Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have an Splunk indexer that receives IIS input from several sources. Why is the sourcetype set to "iis.1" instead ... by lguinn2 Legend in Getting Data In 02-19-2024 3 9 | 3 | 9 | |
 | Hi.I'm working on splunk operations team.version: Enterprise 7.3.4, centos7Environment : 3 SH, 10 IDX cluster.Search ... by dongwonn Explorer in Getting Data In 02-19-2024 0 0 | 0 | 0 | |
| | Hi Guys, I am very new to Splunk Cloud and how things work here. Our current setup is: 1. UF(Linux) -> Heavy Forwarde... by MAvasthi Loves-to-Learn Everything in Getting Data In 02-19-2024 0 1 | 0 | 1 | |
| | Hello Splunk Community,I'm currently facing an issue with integrating Group-IB threat intelligence feeds into my Splu... by Mohd_Harahsheh9 Engager in Getting Data In 02-19-2024 0 0 | 0 | 0 | |
| | Currently I am feeding Splunk Zeek logs (formerly known as bro) via the monitor command. Some of the logs in the Zeek... by Mr_Sneed Explorer in Getting Data In 02-18-2024 0 2 | 0 | 2 | |
| | We are rolling out a customer service chatbot. Has anyone needed to collect the data such as input/output and logs be... by edalbanese Engager in Getting Data In 02-16-2024 0 3 | 0 | 3 | |
| | Hello I have to work on a parser which has the time format like this : "time: 2024-02-15T11:40:19.843185438Z"It is js... by izzie123 Path Finder in Getting Data In 02-16-2024 0 9 | 0 | 9 | |
| | Can I injest CPU, memory,eventID data in metric index by using SPLUNK app for Windows ?I am getting data once I injes... by kate Path Finder in Getting Data In 02-16-2024 0 4 | 0 | 4 | |
| | Hi,I need to collect the logs from Windows Defender and I was looking for an official app and I couldn't find one.I r... by corti77 Contributor in Getting Data In 02-16-2024 0 5 | 0 | 5 | |
| | Log ingesting intermittently We could not find the path referenced . We have Univerasal forwarder is Windows server a... by raghunandan1 Engager in Getting Data In 02-15-2024 0 1 | 0 | 1 | |
| | After upgrade to 9.0 seeing followingERROR TcpOutputQ [<thread id> TcpOutEloop] - Unexpected event id=<eventid> by hrawat Splunk Employee  in Getting Data In 02-14-2024 0 19 | 0 | 19 | |
| | Hello to everyone!I have a curious situation:I have log files that I collecting via SplunkUFThis log file does not co... by NoSpaces Contributor in Getting Data In 02-14-2024 0 2 | 0 | 2 | |
| | Hi,we had deployed cloud flare ta app on one of our sh,could anyone help me in fixing the logs parsing issue in splun... by AL3Z Builder in Getting Data In 02-13-2024 0 0 | 0 | 0 | |
| | Been struggling for a while on this one.On-prem Splunk Enterprise. v9.1.2, running on CentOS 7.9--Just trying to fin... by labrat045 Observer in Getting Data In 02-13-2024 0 0 | 0 | 0 | |
| | Hello, I need to monitor log files that are in the following directory('s'): "c:\users\%username%\appdata\local\app\$... by Niro Explorer in Getting Data In 02-13-2024 0 5 | 0 | 5 | |
| | Hello,I'm looking to change our indexing architectureWe have dozens of AWS accounts. We use the Splunk AWS app to ing... by nateloepker Explorer in Getting Data In 02-13-2024 0 0 | 0 | 0 | |
| | How to add custom log file to splunk universal forwarder? I have an application which generate the log. I need to ad... by tirusplunk Engager in Getting Data In 02-13-2024 0 5 | 0 | 5 | |
| | Hi,We deployed an UF on a Win server 2022 and enabled the [WinEventLog://Security] log collection. The log collection... by olivier_guisneu Engager in Getting Data In 02-13-2024 0 4 | 0 | 4 | |
| |  Good morning,Let me tell you about my case. In my company, we have five indexers, one for development and the other f... by cfernaca Explorer in Getting Data In 02-13-2024 0 2 | 0 | 2 | |
| | We have standardized our infrastructure on UTC, but we want to generate reports in PST. Is there a way to specify a ... by paymon Engager in Getting Data In 02-13-2024 5 25 | 5 | 25 | |
| | I Am having Hf and it is configured to send data via sourcetype AAfter sometime it stops sending data to AThen i move... by arunsundarm Engager in Getting Data In 02-12-2024 0 3 | 0 | 3 | |
| | My organization has a handful of heavy forwarders that were configured to listen to syslog sources through udp://514.... by Dominic32 Explorer in Getting Data In 02-12-2024 0 3 | 0 | 3 | |
| | Hi Guys, I am struggling to send data from remote machine to Splunk server. I have tried the steps mentioned in the... by jhl226116 Explorer in Getting Data In 02-12-2024 0 32 | 0 | 32 | |
| | Hi everyone.Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change an... by faiq1999 Explorer in Getting Data In 02-11-2024 0 4 | 0 | 4 | |
| | Have UFs configured on several Domain Controllers that point to a Heavy Forwarder and that points to Splunk Cloud. Tr... by WumboJumbo675 Explorer in Getting Data In 02-10-2024 0 4 | 0 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
administration
13 -
blacklist
92 -
configuration
32 -
CSV
209 -
data
502 -
development
5 -
field extraction
564 -
forwarder management
2 -
heavy forwarder
961 -
host
159 -
HTTP Event Collector
444 -
index
544 -
indexer
715 -
inputs.conf
840 -
installation
5 -
intermediate forwarder
145 -
JSON
395 -
Linux
461 -
Mac
30 -
modular input
195 -
monitor
313 -
other
83 -
props.conf
995 -
saved search
2 -
scripted input
249 -
search
1 -
search head
2 -
source
291 -
sourcetype
496 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
syslog
324 -
time
204 -
transforms.conf
584 -
troubleshooting
14 -
universal forwarder
1,571 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
595 -
XML
91
- « Previous
- Next »
Get Updates on the Splunk Community!
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Cisco Live 2026 is almost here, and this ...
What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)
Hello Splunkers,
So you searched, “what is the name of the usb key inserted by bob smith?”
Not gonna lie… ...
Automating Threat Operations and Threat Hunting with Recorded Future
Automating Threat Operations and Threat Hunting
with Recorded Future
June 29, 2026 | Register
Is your ...
Unanswered Topics
