Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have an ugly looking log format which has pipe-separated values, but one of the fields in the event is a full XML e... by coltwanger Contributor in Getting Data In 06-03-2016 0 3 | 0 | 3 | |
 | Hi, I am having trouble finding a good way of parsing through my log entries to try and grab the key-value pairs fo... by danielpa New Member in Getting Data In 06-03-2016 0 1 | 0 | 1 | |
 | I have an input, which is a CSV file. I want to use this as a batch input. The file is generated every day, with the ... by szabados Communicator in Getting Data In 06-03-2016 0 1 | 0 | 1 | |
 | I have the monitor stanza on one of my Universal Forwarders.....I tried to blacklist a particular JVM from which the ... by prakash007 Builder in Getting Data In 06-03-2016 0 3 | 0 | 3 | |
 | Installed Splunk for ASA, install Google Maps, Sideview Utilities and TA-cisco_asa. I have confirmed that log from my... by edroche New Member in Getting Data In 06-03-2016 0 2 | 0 | 2 | |
| | I have DNS log format as follows: <14>May 25 23:59:19 COL02 Windows: {"Level":"4","Channel":"DNS Server","Version":... by jonnim Explorer in Getting Data In 06-03-2016 1 2 | 1 | 2 | |
| | Hi, I have a type of following event data which is coming from forwarder: Column1=XYZ+Column2=ABC+ColumnC=GGG.... ... by reach2tushar Explorer in Getting Data In 06-03-2016 0 8 | 0 | 8 | |
| | Dear Experts, We have a Distributed environment using around 5 heavy forwarders across various locations sending log... by sumit29 Path Finder in Getting Data In 06-03-2016 0 1 | 0 | 1 | |
| | Hi, I'm currently researching on the use of Retention Policy on Splunk by setting it to only keep data for 6 months... by qiaojing Path Finder in Getting Data In 06-03-2016 0 1 | 0 | 1 | |
 | Is it possible reconfigure an existing universal forwarder to low privileged mode? We installed our UFs as local sys... by lycollicott Motivator in Getting Data In 06-02-2016 1 13 | 1 | 13 | |
 | Hello, I don't quite understand the difference between the current_size_kb value and current_size value in the metri... by RecoMark0 Path Finder in Getting Data In 06-02-2016 0 2 | 0 | 2 | |
| |  I have two search heads (prod and QA). On https://prod/en-US/manager/search/datainputstats I get the desired DataInpu... by bkeif Path Finder in Getting Data In 06-02-2016 0 18 | 0 | 18 | |
| | I have a single data input (myLog.log) and I need to send this same data to 2 different hosts, indexes and sourcetype... by tmarlette Motivator in Getting Data In 06-02-2016 0 6 | 0 | 6 | |
| | I am ingesting data from a syslog server, and some of those file paths are pretty long. It appears that Splunk is tru... by tmarlette Motivator in Getting Data In 06-02-2016 0 6 | 0 | 6 | |
| | Hello, I am trying to add two more indexers to our current Splunk setup. Our current setup is a search head and two... by RecoMark0 Path Finder in Getting Data In 06-02-2016 0 11 | 0 | 11 | |
| | The hosting provider is Rackspace Cloud Sites. In the root of each site is a logs dir, ex. somesite.com/logs. There... by walderbachj1 Engager in Getting Data In 06-02-2016 0 2 | 0 | 2 | |
| | Does Splunk 6.4.1 support .7z extension? If it doesn't, is there anyway to write a script to be able to load .7z file... by praveenakode New Member in Getting Data In 06-02-2016 0 2 | 0 | 2 | |
 | I have log data that has a timestamp in this format 20160530/001020.670 I uploaded the log directly into Splunk to t... by skoelpin SplunkTrust  in Getting Data In 06-02-2016 0 1 | 0 | 1 | |
| | Hello, I am a new user to Splunk Light and I am having trouble with the visualization of event data. I have a .CSV s... by Ari_McEwing New Member in Getting Data In 06-02-2016 0 2 | 0 | 2 | |
 | After removing the Windows Infrastructure and VMWare applications, we get the following errors in splunkd.log: WARN ... by bravon Communicator in Getting Data In 06-02-2016 2 2 | 2 | 2 | |
| | Hi All, We are sending logs to a third party system. And in the inputs.conf monitor stanza, we have set: sendCooked... by immortalraghava Path Finder in Getting Data In 06-02-2016 2 4 | 2 | 4 | |
| | I am loading CSV file without HEADERS in Splunk. File is getting correctly loaded in Splunk. For column names I have ... by asaste Path Finder in Getting Data In 06-02-2016 0 3 | 0 | 3 | |
| | I have an event with multiple date strings, it looks like this: 2016-06-01 15:31:31 INFO - Transfer[sourceName=xxx,... by nicocin Path Finder in Getting Data In 06-02-2016 0 5 | 0 | 5 | |
| | Hi Experts, We are trying to ingest a XML log file to splunk with the following data 2016-05-26 10:14:37 | R.R.serv... by kkossery Communicator in Getting Data In 06-01-2016 0 9 | 0 | 9 | |
 | Hi, I'm trying to ingest some CSV files that contain QOS metrics. The issue I have is that I need to get this data ... by cdstealer Contributor in Getting Data In 06-01-2016 0 2 | 0 | 2 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
480 -
development
5 -
eval
2 -
field extraction
557 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
946 -
host
156 -
HTTP Event Collector
439 -
index
539 -
indexer
705 -
indexing performance
1 -
inputs.conf
830 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
191 -
monitor
309 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
979 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
319 -
time
204 -
transforms.conf
577 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
