This documentation does not apply to the most recent version of Splunk.
This documentation applies to the following versions of Splunk: 3.2 , 3.2.1 , 3.2.2 , 3.2.3 , 3.2.4 , 3.2.5 , 3.2.6 , 3.3 , 3.3.1 , 3.3.2 , 3.3.3 , 3.3.4 , 3.4 , 3.4.1 , 3.4.2 , 3.4.3 , 3.4.5 , 3.4.6 , 3.4.8 , 3.4.9 , 3.4.10 , 3.4.11 , 3.4.12 , 3.4.13
If you haven't installed Splunk yet, read the Installation Manual. If you've already installed it, point your browser at port 8000 on your server. If you have an enterprise license, you will need to login with the default username "admin" and password "changeme."
The default username is "admin" and the password is "changeme."
Log into the Splunk web interface as an administrator and click on the "Admin" link at the top left. Then click on data inputs and follow the interface instructions from there.
Alternately, type $SPLUNK_HOME/bin/splunk help input for assistance with adding data via the commandline.
You should have a list of source types and hosts and sources toward the middle of your Splunk home page. Choose one, click and you will see all associated events.
Or you can open the Splunk drop-down menu at the top of the UI. Hover over "Saved Splunks" and choose "all." This search will return every event (up to the 10,000 most recent) in your Splunk index.
Yes. See the Installation Manual for instructions.