Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi Splunkers! I would like to extract detection_method value, "Access Protection"file_name="HKLM\SOFTWARE\MICROSOFT... by smanojkumar Contributor in Getting Data In 10-06-2023 0 2 | 0 | 2 | |
 | Help me out to ingest .act and .authlog file format in splunk. by Hemant93 Loves-to-Learn Lots in Getting Data In 10-06-2023 0 1 | 0 | 1 | |
 | o365 addon has been running fine.Token expired on the Azure side, so I generated a new one.Updating the Splunk addon ... by mikefg Communicator in Getting Data In 10-05-2023 0 1 | 0 | 1 | |
| | Team, I need your assistance with the below task. I need to migrate Splunk sh-2 (Non ES instance) from Cent OS to RED... by kiranhar Explorer in Getting Data In 10-05-2023 0 10 | 0 | 10 | |
| | Hello, good dayI am very new to Splunk, i and my team want to work on a mini project using splunk cloud with the topi... by kattey New Member in Getting Data In 10-05-2023 0 2 | 0 | 2 | |
| | Hello, everyone.I just ran into an issue where a stanza within apps\SplunkUniversalForwarder\local\inputs.conf on a f... by Choi_Hyun Explorer in Getting Data In 10-04-2023 0 6 | 0 | 6 | |
| | 0 | 3 | ||
| | Hi,I have this command: | mstats avg("value1) prestats=true WHERE "index"="my_index" span=10s BY host| timechart avg(... by Shakira1 Explorer in Getting Data In 10-04-2023 0 7 | 0 | 7 | |
| |  Hi all,I successfully forward data from Windows using the commandmsiexec.exe /i splunkuniversalforwarder_x86.msi RECE... by benesch Observer in Getting Data In 10-04-2023 0 1 | 0 | 1 | |
 | Hi Community, We have this wierd situation where one of the newest splunk installs (3 months old) went out of space -... by _pravin Contributor in Getting Data In 10-03-2023 0 8 | 0 | 8 | |
| | Hello everyone, I'm working on a project ''Splunk Enterprise: An organization's go-to in detecting cyber threats'' p... by nina Engager in Getting Data In 10-03-2023 0 3 | 0 | 3 | |
| | test_id": "CHICKEN-0123456","last_test_date": "2023-09-04 12:34:00" with such above file and todays date 09/25/2023... by yohhpark Path Finder in Getting Data In 10-03-2023 0 8 | 0 | 8 | |
| | Hello guys!, I have a month trying to forward my logs from iMacs using the UF with the following format: Resources,... by ucorral Loves-to-Learn in Getting Data In 10-03-2023 0 12 | 0 | 12 | |
| | We recently move to S2 and our initial retention was set to 6 months. A month after the migration we decided to reduc... by athorat Communicator in Getting Data In 10-03-2023 0 1 | 0 | 1 | |
| | We wonder about using SmartStore. Does it make sense to use it for all data except hot and warm data? Even if we end ... by danielbb Motivator in Getting Data In 10-03-2023 1 7 | 1 | 7 | |
| | Hello comrades,After my poor research, I found that only heavy forwarder supports props.conf, but it was like 5 or 6 ... by BoldKnowsNothin Path Finder in Getting Data In 10-02-2023 0 12 | 0 | 12 | |
| | HI Community,I have been tasked with getting AWS Cloudtrail logs into Splunk. I have spent some time not just reading... by yackle_official New Member in Getting Data In 10-02-2023 0 0 | 0 | 0 | |
 | Im trying to break out the comma separated values in my results but im brain farting. I want to break out the specifi... by Dallastek1 Path Finder in Getting Data In 10-02-2023 0 2 | 0 | 2 | |
| | I would like to understand better how transformations work, in terms of priority and data flow.Let's say I have 3 tra... by cmlombardo Path Finder in Getting Data In 10-02-2023 0 6 | 0 | 6 | |
| | Hello there.I have IIS logs being ingested into Splunk.The sourcetype is currently set to "iis:test"props.conf:[iis:t... by cmlombardo Path Finder in Getting Data In 10-02-2023 0 4 | 0 | 4 | |
 | Hello everyone! Do anybody know, is it possible to aggregate (bind) auditd events (I mean logs from audit/audit.log) ... by bosseres Contributor in Getting Data In 10-02-2023 0 3 | 0 | 3 | |
| | Hello comrades, I'm just curios is there anyway to shorten frequent words?For example: <Data Name='IpAddress'>::ffff:... by BoldKnowsNothin Path Finder in Getting Data In 10-02-2023 0 7 | 0 | 7 | |
| | HiI'm currently working on obtaining Windows Filtering Platform event logs to identify the user responsible for runni... by CyberCyber New Member in Getting Data In 09-30-2023 0 1 | 0 | 1 | |
| | I wonder if the activity of deleting audit events from Splunk cloud will be logged/tracked in Splunk internal logs, e... by just4testsplunk New Member in Getting Data In 09-29-2023 0 6 | 0 | 6 | |
| | Hi, i want to send out data with an forwarder to a splunk indexer hosted in the web like splunk storm. Is it possi... by Matthias_BY Communicator in Getting Data In 09-29-2023 1 6 | 1 | 6 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
208 -
data
471 -
development
5 -
encryption
1 -
eval
2 -
field extraction
550 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
934 -
host
154 -
HTTP Event Collector
434 -
index
538 -
indexer
703 -
indexing performance
1 -
inputs.conf
828 -
installation
5 -
intermediate forwarder
141 -
introduction
3 -
JSON
389 -
kvstore
1 -
Linux
451 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
187 -
monitor
308 -
monitoring console
1 -
other
47 -
proactive Splunk component monitoring
2 -
props.conf
972 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
491 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
315 -
time
204 -
transforms.conf
574 -
troubleshooting
15 -
universal forwarder
1,543 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
585 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Unlock Instant Security Insights from Amazon S3 with Splunk Cloud — Try Federated ...
Availability: Must be on Splunk Cloud Platform version 10.1.2507.x to view the free trial banner. If you are ...
What's New in Splunk Observability - November 2025
What's New
We’re excited to announce the latest enhancements to Splunk Observability Cloud and ...
Splunk Enterprise Security(ES) 7.3 is approaching the end of support. Get ready for ...
Hi friends!
At Splunk, your product success is our top priority. With Enterprise Security (ES), we're here ...
