Splunk Tech Talks
Deep-dives for technical practitioners.
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
New Article

Get Data Into Splunk!

melissap
Splunk Employee
Splunk Employee
‎07-29-2020 09:00 AM

View our Tech Talk: Admin Edition,  Get Data into Splunk on demand. 

Getting Data Into Splunk is one of the first best practice topics for getting started successfully with Splunk. In order to make decisions about the best way to get data into your Splunk instance, it is important to understand the system architecture, key data onboarding terms, and the different data ingestion tools. We offer a variety of flexible options and resources to bring any and all of your data into Splunk empowering you to make fully informed decisions.

Tune in to:

  • Learn about which types of data sources you can ingest (hint: any type!)
  • Determine the best way to get your data into on-prem Splunk Enterprise depending on your data source and data goals
  • See a demo of Splunk’s “Guided Data Onboarding” workflow tool that provides a UI driven path for seamlessly getting data in

Tech Talk discussions remain open for two weeks following the live Tech Talk event. Have more questions?  Check out the Getting Data In section in our community.

Labels
0 Karma
2 Comments
melissap
Splunk Employee
Splunk Employee
‎08-05-2020 07:28 PM

Here are some questions from the Tech Talk that we wanted to share with everyone.

Q. What is the best way to get Windows data in without having to install UF on each server?

A. If you are looking to ingest bulk windows logs you should probably leverage syslog collection. Splunk offers a highly scalable syslog collection method called Splunk connect for syslog. Check it out here: https://splunkbase.splunk.com/app/4740/. For other options I suggest you join the Splunk slack community and ask what other customers recommend. Get started here: https://docs.google.com/forms/d/e/1FAIpQLSd2PXSBiatZvCIpdE2wPFgnrUM29HBYjrkI0iDhlx26RwwE4A/viewform

Q. I'm having an issue where I can't pull in or forward a Windows logs (wineventlog) outside of the usual Application, System, or Security logs. The universal forwarder doesn't have this option. I tried modifying the input.conf file but still not showing up in Splunk. Scratching my head.

A. Hi! that sounds like an interesting problem. Do you see the system generating the logs you want to collect? I’m not as familiar with windows event collection, but have you asked in the Splunk slack community? There are a lot of people (far smarter than me) there that can help. If you have not signed up for it yet, here’s where to get started:  https://docs.google.com/forms/d/e/1FAIpQLSd2PXSBiatZvCIpdE2wPFgnrUM29HBYjrkI0iDhlx26RwwE4A/viewform Alternatively, you should also consider opening a support case.

0 Karma
melissap
Splunk Employee
Splunk Employee
‎08-05-2020 07:30 PM

We also want to make sure you have these additional resources for your journey:

  1. Splunk Community Discussions: Getting Data In
  2. Explore the Splunk Success Framework: Best practice framework for admins using Splunk to Get Data In
  3. Check out the Documentation: Get step by step details on all the ways to get data into Splunk
  4. Splunk Administrator Training Courses
0 Karma
Contributors
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...