Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Discussions
| Thread Info | |||||
|---|---|---|---|---|---|
|
I have a need to import older Windows .evt files into my splunk environment. Since the splunk server is on linux I go...
by
chadroberts
Path Finder
in
Getting Data In
06-24-2011
|
0
|
9
| ||
|
|
I have a Prod and QA instance of Splunk with 2 forwarders. Prod is v4.1.4, QA is v4.2.2. Both of them show a "latest ...
by
mmletzko
Path Finder
in
Getting Data In
06-24-2011
|
0
|
2
| ||
|
|
Is there a way to selectively index and forward by using filtering criteria such as hostname, sourcetype, or REGEX in...
by
dottom
Path Finder
in
Getting Data In
06-14-2011
|
0
|
4
| ||
|
|
Hi,
Will Splunk support heavy forwarder in future or it's going to be decommitted? I'm asking because there are on...
by
Vladimir
Path Finder
in
Getting Data In
06-24-2011
|
1
|
4
| ||
|
[monitor://C:\\program files\path\filename]
doesn't seem to be working.
by
the_wolverine
Champion
in
Getting Data In
06-09-2011
|
0
|
3
| ||
|
|
I have a simple Forwarding and receiving setup
2 servers forwarding into a 3rd.
Once everything setup, the rec...
by
gdawoud
Engager
in
Getting Data In
06-21-2011
|
1
|
2
| ||
|
|
Hi,
I'm trying to get Splunk to do the equivalent of a tail -f $file. Specifically what I'm trying to do is get th...
by
dpaper
Explorer
in
Getting Data In
06-22-2011
|
7
|
2
| ||
|
|
I have many windows systems I want to grab WMI data from. I have Splunk installed on Linux and want to do WMI polling...
by
Simeon
Splunk Employee
in
Getting Data In
06-22-2011
|
0
|
1
| ||
|
|
There is an error message:Your maximum disk usage quota has been reached. usage=15808MB quota=10000MB user=admin. The...
by
HY
Explorer
in
Getting Data In
06-21-2011
|
0
|
1
| ||
|
|
I have a comma-separated list of 3 random values in a field called randlist (syslog-like entries):
Jun 22 10:39:46...
by
jbp4444
Path Finder
in
Getting Data In
06-22-2011
|
0
|
3
| ||
|
|
I would like to temporarily stop Splunk indexing for a couple hours while my QA group runs some volume/performance te...
by
steveirogers
Communicator
in
Getting Data In
05-04-2010
|
1
|
5
| ||
|
|
Hi,
recently our splunk instance has not been indexing our data. All licenses are OK and we are not exceeding our ...
by
a_dev
Engager
in
Getting Data In
06-20-2011
|
1
|
3
| ||
|
|
How would you deploy 4.2.1 Splunk and Universal Forwarder on a Search Head node that is doing distributed search and ...
by
beaumaris
Communicator
in
Getting Data In
06-17-2011
|
0
|
2
| ||
|
|
Does Splunk lock the log file while we’re reading it? This would be on my Windows server IIS and Exchange.
by
skibum
Engager
in
Getting Data In
05-25-2010
|
2
|
3
| ||
|
|
I have an instance where another group of people want to receive an exact copy of data that is indexed on my main Spl...
by
castle1126
Communicator
in
Getting Data In
06-20-2011
|
0
|
1
| ||
|
|
Hi,
I've been using for 1 year or so a configuration for my splunk forwarders as it is in this link: http://www.me...
by
DyJohnnY
Explorer
in
Getting Data In
06-06-2011
|
1
|
3
| ||
|
|
If I have a web application that wants to access Splunk data via the REST API, what is the performance impact on Splu...
by
jambajuice
Communicator
in
Getting Data In
06-16-2011
|
0
|
2
| ||
|
|
Has anyone else seen that installing a Universal Forwarder turned on remote performance monitoring for the receiving ...
by
rhoska
Engager
in
Getting Data In
06-17-2011
|
0
|
1
| ||
|
|
Hi,
I've ran in to a problem with an event that has a timestamp but also has another timestamp in the log itself....
by
jlamble1
New Member
in
Getting Data In
06-16-2011
|
0
|
1
| ||
|
|
For various reasons (performance, not picking up files, etc) we are looking to migrate our syslog receiver from a uni...
by
adamw
Communicator
in
Getting Data In
06-16-2011
|
0
|
2
| ||
|
|
Hello, I have historical IIS log files on my PC's "D" drive that I would like to input into Splunk. Per the documenta...
by
cprundeanu
Engager
in
Getting Data In
06-16-2011
|
1
|
2
| ||
|
|
I have overridden the source values from the default log file path to custom names like "AppLog", "MaintenanceLog", e...
by
blee_i365
Explorer
in
Getting Data In
06-09-2011
|
0
|
2
| ||
|
|
Guys, From the Search app I do the following search:
| metadata type=hosts
This correctly yields a table of t...
by
stuartamurray
Path Finder
in
Getting Data In
06-13-2011
|
0
|
2
| ||
|
|
Is there an automatic maintenance task to shrink the database files (delete the oldest file) to avoid the disk space ...
by
coba
New Member
in
Getting Data In
06-16-2011
|
0
|
1
| ||
|
|
Our splunk has the windows app installed and we look at the WMI:LocalProcesses source for process monitoring. We have...
by
wanling
Path Finder
in
Getting Data In
04-08-2011
|
0
|
3
|
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Become An Expert
Top Labels
-
add-on
2 -
administration
11 -
AIX
1 -
audit
1 -
blacklist
92 -
CLI
1 -
configuration
31 -
CSV
206 -
data
461 -
development
5 -
encryption
1 -
eval
2 -
field extraction
548 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
925 -
host
154 -
HTTP Event Collector
430 -
index
536 -
indexer
698 -
indexing performance
1 -
inputs.conf
824 -
installation
5 -
intermediate forwarder
140 -
introduction
3 -
JSON
387 -
kvstore
1 -
Linux
447 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
186 -
monitor
308 -
monitoring console
1 -
other
42 -
proactive Splunk component monitoring
2 -
props.conf
965 -
regex
5 -
saved search
2 -
scripted input
242 -
search
1 -
search head
2 -
source
290 -
sourcetype
488 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
310 -
time
204 -
transforms.conf
571 -
troubleshooting
15 -
universal forwarder
1,533 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
15 -
whitelist
60 -
Windows
579 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
.conf25 Community Recap
Hello Splunkers,
And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...
Splunk App Developers | .conf25 Recap & What’s Next
If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...
Congratulations to the 2025-2026 SplunkTrust!
Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!
The ...
