Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Getting Data In
Getting Data In
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Getting Data In
Options
- Mark all as New
- Mark all as Read
- Float this item to the top
- Subscribe
- Bookmark
- Subscribe to RSS Feed
- Threaded format
- Linear Format
- Sort by Topic Start Date
Community Activity
 | I have a script that dumps data several lines at a time, each line has a set of key/value pairs eg: server=host1.bla... by deusaquilus New Member in Getting Data In 06-15-2011 0 1 | 0 | 1 | |
| | Some of the logs I'm tracking use source as a fieldname within the log. E.g.: 2011-06-14 17:17:48.028 s=10 source=75... by BryantD Explorer in Getting Data In 06-14-2011 0 2 | 0 | 2 | |
| | Since upgrading to 4.1 we are having issues performing searches. We constantly get IS (and FireFox) pop up warnings '... by tcotton New Member in Getting Data In 06-14-2011 0 2 | 0 | 2 | |
| | I assume there is no way to do what I want, but I figured I'd ask anyway. I have a background job processor that logs... by builder Path Finder in Getting Data In 06-14-2011 0 6 | 0 | 6 | |
| | I have setup a forwarder on a syslog-ng server to an indexer which is my webhead. I have setup an index (host-syslog)... by ngcgoon Explorer in Getting Data In 06-14-2011 0 2 | 0 | 2 | |
| | I am sending some events to the nullQueue and it used to work in 4.0.x and 4.1.x, but now it is not sending any event... by Ellen Splunk Employee  in Getting Data In 06-13-2011 2 1 | 2 | 1 | |
| | I thought Splunk always assigned a source and at least guessed a sourcetype for ALL data. Why am I seeing data in Sp... by Jason Motivator in Getting Data In 06-13-2011 1 3 | 1 | 3 | |
| | Hello, I have a log file that is being indexed and many of the lines show up combined into multi-line events however... by frankejj Explorer in Getting Data In 06-13-2011 0 2 | 0 | 2 | |
| | I have a linux web server (Ubuntu 10.04 x64) that I would like to forward apache log data from. I have installed the ... by compsavvystu Engager in Getting Data In 06-10-2011 2 3 | 2 | 3 | |
| | Question regarding 4.2+'s abililty to put a maxVolumeDataSizeMB on an arbitrary path, call it a volume, and put index... by Jason Motivator in Getting Data In 06-10-2011 1 1 | 1 | 1 | |
 | Is it possible to have two scripted inputs on a light forwarder (raw data) sent out to two different remote ports in ... by ephemeric Contributor in Getting Data In 06-10-2011 0 7 | 0 | 7 | |
 | Our developers send TRACE and DEBUG logs in massive quantities. They don't need them on 24/7. The test systems are no... by twinspop Influencer in Getting Data In 06-10-2011 1 2 | 1 | 2 | |
| | Hi Everyone, I'm new to Splunk world so I wonder if there is any Splunk code / script repository that is compiled fr... by albertwt New Member in Getting Data In 06-09-2011 0 2 | 0 | 2 | |
| | Hi I am using ubuntu OS on AWS and i have five servers. I used full spunk installation on first server and universal... by jobycxa Explorer in Getting Data In 06-09-2011 2 2 | 2 | 2 | |
 | Does such a facility exist within SPLUNK by which you can add a custom "handler" to a TCP or UDP socket input ? Such... by Damien_Dallimor Ultra Champion in Getting Data In 06-09-2011 1 4 | 1 | 4 | |
| | I'm dealing with an environment of mixed Lightweight Forwarders and Universal Forwarders. How can I tell, without log... by Jason Motivator in Getting Data In 06-09-2011 0 2 | 0 | 2 | |
| | We have installed Splunk on Windows . We would like to forward log messages from AIX box to Splunk on Windows. Howeve... by ajayk New Member in Getting Data In 06-08-2011 0 3 | 0 | 3 | |
| | I'm looking to forward data collected via a lightweight forwarder. Which input provides better performance batch or m... by Marinus Communicator in Getting Data In 06-08-2011 0 4 | 0 | 4 | |
| | Even after reading the documentation and a lot of posts here on answers, I just can't get filtering to work. I've rec... by arapozo Explorer in Getting Data In 06-08-2011 1 6 | 1 | 6 | |
| | As I don't know if this is a bug or intended I'll try to see if anyone know. When doing a new install of the univers... by drohr Engager in Getting Data In 06-08-2011 1 4 | 1 | 4 | |
| | Hi, I have a splunk server setup on an internal network which has differing numbers of machines all using either sys... by Drainy Champion in Getting Data In 06-08-2011 1 3 | 1 | 3 | |
| | Will this cause any issues, I would like to do [fschange:/etc] index = linux-security recurse = true followLinks = f... by imacdonald2 Path Finder in Getting Data In 06-07-2011 1 7 | 1 | 7 | |
| | I have a splunk universal forwarder , The Perform can only give me the short host name. but at the same time WinEvent... by keiichilam Explorer in Getting Data In 06-07-2011 0 1 | 0 | 1 | |
| | I am using the light forwarder on AIX and running into high CPU usage (80-90% of a CPU). We tracked it down to using ... by kkalmbach Path Finder in Getting Data In 06-07-2011 1 1 | 1 | 1 | |
| | Does anyone know of any solution that will allow me to install a SPLUNK universal forwarder on a laptop and when the ... by trross33 Path Finder in Getting Data In 06-07-2011 0 1 | 0 | 1 |
Get Started
Explore Essential Splunk Resources
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Get Expert Help at Community Office Hours
Join the #getting-data-in Slack channel
Top Labels
-
add-on
1 -
administration
13 -
blacklist
92 -
configuration
32 -
CSV
208 -
data
480 -
development
5 -
eval
2 -
field extraction
557 -
fields
5 -
forwarder
1 -
forwarder management
3 -
heavy
1 -
heavy forwarder
946 -
host
156 -
HTTP Event Collector
439 -
index
539 -
indexer
705 -
indexing performance
1 -
inputs.conf
830 -
installation
5 -
intermediate forwarder
143 -
introduction
3 -
JSON
392 -
kvstore
1 -
Linux
453 -
login
1 -
Mac
30 -
metadata
1 -
metrics
2 -
modular input
191 -
monitor
309 -
monitoring console
1 -
other
55 -
proactive Splunk component monitoring
2 -
props.conf
979 -
regex
5 -
saved search
2 -
scripted input
244 -
search
1 -
search head
2 -
source
291 -
sourcetype
494 -
Splunk Enterprise
1 -
Splunk Investigate
1 -
splunk-assist
2 -
subsearch
1 -
syslog
319 -
time
204 -
transforms.conf
577 -
troubleshooting
15 -
universal forwarder
1,552 -
using Enterprise Security
3 -
using Splunk Cloud
4 -
using Splunk Enterprise
16 -
whitelist
60 -
Windows
587 -
XML
90
- « Previous
- Next »
Get Updates on the Splunk Community!
App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community
As we step into 2026, it’s the perfect moment to reflect on what an extraordinary year 2025 was for the Splunk ...
Operationalizing Entity Risk Score with Enterprise Security 8.3+
Overview
Enterprise Security 8.3 introduces a powerful new feature called “Entity Risk Scoring” (ERS) for ...
Unlock Database Monitoring with Splunk Observability Cloud
In today’s fast-paced digital landscape, even minor database slowdowns can disrupt user experiences and ...
