Splunk Enterprise

Community Activity

	New installation. Returns ‘Illegal instruction’ when running ./splunk start As a hobbyist, trying to set up my first RnD environment on an oldish server. A fresh install of Debian 12 and an ins... by realgandy Explorer in Splunk Enterprise 3 hours ago 0 3	0	3
	Perpetual 100GB license "exceeded" and locked out We're on a perpetual 100G license without support. Everything is fine as we're not using it in mission-critical oper... by mgjk Explorer in Splunk Enterprise yesterday 0 7	0	7
	How to specify an index when deploying the Splunk Universal Forwarder on a Windows domain? I plan to deploy the Splunk UF across all my Windows client PCs using SCCM. But I'm confused about the index settings... by DashZentin Explorer in Splunk Enterprise Thursday 0 2	0	2
	upgrade from 9.3.8 to 10.0.2 What is the correct position on upgrading UFs from 9.3.8 to 10.0.2? by gitau_gm Explorer in Splunk Enterprise Wednesday 0 6	0	6
	How to upgrade OpenSSL on Splunk servers? We have this Tenable vulnerability on some of our Splunk servers - https://www.tenable.com/plugins/nessus/266318And t... by danielbb Motivator in Splunk Enterprise Tuesday 0 2	0	2
	KV limit in limits.conf Hi,We develop a Splunk app that ingests JSON events with 150+ fields. Our props.conf uses:[our_sourcetype]KV_MODE = j... by manthantsarwade New Member in Splunk Enterprise Sunday 0 3	0	3
	What would be the proper upgrade path for this Tenable vulnerability coming from 9.3.3? We have a Splunk environment of over 20+ servers, and they are all consistently running Splunk version 9.3.3 Core & U... by danielbb Motivator in Splunk Enterprise Sunday 0 2	0	2
	extract specific field i want to extract last word in resource_id field from below events. by ra_52194724 Engager in Splunk Enterprise Sunday 0 1	0	1
	KV Store Failing to start 9.4 .1 I have migrated to 9.4.1. I initially I had certificate issues, which have been resolved. kv store still fails to s... by romedawg Engager in Splunk Enterprise a week ago 0 9	0	9
	KVstore unable to start after upgrade to Splunk Enterprise 9.4 Hi,After completing the upgrade from Splunk Enterprise version 9.3.2 to v9.4 the KVstore will no longer start. Splunk... by gloom Loves-to-Learn Lots in Splunk Enterprise a week ago 0 12	0	12
	Splunk Enterprise 9.4.7 released but not listed in the official Products Version Compatibility Matrix – is this expected Hi Splunk Community & Splunk Docs team,Splunk Enterprise 9.4.7 was released on November 26, 2025 (fixed issues page i... by ParsaIsHash Loves-to-Learn Lots in Splunk Enterprise a week ago 0 2	0	2
	Splunk MCP for On-Prem Instances Hi Team,I have seen the news that Splunk MCP is available for both cloud and enterprise environments. However, in the... by thangarun Explorer in Splunk Enterprise 2 weeks ago 0 6	0	6
	splunk to soar I am using sendtophantom in Splunk ES to send events to SOAR. The action shows success in the logs, but the events r... by kn450 Explorer in Splunk Enterprise 2 weeks ago 0 5	0	5
	About Splunk Command options Hi There Dear Splunkers, So, today myself and my friend were reading that question about "splunk kvstore backup"... l... by inventsekar SplunkTrust in Splunk Enterprise 2 weeks ago 0 4	0	4
	when backup kvStore using "-auth" option Hello.Currently, SH's Enterprise core version is 9.2.7.I'm performing daily kvStore backups on SH using the following... by tkdguq0110 Path Finder in Splunk Enterprise 2 weeks ago 0 2	0	2
	Splunk Machine Learning Toolkit: Density Function Hi, I'm trying to use the density function to detect anomalous logins compared to normal user usage.I use the fit com... by Nick102 New Member in Splunk Enterprise 2 weeks ago 0 1	0	1
	create testing LAP enviroment what is requirment to create testing LAP enviroment with free licenses , please share with me any video or article r... by Najm Engager in Splunk Enterprise 2 weeks ago 0 1	0	1
	Where are login credentials to peers stored? And why bin/scripts/ is deleted after upgrading? Hi.QUESTION #1: search peer login credentialsIn previous versions, i'm talking about v7 and/or v8, in my memory, logi... by verbal_666 Builder in Splunk Enterprise 2 weeks ago 0 3	0	3
	Whitelist specific pod in namespace for Heavy Forwarder I have a namespace, hammy, in k8s with several pods deployed. Out of all the pods, i'd only want the pods with the na... by jarelloy Engager in Splunk Enterprise 2 weeks ago 0 4	0	4
	License manager / slave certificates Hello,Does Splunk license slave node with default certificates can communicate with license manager that has custom C... by splunkreal Motivator in Splunk Enterprise 2 weeks ago 0 3	0	3
	How do I uninstall an app from a search head cluster? In Splunk Enterprise, prior versions, I used to be able to: Cd /opt/splunk/etc/shcluster/appsrm -rf this_old_appApply... by TheBravoSierra Path Finder in Splunk Enterprise 2 weeks ago 0 3	0	3
	script to rotate log files ? I want to create a script for log rotation in splunk , which makes a zip file of last 3 days (individual zip files) ,... by SN1 Path Finder in Splunk Enterprise 2 weeks ago 0 3	0	3
	Drill down from pie chart in dashboard studio I am new to dashboarding drop downs and I'd like to create a drop down for each slice of the pie. I have created a s... by NanSplk01 Communicator in Splunk Enterprise 3 weeks ago 0 2	0	2
	What is this error "Socket error from [Search Head IP] while accessing /services/streams/search: broken pipe"? I have recently run into an issue with multiple "WARN HttpListener [HttpDedicatedIoThread:0] Socket error from [Sear... by jencot01 Explorer in Splunk Enterprise 3 weeks ago 0 8	0	8
	Heavy Forwarder missing Hello!We have a Splunk Cloud, for which we set up two on-prem components:-Heavy forwarder( To route all file based lo... by MakszimM Engager in Splunk Enterprise 3 weeks ago 0 3	0	3