Splunk Enterprise

Community Activity

UF directories structure Hello,On UF I've seen that we put pem certificates in etc/apps/myapp/default/dataOn our servers however I've seen som... by splunkreal Influencer in Splunk Enterprise 3 hours ago 0 1	0	1
Spike in 503 errors in the Splunk WebUI after upgrading to 10.0.3 (also affects 9.2.10/9.3.9/9.4.8/10.2.0) Good afternoon! This week we upgraded a Splunk deployment from 9.4.x to 10.0.3, and whilst everything seemingly went ... by livehybrid SplunkTrust in Splunk Enterprise 10 hours ago 25 13	25	13
Drowning in Postgres initialization errors Hi, my 10.0.3 systems (SH, DS and indexers) send me several hundred postgres errors each day that seem to indicate th... by afx Contributor in Splunk Enterprise 17 hours ago 0 0	0	0
Corrupted buckets in Splunk Indexer cluster (Splunk 9.4.3) Hello,we have a cluster of 6 indexers distributed on 2 sites and after a patching activity on these servers that requ... by PRusconi91 Engager in Splunk Enterprise Tuesday 1 5	1	5
After upgrade 10.0 to 10.2.0, Forwarder Management Web UI is unavailable After upgrading, the webpage says Agent management unavailable "there is an error in your serverclass.conf file, whic... by brycemasterman Explorer in Splunk Enterprise Monday 0 21	0	21
Stable Splunk 10 Hello, which Splunk 10 version is stable? I've seen there is 10.2 and before 10.0, what happened to 10.1?Also I saw 1... by splunkreal Influencer in Splunk Enterprise Monday 0 1	0	1
CAC Authentication Not Working in Splunk 10.0.2 on Windows Server 2022 (Unauthorized XML Error) Good morning,I’m hoping someone can help with an issue I’m running into.Is anyone currently using CAC authentication ... by telvinwells08 Loves-to-Learn in Splunk Enterprise Friday 0 1	0	1
Error when pushing cluster bundle to SHs Seeing this error on SHC-D when attempting to push bundle to SHs:Error while deploying apps to first member, aborting... by SplunkNinja Path Finder in Splunk Enterprise a week ago 0 6	0	6
Splunk DB Connect "The Task Server is currently unavailable" Just did a fresh install of Splunk Enterprise 10.0.3, set up HTTPS with the web service, then installed Splunk DB Con... by ww9rivers26 New Member in Splunk Enterprise a week ago 0 2	0	2
How can I handle this MC access vulnerability? I just upgraded the whole environment (Core and UFs) to 9.3.8 to fix a set of vulnerabilities, and now, to my surpris... by LovingSplunk Explorer in Splunk Enterprise a week ago 0 1	0	1
9.3.6 to 9.3.9 ... frequently WebUI timeout! Hello.I recently updgraded from 9.3.6 to 9.3.9 all SPLUNK machines.With 9.3.6 i did not notice nothing wrong.Now in 9... by verbal_666 Builder in Splunk Enterprise a week ago 0 4	0	4
How can I take care of this Apache vulnerability? On the search head, we have this vulnerability -Apache Log4j 2.0-beta9 < 2.25.3 MitMComing from the following paths -... by LovingSplunk Explorer in Splunk Enterprise a week ago 0 1	0	1
Migrating Splunk Enterprise Server from Windows to Linux I am reaching out to seek guidance regarding a migration project for our Splunk Enterprise Server.I am currently runn... by sswigart Explorer in Splunk Enterprise a week ago 0 2	0	2
Why is Splunk is restarting itself? Hello, I have a splunk heavy forwarder (splunk 9.0.0.1, centos 7) configured as a heavy forwarder. When I issue "sp... by jason0 Path Finder in Splunk Enterprise a week ago 1 8	1	8
How can I take care of this vulnerability? On the search head, we have this vulnerability -Apache Log4j 2.0-beta9 < 2.25.3 MitMComing from the following paths -... by LovingSplunk Explorer in Splunk Enterprise a week ago 0 4	0	4
log4j exploit - how do I remedy? Hello! A recent security scan of our environment has discovered two instances of log4j in our Splunk Enterprise envir... by Branden Builder in Splunk Enterprise a week ago 0 3	0	3
How to correct the GUID of a rebuilt Searchhead on Cluster Manager? I had to rebuild a searchhead some time back, everything works fine on the searchhead and it functions just fine with... by briancronrath Contributor in Splunk Enterprise 2 weeks ago 1 2	1	2
Exclude some events from being indexed Calling all regex gurus! I’m trying to drop all traffic with a certain IP (192.168.1.1) or a certain port number (12... by pil321 Communicator in Splunk Enterprise 2 weeks ago 0 11	0	11
splunk setup problem whenever i try to open splunk it redirect me to another web page but that webpage is nothing other but a local host n... by rohitkattewar New Member in Splunk Enterprise 2 weeks ago 0 4	0	4
Index redirection using props.conf and transforms.conf not working (Splunk 9.4.6) Hi everyone, I need to open a case here hoping someone can help us. We need to redirect logs from specific sourcetype... by Cybers1 Explorer in Splunk Enterprise 2 weeks ago 0 5	0	5
Zscaler app Hi Everyone,We want to integrate Splunk with Zscaler, and according to the documentation, the following components ar... by Splunk_adm Engager in Splunk Enterprise 2 weeks ago 0 2	0	2
Abnormal number of threads on indexers since upgrade to 10.2.0 Hello everybody,I have upgraded my Splunk installation to 10.2.0 and since then, I have noticed an abnormal number of... by slibitcs Engager in Splunk Enterprise 2 weeks ago 1 2	1	2
Error message on Splunk Encountered the following error while trying to save: Failed to create. Configuration for port 9997 already exists. I... by hordoffa1970 New Member in Splunk Enterprise 2 weeks ago 0 2	0	2
Splunk Log Priortization My Core Problem is-Log categorizationLog prioritizationLicense optimizationYour main constraint: Splunk SIEM license ... by amimulahasun Explorer in Splunk Enterprise 3 weeks ago 1 5	1	5
Changing root CA / server certificates on cluster Hello,we will need to change root CA/server certificates on all our splunk cluster, forwarders will also be affected.... by splunkreal Influencer in Splunk Enterprise 3 weeks ago 0 5	0	5