Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | hi guys - i have a stand-alone splunk server that i'm trying to size appropriately. we have a fixed 3TB volume to ... by awurster Contributor in Getting Data In 11-02-2012 0 6 | 0 | 6 | |
| | Have a set of directories that act as "holding" or "pending" directories for file transfer. Essentially we transfer ... by tyronetv Communicator in Getting Data In 11-02-2012 0 4 | 0 | 4 | |
| | hi all, In splunk 4.3.3 if we clone the the views the copy of that XML is getting replicated. but if we want to cl... by splunkpoornima Communicator in Getting Data In 11-02-2012 0 3 | 0 | 3 | |
| | I have a log file that is a text file. Splunk does not monitor this file because it finds it as a binary file. The f... by lpolo Motivator in Getting Data In 11-02-2012 2 7 | 2 | 7 | |
| | I am trying to stop indexing any SNMP traffic on UDP ports 161 and 162 and they are still coming in even though I do ... by erstexas Path Finder in Getting Data In 11-02-2012 0 2 | 0 | 2 | |
| | In Splunk 4.1.5 we are attempting to estimate our storage requirements per input, with the ultimate purpose of splitt... by Itisfun33 New Member in Getting Data In 11-01-2012 0 1 | 0 | 1 | |
 | I have Splunk crawling a /logs directory, which is where it receives most of its data. (/logs is populated via syslog... by Branden Builder in Getting Data In 11-01-2012 2 2 | 2 | 2 | |
| | When I try to add my indexer to the configuration of my linux box where I have installed the universal forwarder, it ... by paul_hignutt Engager in Getting Data In 10-31-2012 0 1 | 0 | 1 | |
| | Why cant I choose a source type of an index instead of the whole index to move my index data from the specific source... by Dark_Ichigo Builder in Getting Data In 10-31-2012 1 3 | 1 | 3 | |
| | Im having issues and I know its related to props.conf, but I have over 100 regexes and I dont want to test each one, ... by Dark_Ichigo Builder in Getting Data In 10-31-2012 0 2 | 0 | 2 | |
| | The Splunk 5 release notes say the fschange monitor is being deprecated? Why is Splunk dropping one of the better se... by responsys_cm Builder in Getting Data In 10-31-2012 1 1 | 1 | 1 | |
| | I have old sources that were indexed in splunk. I'm trying to delete them but the | delete command is very slow and i... by barne_dn Explorer in Getting Data In 10-31-2012 0 1 | 0 | 1 | |
| | I am facing problem with adding a remote file on a windows server. Keep getting 'File path does not exist' error mess... by anoopambli Communicator in Getting Data In 10-31-2012 0 5 | 0 | 5 | |
| | Hello there, I am using the nlog logging framework for my C# applications. Does anybody know of a logging target sp... by ac931274 Explorer in Getting Data In 10-31-2012 1 4 | 1 | 4 | |
| | hi, my log contains several users and i have to create a text report or a table listing the starting and ending time ... by smolcj Builder in Getting Data In 10-31-2012 0 2 | 0 | 2 | |
 | I am sending data from forwarder to indexer to Heavy forwarder to syslog, in sylog I am getting Heavy forwarder host... by kml_uvce Builder in Getting Data In 10-31-2012 0 1 | 0 | 1 | |
| | Hi, We currently have a number of servers that have the universal forwarder installed and set to forward to an Enter... by mrflibbleuk New Member in Getting Data In 10-30-2012 0 4 | 0 | 4 | |
| | Our enviroment consist of splunk light forwarder > intermediate forwarder > indexer. I'm trying to index the .sdf l... by splunkIT Splunk Employee  in Getting Data In 10-30-2012 1 6 | 1 | 6 | |
| | I added this to my inputs.conf: [monitor://C:\WINDOWS\system32\LogFiles\W3SVC*\] disabled = false followTail = 0 rec... by BP9906 Builder in Getting Data In 10-30-2012 0 2 | 0 | 2 | |
| | Hello I am having a difficult time getting Splunk to recognize fields from my IIS 7.5 logs. I know that there are man... by naydenk Path Finder in Getting Data In 10-30-2012 0 4 | 0 | 4 | |
| | I am having issues with the following macros - [macros/conf-change] access = read : [ * ], write : [ admin, power ]... by jfraiberg Communicator in Getting Data In 10-30-2012 0 2 | 0 | 2 | |
| | what is the best way to get the data in using curl http://myhost/mylog.log by vallurupalli New Member in Getting Data In 10-30-2012 0 1 | 0 | 1 | |
| | My question is, can a Heavy Forwarder perform remote WMI data collection or this feature requires an Indexer? I have... by fernandoandre Communicator in Getting Data In 10-30-2012 0 3 | 0 | 3 | |
| | Hi, As I'm installing TA's on windows hosts, I see that the PerformanceMonitor source is specified as [script://$SP... by echalex Builder in Getting Data In 10-30-2012 0 2 | 0 | 2 | |
| | Hi all, while adding the input data to the splunk at final stage it has some three options as, 1.)Continuously inde... by splunkpoornima Communicator in Getting Data In 10-29-2012 0 4 | 0 | 4 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Top Labels
-
add-on
2 -
administration
12 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
32 -
CSV
208 -
data
473 -
development
5 -
encryption
1 -
eval
2 -
field extraction
551 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
938 -
host
155 -
HTTP Event Collector
435 -
index
539 -
indexer
703 -
indexing performance
1 -
inputs.conf
829 -
installation
5 -
intermediate forwarder
142 -
introduction
3 -
JSON
389 -
kvstore
1 -
Linux
452 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
189 -
monitor
308 -
monitoring console
1 -
other
48 -
proactive Splunk component monitoring
2 -
props.conf
974 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
search job inspector
1 -
source
291 -
sourcetype
492 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
317 -
time
204 -
transforms.conf
575 -
troubleshooting
15 -
universal forwarder
1,548 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
586 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
Accelerating Observability as Code with the Splunk AI Assistant
We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...
Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...
Splunk is More Than Just the Web Console
For Digital Forensics and Incident Response (DFIR) practitioners, ...
Congratulations to the 2025-2026 SplunkTrust!
Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!
The ...
Unanswered Topics
