Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | The version of SUSE Linux I'm using has been compressing my logs with xz (by default) rather than gzip or bzip2. As ... by hatchmt Engager in Getting Data In 08-22-2018 1 2 | 1 | 2 | |
| | My custom script writes log in /opt/splunk/var/log/splunk/script.log. I want the log to be indexed in _internal but ... by sathiyasun Explorer in Getting Data In 08-22-2018 0 2 | 0 | 2 | |
| | Like the title says, I can hit the endpoint successfully, but the results are the same no matter what I replace "user... by joemaz95 Path Finder in Getting Data In 08-22-2018 0 2 | 0 | 2 | |
| | when i try to input some excel files named xx.xlsx , and then i got some messy codes from search result like: "Pk\x00... by lllidan New Member in Getting Data In 08-22-2018 0 3 | 0 | 3 | |
 | Hello, I'm trying to only get a certain server processes to ingest to splunk index using Splunk Add-on for Unix and ... by tgmvt03 Engager in Getting Data In 08-21-2018 0 1 | 0 | 1 | |
 | I need to monitor a file directly on the indexer. I know I can just define an inputs.conf on the indexer itself and r... by hettervik Builder in Getting Data In 08-21-2018 0 4 | 0 | 4 | |
| | Have anyone used Splunk to act upon an alert and shut down a physical port on the switch? This would require running ... by pzharyuk New Member in Getting Data In 08-21-2018 0 2 | 0 | 2 | |
| | We have Date1 mapped in the sourcetype for the index. So if I select last 7 days in the date filter data is filtered ... by ninadbhaskarwar Path Finder in Getting Data In 08-21-2018 0 5 | 0 | 5 | |
| | Good afternoon, I am trying to take data from multiple sourcestypes, combine it by a common field and then output it... by newill New Member in Getting Data In 08-21-2018 0 4 | 0 | 4 | |
| | Hello everyone! I just have a brief question regarding the HEC input. Our primary data input is the HEC. For new appl... by thomastaylor Communicator in Getting Data In 08-21-2018 0 4 | 0 | 4 | |
| | I am having the same issue as: https://answers.splunk.com/answers/507167/why-are-my-palo-alto-firewall-logs-not-forwa... by dkr3500 Path Finder in Getting Data In 08-21-2018 0 1 | 0 | 1 | |
 | Hello All, I know this has been covered and there are many answers, but from what I can tell, my inputs.conf is corr... by edwardrose Contributor in Getting Data In 08-21-2018 0 7 | 0 | 7 | |
 | Hello I want to do a match between a CSV file and my SPLUNK search In the CSV file, I want that the field "host" whic... by jip31 Motivator in Getting Data In 08-20-2018 0 13 | 0 | 13 | |
 |  I never ran into this problem before, but I hope someone has.. I have a python script which calls a REST API and pas... by fdarrigo Path Finder in Getting Data In 08-20-2018 0 4 | 0 | 4 | |
| | I have a remote server which has 1 week older rolling logs. I wanted to monitor those logs so I have installed UF and... by vinaykata Path Finder in Getting Data In 08-20-2018 0 8 | 0 | 8 | |
| | Hello Trying to send a JSON file/text file through HEC to splunk. Getting stuck while adding "-d @data.json" ... by spharisha New Member in Getting Data In 08-20-2018 0 2 | 0 | 2 | |
| | Hello, I'm relatively new to Splunk, so please bear with me. I wanted to know whether there was any way to point to m... by nealw New Member in Getting Data In 08-20-2018 0 2 | 0 | 2 | |
| | Hello, I googled around for similar questions but could not find anything, so I'm sorry if this question has alread... by nealw New Member in Getting Data In 08-20-2018 0 7 | 0 | 7 | |
| | We have cases such as the ldap audit log file - dn: dc=<domain name>,dc=com changetype: modify replace: ds-sync-stat... by ddrillic Ultra Champion in Getting Data In 08-20-2018 0 2 | 0 | 2 | |
 | I have a UF running on a linux device, with a TCP input. The input is coming from a Graylog forwarder and all the win... by pfabrizi Path Finder in Getting Data In 08-20-2018 0 3 | 0 | 3 | |
| | Is it possible to change the admin account password which we used to login in Splunk Cluster Master, Deployment Maste... by anandhalagarasa Path Finder in Getting Data In 08-20-2018 0 1 | 0 | 1 | |
| | I am trying to connect to splunk's rest api. In the command line when I curl -k https://localhost:8089/services/auth/... by hgrbble1 New Member in Getting Data In 08-19-2018 0 0 | 0 | 0 | |
 |  Would like to get some enlightenment on what's the difference between the two. TIA by morethanyell Builder in Getting Data In 08-19-2018 0 2 | 0 | 2 | |
| | When I upload any new data to Splunk to review before the index, the preview page is blank and no sample of data is g... by mussab Explorer in Getting Data In 08-19-2018 0 2 | 0 | 2 | |
| | all, Is there a better way to get data by indexer than this search from the search head without access to the inter... by daniel333 Builder in Getting Data In 08-18-2018 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
482 -
development
5 -
eval
2 -
field extraction
558 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
947 -
host
158 -
HTTP Event Collector
440 -
index
539 -
indexer
707 -
indexing performance
1 -
inputs.conf
832 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
454 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
191 -
monitor
310 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
980 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
319 -
time
204 -
transforms.conf
578 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
91
- « Previous
- Next »
Get Updates on the Splunk Community!
Application management with Targeted Application Install for Victoria Experience
Experience a new era of flexibility in managing your Splunk Cloud Platform apps! With Targeted Application ...
Index This | What goes up and never comes down?
January 2026 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination
The Power of Two: Splunk + Cisco at "Ludicrous Scale"
You know Splunk. You know Cisco. But have you seen ...
