Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | WMIポーリングで取得したWindowsイベントログをSEDCMD属性で置換したいのですが、 下記のprops.confを設定してもうまく置換されません。 何か対応方法ございますでしょうか。 <props.conf> [WMI:W... by sunrise Contributor in Getting Data In 11-18-2013 0 3 | 0 | 3 | |
 | Hi, How would I setup a monitor in inputs.conf that looks for files that begin with "system-" and will process every... by a212830 Champion in Getting Data In 11-16-2013 0 2 | 0 | 2 | |
| | I have an inputs.conf file that had a monitor statement like: [monitor:///*_ECM/A/doc/abc.log] Files are NOT being ... by rmorlen Splunk Employee  in Getting Data In 11-15-2013 0 5 | 0 | 5 | |
 | I've written a little python one-liner that basically calls showmount -a with an argv array at the end and my goal is... by mjones414 Contributor in Getting Data In 11-15-2013 0 1 | 0 | 1 | |
| | Hi, We are having some DNS issues in our infrastructure. Apparently the name servers our splunk hosts are using are ... by echalex Builder in Getting Data In 11-15-2013 0 4 | 0 | 4 | |
| | I get the following error: ERROR BucketMover - aborting move because recursive copy from src='C:\Program Files\Splun... by jrich523 Path Finder in Getting Data In 11-15-2013 0 1 | 0 | 1 | |
| | 10:32:21,453 INFO [2212] abcdxyz <-| 10:32:21,112 INFO [2212] abcdxyz | 10:32:22,409 INFO [1121] abcdxyz | 10:32:... by luv Explorer in Getting Data In 11-15-2013 0 12 | 0 | 12 | |
| | I want to display all mail to and from a client, with the subject, relayed host and status in one dashboard. The das... by leonrtx Explorer in Getting Data In 11-15-2013 0 8 | 0 | 8 | |
| | props.conf: [pan_event] TRANSFORMS-traffic = traffic_source transforms.conf: [traffic_source] REGEX = (,TRAFFIC,) FO... by tprzelom Path Finder in Getting Data In 11-15-2013 1 8 | 1 | 8 | |
| | Hi, Is there a way to setup inputs.conf so that a default sourcetype (and it's associated props) will be used, unles... by a212830 Champion in Getting Data In 11-15-2013 0 4 | 0 | 4 | |
| | I have a static JSON file (240k lines) I would like to index. Here's a the format: {"name":"fuel_level","value":88.2... by himynamesdave Contributor in Getting Data In 11-15-2013 0 3 | 0 | 3 | |
| | I'm trying to remove some of the events that should be forwarded to the frontend. From a configuration perspective ev... by ruisantos Path Finder in Getting Data In 11-15-2013 0 2 | 0 | 2 | |
| | Hi all, Since fschange is a deprecated feature post Splunk 5.0, i wwould like to know how to monitor windows and lin... by lohit Path Finder in Getting Data In 11-15-2013 0 1 | 0 | 1 | |
| | I'm looking at several different options for having our central Splunk server trigger a behavior on our forwarders wh... by responsys_cm Builder in Getting Data In 11-14-2013 0 4 | 0 | 4 | |
| | I've been working on some sample logs with the Web UI to adjust timestamps and where the events break, so I can creat... by kastnern Engager in Getting Data In 11-14-2013 0 3 | 0 | 3 | |
| | I have a Splunk indexer running on Ubuntu that forwards to the Splunk web on a Windows box and I want to add a new da... by glenngermiathen Path Finder in Getting Data In 11-14-2013 1 19 | 1 | 19 | |
 | Since I upgraded to 6.0, I see this warning Possible typo in stanza [splunktcp-ssl:9997] in /splunk/etc/system/local... by mataharry Communicator in Getting Data In 11-14-2013 4 2 | 4 | 2 | |
| | I have an Index which is on NAS. Im mostly having connection issues (win 2012R2 and Isilon NAS) so i was thinking ab... by jrich523 Path Finder in Getting Data In 11-14-2013 0 4 | 0 | 4 | |
| | We have some log data written as csv that we are attempting to index using the following inputs.conf monitor stanza: ... by menkurau Path Finder in Getting Data In 11-14-2013 1 2 | 1 | 2 | |
| | I'm using collect to create a summary index of a subset of events that all have a specific field, with all field extr... by laserval Communicator in Getting Data In 11-14-2013 0 2 | 0 | 2 | |
| | I'm monitoring a directory and need to alert when at certain time of the day (let's say at 7am) the number of files i... by mic1024 Path Finder in Getting Data In 11-14-2013 0 8 | 0 | 8 | |
| | Hi Guys, I have two instances on microsoft azure environment one is splunk-server and other is splunk-forwarder(uni... by lalit_mohan Path Finder in Getting Data In 11-14-2013 0 6 | 0 | 6 | |
| | I checked that there are no firewall issues. On the universal forwarder in splunkd.log: 07-15-2013 13:09:50.264 -... by bhavya_shah Path Finder in Getting Data In 11-14-2013 0 14 | 0 | 14 | |
| | Windows event logs are being picked up by Universal Forwarder v5 and sent to an Indexer v5. I'm trying to forward th... by ringm New Member in Getting Data In 11-13-2013 0 3 | 0 | 3 | |
| | I installed the add-on and tried to follow the directions. After installing, there was no 'Set up' as stated in the ... by kluey Explorer in Getting Data In 11-13-2013 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
2 -
administration
13 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
208 -
data
474 -
development
5 -
encryption
1 -
eval
2 -
field extraction
554 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
940 -
host
155 -
HTTP Event Collector
437 -
index
539 -
indexer
704 -
indexing performance
1 -
inputs.conf
829 -
installation
5 -
intermediate forwarder
142 -
introduction
3 -
JSON
391 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
190 -
monitor
308 -
monitoring console
1 -
other
50 -
proactive Splunk component monitoring
2 -
props.conf
977 -
regex
5 -
saved search
2 -
scripted input
243 -
search
1 -
search head
2 -
search job inspector
1 -
source
291 -
sourcetype
493 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
317 -
time
204 -
transforms.conf
576 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Data Management Digest – December 2025
Welcome to the December edition of Data Management Digest!
As we continue our journey of data innovation, the ...
Index This | What is broken 80% of the time by February?
December 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...
Hello Splunk Community,
We're thrilled to share an exciting update that will help you manage your data more ...
