All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How can I get a minimum Splunk Stream setup going for DNS?

daniel333
Builder
‎06-06-2018 07:44 PM

All,

I am looking at the splunkstream docs here and there is a lot to get this doing. Really all I need at this point in time it to capture the DNS traffic off 10 Windows DNS servers.

I am guessing I can just drop Splunk_TA_stream on the Windows servers which have UFs installs and enable inputs.conf for DNS traffic, right? How would I go about that? Docs seem to assume I am using my Search head cluster as some sort of command and control center. I don't think I can get away with that at this time. Just need the DNS sniffing of the sever NIC.

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...

Splunk Custom Visualizations App End of Life

The Splunk Custom Visualizations apps End of Life for SimpleXML will reach end of support on Dec 21, 2024, ...