Splunk Enterprise Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Disabled input methods/scripts throwing errors within Splunk ES

rturk
Builder
‎10-01-2014 02:15 AM

Hi All,

I have a pretty generic Splunk for Enterprise Security implementation. Every hour I get prompted with a whole bunch of messages such as the ones below:

alt text

I believe I have disabled all inputs that call on these binaries and scripts (checked using ./splunk cmd btool inputs list) and yet I still get them... can anyone suggest a possible culprit?

Cheers 🙂 RT

0 Karma
Reply

ekost
Splunk Employee
Splunk Employee
‎10-01-2014 02:28 PM

There was a bug with Windows modular inputs and the Splunk App for Enterprise Security. They were fixed with the releases of Splunk Enterprise 6.0.5 and 6.1.3, and is marked as fixed in the Enterprise Security 3.1 Release Notes under SOLNESS-4629.

Reply

rturk
Builder
‎10-01-2014 03:01 PM

Hi ekost - thanks for that. I should have specified we're running the latest versions of both. I'll log a formal ticket with support today. Thanks again 🙂

0 Karma
Reply
Register for .conf25!
Get Updates on the Splunk Community!

Raise Your Skills at the .conf25 Builder Bar: Your Splunk Developer Destination

Calling all Splunk developers, custom SPL builders, dashboarders, and Splunkbase app creators – the Builder ...

Hunt Smarter, Not Harder: Discover New SPL “Recipes” in Our Threat Hunting Webinar

Are you ready to take your threat hunting skills to the next level? As Splunk community members, you know the ...

Splunk ITSI & Correlated Network Visibility

  Now On Demand   Take Your Network Visibility to the Next Level In today’s complex IT environments, ...
Top