Getting Data In

Thread Info

Form Input - Add submit button for each panel

Hi, I would like to add a seperate submit button for each panel of a form. At the moment there is only one button ...

by Motivator in

Why can't I find the screen with the form for "file upload" to add data to my Splunk Cloud trial?

Hi, I'm new to Splunk. I signed up for the Cloud trial. When I first logged in I was presented with a "file upload" f...

by Explorer in

Heavy Forwarder filter

Hi, I have this example of log: hhhh/mm/dd hh:mm:ss :MGR ,nnnnn:nnn(text):1 [-07728 text.] : Event : Done by > ...

by Engager in

Timestamp recognition of multi timestamp formats in one Logfile

Hey, I have a problems with the timestamp recognition at index time. How can Splunk recognize different time/date for...

by Explorer in

Forwarder stopped forwarding after restart of server

I am using the VMware Syslog collector to collect the logs from my ESXi hosts and send them to Splunk with the univer...

by New Member in

Get logs again

There is a .html file I got via Splunk 4 months ago. Now I want get it again via Splunk because we only save logs in ...

by Path Finder in

sourcetype is not listing

i have taken a backup of my app and uploaded in another splunk instance(free license). when i am ttrying to add datai...

by Builder in

What are recommendations for our current file monitoring setup?

My setup looks like this: syslog collector with UF -> HF -> Index cluster File input in a directory on the syslog ...

by Path Finder in

Filter a syslog to only a couple fields, make into a report

Pardon my brand-newness to Splunk, please. I just installed it.  We have a Sourcefire unit that we would like to ...

by New Member in

How do I setup TCP ROUTING when using an intermediate forwarder

I have some sourcetypes that I'd like to go to two indexing destinations. Universal Forwarder: (inputs.conf) [m...

by Contributor in

How to configure a universal forwarder to forward 2 syslogs from 1 IP address to 2 different indexes?

Hi, I have a Linux server and the syslog is functional. Here is UF config (inputs.conf) : [udp://xx.xx.xx.140:514]...

by Path Finder in

How to update only the inputs.conf blacklist stanza on a universal forwarder with a deployment server?

Have a myriad of webservers in a webfarm where I need to blacklist certain eventIDs/Types (from time to time) to pres...

by Explorer in

Is it possible to configure cloning AND autoLB simultaneously?

I have a light forwarder sending data to my indexer. I'm bringing two new Splunk indexers online and want to use auto...

by Champion in

How to re-index the deleted data in splunk.

I indexed some data into splunk by .csv file, but there is some problem with it. So I removed them by "|delete" comma...

by Engager in

How to blacklist or whitelist logs monitored in a Windows directory?

Hi I have to monitor a specific folder in a certain directory For example my path is G:\opdata\my_data\motherfolde...

by Contributor in

What do you look for, and how, to ensure initial log data quality (including field extractions) and ensure it is ongoing?

Hello, So I am pulling together a checklist of things to ensure initial and ongoing log data quality. This is obvi...

by Path Finder in

Can a Search Head be an Indexer as well in a distributed search environment?

I have 2 Splunk Test Servers. I had one as an indexer and one as the search Head. But, we are needing to restore a si...

by Explorer in

How to automatically upload a CSV file I receive daily from my Mac Desktop to Splunk and either refresh the data or add deltas?

I've installed the universal forwarder on my mac now I want to automatically send a csv file from a folder on my Mac ...

by Path Finder in

can i upload a csv file into splunk just for testing purposes on the data?

If i donwload splunk onto my machine, can i upload a csv file into splunk just for testing purposes on the data?

by Motivator in

Can Windows Events and pcap files can be loaded into Splunk

Does anyone know if Splunk can import Microsoft Event files or cap, pacp, pcapng files from programs like Wireshark, ...

by Explorer in

I do not need the seconds field in time but i am unable to separate the time from Date in time chart. Please guide me on this

eventtype=cppm-pass-authentication (cphost=10.200.22.7 OR cphost=10.200.22.8 OR cphost=10.210.22.8 OR cphost=10.210.2...

by Explorer in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Getting Data In

Discussions

Form Input - Add submit button for each panel

Why can't I find the screen with the form for "file upload" to add data to my Splunk Cloud trial?

Heavy Forwarder filter

Timestamp recognition of multi timestamp formats in one Logfile

Forwarder stopped forwarding after restart of server

Get logs again

sourcetype is not listing

What are recommendations for our current file monitoring setup?

Filter a syslog to only a couple fields, make into a report

How do I setup TCP ROUTING when using an intermediate forwarder

How to configure a universal forwarder to forward 2 syslogs from 1 IP address to 2 different indexes?

How to update only the inputs.conf blacklist stanza on a universal forwarder with a deployment server?

Is it possible to configure cloning AND autoLB simultaneously?

How to re-index the deleted data in splunk.

How to blacklist or whitelist logs monitored in a Windows directory?

What do you look for, and how, to ensure initial log data quality (including field extractions) and ensure it is ongoing?

Can a Search Head be an Indexer as well in a distributed search environment?

How to automatically upload a CSV file I receive daily from my Mac Desktop to Splunk and either refresh the data or add deltas?

can i upload a csv file into splunk just for testing purposes on the data?

Can Windows Events and pcap files can be loaded into Splunk

I do not need the seconds field in time but i am unable to separate the time from Date in time chart. Please guide me on this

Deployed Inputs.conf Doesn't Work but system/local does?

Why are report table columns not rendered properly when exporting to PDF or CSV?

Source Type IIS not identifying fields

preserve host name when using a kiwi server to collect logs

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

.NET Application Runtime Metrics Not Showing in Sp...

Streamfwd drops IPFIX data with “no template recei...

Forwarding all logs from HF to third-party using s...

Splunk Observability Cloud/SignalFx - Related Cont...

Splunk Answers Content Calendar May 2025 🎉

Getting Data In

Are you a member of the Splunk Community?

Discussions