment: 1 SH, 1DS (CM, LM), 2 INDX`s and 15GB/day License.The day before yesterday logs ingested to Splunk fr... by phanichintha Path Finder in Getting Data In 03-11-2021 0 4 | 0 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
483 -
development
5 -
eval
2 -
field extraction
558 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
949 -
host
158 -
HTTP Event Collector
440 -
index
539 -
indexer
707 -
indexing performance
1 -
inputs.conf
832 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
455 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
191 -
monitor
310 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
980 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
319 -
time
204 -
transforms.conf
578 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
91
- « Previous
- Next »
Get Updates on the Splunk Community!
Application management with Targeted Application Install for Victoria Experience
Experience a new era of flexibility in managing your Splunk Cloud Platform apps! With Targeted Application ...
Index This | What goes up and never comes down?
January 2026 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination
The Power of Two: Splunk + Cisco at "Ludicrous Scale"
You know Splunk. You know Cisco. But have you seen ...
