Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | Hi, Can I use the following expression in my inputs.conf /data/logs/kim/.../**MS?.log.gz* Or /data/logs/kim/.../*... by mkelderm Path Finder in Getting Data In 07-09-2012 1 1 | 1 | 1 | |
| | Hi, We have spec:d volumes for use in out indexes.conf and we are also (trying) to limit this volumes content with t... by lmyrefelt Builder in Getting Data In 07-09-2012 1 4 | 1 | 4 | |
| | Hi. We are trying to monitor one custom file in a non-syslogging service on a linux Ubuntu 11.04 64 bit server. For... by certivox New Member in Getting Data In 07-08-2012 0 1 | 0 | 1 | |
| | Hello, I am setting up a test lab with Splunk. As I have a VPS (Virtual Private Server) for web hosting I thought it... by j666gak Communicator in Getting Data In 07-07-2012 0 1 | 0 | 1 | |
| | I have multiple data inputs going into one index. Is there a way to delete only one of those data inputs and scrub i... by sthao New Member in Getting Data In 07-06-2012 0 3 | 0 | 3 | |
| | Hi all, I have a question about script alert. Now the script alert will transform the result to gzip filetype. Is th... by Anthony_Hou Path Finder in Getting Data In 07-05-2012 2 2 | 2 | 2 | |
 | I have a log which contains entries like the following: (3/07/12 13:13:09) 8856: < RingBufferModule::initialize() (3... by sajbutler Path Finder in Getting Data In 07-05-2012 0 4 | 0 | 4 | |
| | We started to lose accessing Splunkweb running on Windows 2k8 Server. When we checked status of the service. We've no... by Masa Splunk Employee  in Getting Data In 07-05-2012 3 4 | 3 | 4 | |
| | Is there a way to remove the Header column row after performing the outputcsv command during a Splunk search? by efelder0 Communicator in Getting Data In 07-05-2012 2 3 | 2 | 3 | |
| | Reading a temperature sensor (DS18B20) from out side. Every so often I get a bad data set. Jul 2 23:26:40 malakoff ... by talbot7 Path Finder in Getting Data In 07-05-2012 0 6 | 0 | 6 | |
| | Hi Splunkies, another question by me... I run a script every 15 min which counts DFS connections on different server... by jan_wohlers Path Finder in Getting Data In 07-05-2012 0 1 | 0 | 1 | |
| | If multiple hosts, in different time zones, are sending logs to Splunk . In that case how to configure Timezone props... by ranjyotiprakash Communicator in Getting Data In 07-05-2012 1 6 | 1 | 6 | |
 | In my search result I want to exclude some result that belongs to eventtype, Is it possible ? my search is source... by jangid Builder in Getting Data In 07-05-2012 3 3 | 3 | 3 | |
| | I'm consuming a qa test log that has a fairly erratic format, but I was able to identify a line breaker regex to grou... by heathm Explorer in Getting Data In 07-04-2012 2 5 | 2 | 5 | |
| | Hello, I'm trialling Splunk purely as a syslog server, and have installed it on a windows 2003 server, and can recie... by GLC2012 Explorer in Getting Data In 07-04-2012 1 7 | 1 | 7 | |
| | When applying compression on forwarder to indexer, I am suspecting it's more efficient due to splunk comsuming less N... by clyde772 Communicator in Getting Data In 07-04-2012 0 1 | 0 | 1 | |
| | after few investigations on my own , I have a more specific question. what is the correct way to configure props.con... by avishayh Explorer in Getting Data In 07-04-2012 0 2 | 0 | 2 | |
| | Example of actual inputs.conf [monitor:////data/example/server/example/log/*.log] sourcetype=jboss index=idx_sep_dev... by unix New Member in Getting Data In 07-03-2012 0 4 | 0 | 4 | |
| | Has anybody experienced condition where Forwarder is not reading and sending old logs fast? Eventhough there's plent... by clyde772 Communicator in Getting Data In 07-03-2012 0 2 | 0 | 2 | |
| | How do you build a search to total the bytes transfered (sending and recieving) by ip address for the last 24 hours, ... by rpetrini Engager in Getting Data In 07-03-2012 0 3 | 0 | 3 | |
| | Hey Splunkers! I always thought or heard that data that gets input to forwarder gets "cooked" meaning compressed b... by clyde772 Communicator in Getting Data In 07-03-2012 0 1 | 0 | 1 | |
| | Hi, I already checked the API Endpoint list if my request is covered. But cannot find it. I'd like to change the da... by nebel Communicator in Getting Data In 07-03-2012 0 2 | 0 | 2 | |
| | Hi, I am just looking at a new data input in Splunk. In some cases I am seeing one timestamp per event which is what... by Ant1D Motivator in Getting Data In 07-02-2012 0 3 | 0 | 3 | |
| | I had a simple report showing the past 7 day's (by day) not per hour using the timechart span="86400s" function. Th... by lancealotx Explorer in Getting Data In 07-02-2012 0 2 | 0 | 2 | |
| | I've been having trouble getting a host override transformation in my props.conf/transforms.conf to work and want to ... by dpadams Communicator in Getting Data In 07-02-2012 0 7 | 0 | 7 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
administration
13 -
blacklist
92 -
configuration
32 -
CSV
209 -
data
502 -
development
5 -
field extraction
564 -
forwarder management
2 -
heavy forwarder
961 -
host
159 -
HTTP Event Collector
444 -
index
544 -
indexer
715 -
inputs.conf
840 -
installation
5 -
intermediate forwarder
145 -
JSON
395 -
Linux
461 -
Mac
30 -
modular input
195 -
monitor
313 -
other
83 -
props.conf
995 -
saved search
2 -
scripted input
249 -
search
1 -
search head
2 -
source
291 -
sourcetype
496 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
syslog
324 -
time
204 -
transforms.conf
584 -
troubleshooting
14 -
universal forwarder
1,571 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
596 -
XML
91
- « Previous
- Next »
Get Updates on the Splunk Community!
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas
Cisco Live 2026 is almost here, and this ...
What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)
Hello Splunkers,
So you searched, “what is the name of the usb key inserted by bob smith?”
Not gonna lie… ...
Automating Threat Operations and Threat Hunting with Recorded Future
Automating Threat Operations and Threat Hunting
with Recorded Future
June 29, 2026 | Register
Is your ...
Unanswered Topics
