Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | The CLI command "add tcp ..." does not allow one to set the sourcename of the input source that it creates. How can... by giraffe Explorer in Getting Data In 05-19-2013 0 2 | 0 | 2 | |
 | We have 2 production auto-load balanced indexers that are currently getting all of our production data. Both runnin... by mfrost8 Builder in Getting Data In 05-19-2013 0 5 | 0 | 5 | |
| | I see in the docs for inputs.conf that a monitor with /foo/m*r/bar will match /foo/bar Can someone explain why th... by cramasta Builder in Getting Data In 05-18-2013 3 3 | 3 | 3 | |
| | We have some log files that we monitor as heartbeat for some daemon processes. These files contain a large level of ... by mflamerich Explorer in Getting Data In 05-18-2013 0 3 | 0 | 3 | |
| | i would like to report on the events submitted via the rest API by user. i have multiple users that submit data to sp... by monzy Communicator in Getting Data In 05-17-2013 0 1 | 0 | 1 | |
| | I have a table that shows the usernames logging into to my various servers. I want to compare these results to a list... by nickabal New Member in Getting Data In 05-17-2013 0 1 | 0 | 1 | |
| | My deployment is: 1 Forwarder + 2 Indexers + 1 Search head. My data are distributed in 2 indexers, and I only install... by nickcode Explorer in Getting Data In 05-17-2013 0 2 | 0 | 2 | |
| | Hi All, Currently there is just one stand alone splunk server running for the entire company, we decided to change t... by MarMoh Path Finder in Getting Data In 05-17-2013 0 1 | 0 | 1 | |
| | Hi I might get things wrong, but for now I have the following problem / setup forwarder with some files in some di... by flo_cognosec Communicator in Getting Data In 05-17-2013 0 10 | 0 | 10 | |
| | I have a question about how priority's work in a single props.conf file. If i have the two stanzas below and I index... by cramasta Builder in Getting Data In 05-16-2013 0 5 | 0 | 5 | |
| | I'm evaluating Splunk for our syslog needs. One of our final requirements is to have the ability to forward syslog me... by rjordan00 Engager in Getting Data In 05-16-2013 2 4 | 2 | 4 | |
| | Hello, I have what may or may not be a bit of a unique issue regarding extracted fields. We've got a few webservers ... by foomanjee Explorer in Getting Data In 05-16-2013 1 4 | 1 | 4 | |
| | Hi, I have set up a Splunk environment in which several applications will be sending data to a collection of indexer... by Ant1D Motivator in Getting Data In 05-16-2013 0 4 | 0 | 4 | |
| | Hi, I am new to Splunk and have just configured a universal forwarder on a remote windows server in order to forward... by fongkh76 New Member in Getting Data In 05-16-2013 0 8 | 0 | 8 | |
| | I would like to know what is the command filter out repeat source port if I wanna analyse my log based on number of p... by Kai191 New Member in Getting Data In 05-15-2013 0 2 | 0 | 2 | |
| | Is there an internal log message that will tell me when Splunk has finished indexing a file? by Alan_Bradley Path Finder in Getting Data In 05-15-2013 10 6 | 10 | 6 | |
| | Is it OK to do like this: [monitor://E:\Data\pnlog\createsession\] soucetype = createsession recursive = false host ... by andyk Path Finder in Getting Data In 05-15-2013 0 4 | 0 | 4 | |
| | hi, when making changes to props files, which props files in splunk do not require restarting splunk and take effect ... by alexl1 Path Finder in Getting Data In 05-15-2013 0 8 | 0 | 8 | |
| | Running v5.0.2 I've added a Syslog UDP source on port 514, and enabled DNS lookup via the advanced menu. It works gr... by mjcocat New Member in Getting Data In 05-15-2013 0 1 | 0 | 1 | |
| | I have a dashboard which has some 6 items as part of it. I have a scheduled to email the dashboard every 24 hours. ... by ppurokit Path Finder in Getting Data In 05-15-2013 0 1 | 0 | 1 | |
| | I have no idea what I missing here, just no idea and I have to admit, its killing me inside, I have been stuck on thi... by Dark_Ichigo Builder in Getting Data In 05-14-2013 0 2 | 0 | 2 | |
| | I would like to weight certain indexers more then others as some of my indexers are older, and some are beefy new box... by sonicZ Contributor in Getting Data In 05-14-2013 0 1 | 0 | 1 | |
| | Hi Splunk Team, We have installed splunk tool on a windows server 2003 machine say A and Splunk forwarder on another... by shivanshuk Explorer in Getting Data In 05-14-2013 0 6 | 0 | 6 | |
| | I find that the search id is changes as time. I am not sure why it happen and how long dose it change once. by beebeandwer Path Finder in Getting Data In 05-14-2013 0 4 | 0 | 4 | |
| | Hi, I am wondering what are the pros and cons of the following two logging setups: All hosts run rsyslog and forwar... by csclement Engager in Getting Data In 05-14-2013 1 3 | 1 | 3 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Claim a $25 Cisco Store Gift Card
Help us improve the Splunk Community and complete our survey today!
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
208 -
data
471 -
development
5 -
encryption
1 -
eval
2 -
field extraction
551 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
935 -
host
155 -
HTTP Event Collector
434 -
index
538 -
indexer
703 -
indexing performance
1 -
inputs.conf
829 -
installation
5 -
intermediate forwarder
141 -
introduction
3 -
JSON
389 -
kvstore
1 -
Linux
451 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
187 -
monitor
308 -
monitoring console
1 -
other
47 -
proactive Splunk component monitoring
2 -
props.conf
973 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
491 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
315 -
time
204 -
transforms.conf
575 -
troubleshooting
15 -
universal forwarder
1,545 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
586 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Index This | Why did the turkey cross the road?
November 2025 Edition
Hayyy Splunk Education Enthusiasts and the Eternally Curious!
We’re back with this ...
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
🚀 Your data just got a serious AI upgrade — are you ready?
Say hello to the Agentic Era with the ...
Feel the Splunk Love: Real Stories from Real Customers
Hello Splunk Community,
What’s the best part of hearing how our customers use Splunk? Easy: the positive ...
