Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Often times, we are tasked with deleting data out of an index to trim it down. Generally, we do this by setting the ... by hajducko Explorer in Getting Data In 04-09-2014 1 5 | 1 | 5 | |
| | Hi, This is probably very basic, but I'm not sure where the actual log file sits for Windows Event Logs. Trying to... by bcusick Communicator in Getting Data In 04-09-2014 0 1 | 0 | 1 | |
| | In the Server 2008 Event Viewer there are now a "Microsoft --> Windows" folders nested under the "Applications and Se... by kbecker Communicator in Getting Data In 04-09-2014 2 5 | 2 | 5 | |
| | I have a custom log in the format where each new record has a entry followed by a pipe (|) example log: < date time... by rileyken Explorer in Getting Data In 04-09-2014 0 2 | 0 | 2 | |
 | In my props.conf I know I can change: $SPLUNK_HOME/etc/system/local/ and add: [source::xyz123] TZ=US/East... by hagjos43 Contributor in Getting Data In 04-09-2014 0 2 | 0 | 2 | |
| | Hey everyone. I'm wondering how this is possible to accomplish - we have windows server farms across numerous timezo... by msarro Builder in Getting Data In 04-08-2014 1 1 | 1 | 1 | |
| | Hi All, We have a customer who could not justify the cost of a clustered solution. So they went down the following r... by phoenixdigital Builder in Getting Data In 04-08-2014 0 1 | 0 | 1 | |
 | After upgrading my Windows servers 2003 to Splunk 6. I discovered that all my nullQueues filter stopped working, and ... by yannK Splunk Employee  in Getting Data In 04-08-2014 3 7 | 3 | 7 | |
| | I want to be able to use the search GUI to create summary index searches, but i want the actual resulting summary ind... by tpsplunk Communicator in Getting Data In 04-08-2014 1 4 | 1 | 4 | |
| | We've installed and are evaluating Splunk Enterprise 6.0 in a Windows environment (desktops are running Windows 7 Pro... by kenniskoldewyn Explorer in Getting Data In 04-08-2014 1 6 | 1 | 6 | |
| | Does anyone know if it is possible to automatically add the current_only = [0|1] attribute in a scripted Universal Fo... by aberdamy Explorer in Getting Data In 04-08-2014 0 3 | 0 | 3 | |
 | We are able to start splunk services - But getting following error while starting the services in Heavy Forwarder "... by rbal_splunk Splunk Employee in Getting Data In 04-07-2014 0 1 | 0 | 1 | |
| | Recently some of our universal forwarders stopped sending events to indexer? Is there a way to get an alert if forwa... by ajaysamantbms Explorer in Getting Data In 04-07-2014 0 1 | 0 | 1 | |
 | So if you have any reasonably complicated deployment, likely you have a fair number of inputs.conf that your UF is re... by neiljpeterson Communicator in Getting Data In 04-07-2014 0 1 | 0 | 1 | |
| | I am working on a scripted input that requires user-specific configurations (e.g. AccountKey, UserToken) as input arg... by wanling Path Finder in Getting Data In 04-06-2014 0 2 | 0 | 2 | |
| | When running splunkforwarder-6.0.1-189883-x64-release.msi you get an error message "Please re-launch the installer as... by rbal_splunk Splunk Employee in Getting Data In 04-06-2014 0 1 | 0 | 1 | |
| | We have a Splunk server that is receiving data from more than 10 forwarders. It also receives data directly via UDP a... by ruiaires Path Finder in Getting Data In 04-05-2014 0 5 | 0 | 5 | |
| | Hi, I have indexed an NMON file on SPLUNK - just for test purpose as we would like to keep all measurements in one pl... by JYTTEJ Communicator in Getting Data In 04-05-2014 0 1 | 0 | 1 | |
| | Who Will aix nmon the I / O tps data demonstrate experience in the field is the extraction of each AIX NMON TPS fiel... by wudu0517 New Member in Getting Data In 04-05-2014 0 2 | 0 | 2 | |
| | Hi, We are seeing two suspicious servers which are sending syslogs in huge count. and Upto my knowledge, we didn’... by rameshlpatel Communicator in Getting Data In 04-05-2014 0 3 | 0 | 3 | |
| | After upgrading SplunkUniversalForwader from Version 5.x to 6.x, now _TCP_ROUTING for windows monitored data is no... by rbal_splunk Splunk Employee in Getting Data In 04-04-2014 6 1 | 6 | 1 | |
| | Setup currently I have the newest version of Splunk (6.0) running as my main Splunk server with several universal for... by emccaslin Path Finder in Getting Data In 04-04-2014 1 6 | 1 | 6 | |
| | I have a one line script that searches the /dev directory for non-device (ie, regular files) on three different Red H... by splunk4steve New Member in Getting Data In 04-03-2014 0 3 | 0 | 3 | |
| | We are moving our Splunk server (everything is on this one server) however the old and new servers are in different t... by andrewkenth Communicator in Getting Data In 04-03-2014 0 6 | 0 | 6 | |
| | i'm new to splunk, if i got the following xml file and want to extract the following date and time and set as an even... by SplunkCSIT Communicator in Getting Data In 04-03-2014 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
208 -
data
471 -
development
5 -
encryption
1 -
eval
2 -
field extraction
551 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
935 -
host
155 -
HTTP Event Collector
434 -
index
538 -
indexer
703 -
indexing performance
1 -
inputs.conf
829 -
installation
5 -
intermediate forwarder
141 -
introduction
3 -
JSON
389 -
kvstore
1 -
Linux
451 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
187 -
monitor
308 -
monitoring console
1 -
other
47 -
proactive Splunk component monitoring
2 -
props.conf
973 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
491 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
315 -
time
204 -
transforms.conf
575 -
troubleshooting
15 -
universal forwarder
1,545 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
586 -
XML
90
- « Previous « Previous
- Next » Next »
Get Updates on the Splunk Community!
Index This | Why did the turkey cross the road?
November 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
🚀 Your data just got a serious AI upgrade — are you ready?
Say hello to the Agentic Era with the ...
Feel the Splunk Love: Real Stories from Real Customers
Hello Splunk Community,
What’s the best part of hearing how our customers use Splunk? Easy: the positive ...
