Splunk Administration

Splunk Administration
Category Activity
balbano
Hey guys, I currently have a 3-server architecture (2 central indexers with 1 search head). We are looking to have ...
by balbano Contributor in Getting Data In 06-11-2010
1 6
1
6
dskillman
Having trouble getting splunk to start on a Windows 2k8 install. No issues on Linux.
by dskillman Splunk Employee Splunk Employee in Installation 06-11-2010
1 1
1
1
cabodj
We would like to point Splunk to our LDAP, but have the ability to create groups within Splunk. These groups would o...
by cabodj Engager in Security 06-11-2010
1 2
1
2
Chris_R_
I have 10's of thousands of files(tarballs) i want to monitor via batch/sinkhole. [batch:///var/log/archived_files] ...
by Chris_R_ Splunk Employee Splunk Employee in Getting Data In 06-10-2010
1 2
1
2
thinguyen
Hi, At the moment we have had number Ironport appliances deployed but their log files being uploaded to FTP server (...
by thinguyen Engager in Getting Data In 06-10-2010
2 3
2
3
Mick
I run a report every 24 hours, and I want to make the .csv results file available to multiple users afterwards. Can ...
by Mick Splunk Employee Splunk Employee in Getting Data In 06-10-2010
1 3
1
3
kkuminsky
Trying to monitor changes to configuration files. Followed this article: http://www.splunk.com/base/Documentation/4....
by kkuminsky Path Finder in Getting Data In 06-10-2010
1 4
1
4
robvolk
I have splunk hosted on a win2k machine with IIS7.5 running. How do I configure splunk so I can access it from my lo...
by robvolk New Member in Getting Data In 06-10-2010
0 4
0
4
nclarkau
We have users that are in another timezone (30 minutes off the servers) and events in their flashtimeline are appeari...
by nclarkau Path Finder in Getting Data In 06-09-2010
0 2
0
2
pmelchiori
I have four servers in different network with the same Windows Name. I've created a Splunk collector and the logs are...
by pmelchiori Explorer in Deployment Architecture 06-09-2010
1 4
1
4
Will_Hayes
How do I install and configure the Cisco MARS archive add-on on Splunkbase?
by Will_Hayes Splunk Employee Splunk Employee in Getting Data In 06-09-2010
0 3
0
3
uber_cookie
Hi, can anyone tell me if I could do this using Splunk: Log from particular host to a particular directory, Archive l...
by uber_cookie New Member in Getting Data In 06-09-2010
0 1
0
1
jgumbley
I try and keep our production Splunk server on the latest maintenance release of Splunk. Also I have removed the "ge...
by jgumbley Engager in Installation 06-08-2010
0 1
0
1
dwaddle
Does anyone have experience integrating splunk with a hierarchal storage management system (like AMASS, Legato, or T...
by SplunkTrust SplunkTrust in Getting Data In 06-08-2010
1 1
1
1
Genti
is there a way to track configuration changes to splunk - either via splunkweb or command line? The idea is: Lets say...
by Genti Splunk Employee Splunk Employee in Monitoring Splunk 06-07-2010
0 5
0
5
balbano
For some reason, looks like 2-3 of my indexes have stopped indexing. The monitor point to the indexes is pointed to d...
by balbano Contributor in Getting Data In 06-07-2010
0 3
0
3
seanlon11
I want a search that will tell me the total throughput of my indexing server, and then setup a notification if that t...
by seanlon11 Path Finder in Getting Data In 06-07-2010
0 8
0
8
maverick
I would like to splunk TripWire events so that I can search and correlate them with my other security, syslog, and ap...
by maverick Splunk Employee Splunk Employee in Getting Data In 06-07-2010
0 1
0
1
carmackd
I’m currently getting a new log source ready for production, and I almost have it except for one issue. I’m forwardi...
by carmackd Communicator in Getting Data In 06-07-2010
0 10
0
10
mctester
I am trying to build a report where I want to summarize the number of events for an entire year by day sorting by hos...
by mctester Communicator in Getting Data In 06-06-2010
0 4
0
4
Genti
I have a user that wants to schedule a search and cannot. I set up a test user and tried and can't do it either.
by Genti Splunk Employee Splunk Employee in Security 06-04-2010
2 1
2
1
Steve_Litras
So I have an xml formatted log added as a source, sourcetype'd as WSE_audit, and I'm trying to get it to basically sp...
by Steve_Litras Path Finder in Getting Data In 06-04-2010
3 8
3
8
Lowell
Anyone know if edi_tags was removed? I'm seeing the following warning message in the logs: AuthorizationManager ...
by Lowell Super Champion in Knowledge Management 06-04-2010
0 3
0
3
tjsellers
I wanted to use Splunk to look at data in a file. I added this file in Data Inputs. After reviewing the data I want t...
by tjsellers New Member in Security 06-04-2010
0 1
0
1
Lowell
Since upgrading to splunk 4.1, all of my summary indexing saved searches now include following term stuck on the end ...
by Lowell Super Champion in Knowledge Management 06-04-2010
1 6
1
6
Splunk Learning

Splunk has training and education options for everyone, whether it's your first or fiftieth deployment.

Get Started

Announcements
Register for Upcoming Live Tech Talks! Security and Observability Editions are held every month.

How digitally resilient are you? Take a quick Digital Resilience Assessment to find out if you're prepared for disruption!
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...
Top Karma Authors