Splunk Enterprise

Community Activity

	Upgrading to 9.4 and later, kvstore issues / Splunk self signed certificates Hello, does Splunk self signed (original) certificates work with kvstore upgrade?Looks like it's also a problem with ... by splunkreal Motivator in Splunk Enterprise yesterday 0 1	0	1
	Splunk workload pricing vs ingest pricing Hi Splunk Gurus, Lets say i have 2TB daily ingest license, but lets assume daily my ingestion is averagely 1500GB for... by inventsekar SplunkTrust in Splunk Enterprise Saturday 0 7	0	7
	WARNING: web interface does not seem to be available! Hi all,Unable to start the splunk web interface in my windows local machine, below is the error it is showing when i ... by _Raj Explorer in Splunk Enterprise Wednesday 0 1	0	1
	Ingest Backdated Files in Splunk Using Event Report Time as Timeline Timestamp Hello Splunkers!!I have a set of backdated files that need to be ingested into Splunk. The requirement is that the ev... by uagraw01 Motivator in Splunk Enterprise Tuesday 0 4	0	4
	New installation. Returns ‘Illegal instruction’ when running ./splunk start As a hobbyist, trying to set up my first RnD environment on an oldish server. A fresh install of Debian 12 and an ins... by realgandy Explorer in Splunk Enterprise a week ago 0 3	0	3
	Perpetual 100GB license "exceeded" and locked out We're on a perpetual 100G license without support. Everything is fine as we're not using it in mission-critical oper... by mgjk Explorer in Splunk Enterprise a week ago 0 7	0	7
	How to specify an index when deploying the Splunk Universal Forwarder on a Windows domain? I plan to deploy the Splunk UF across all my Windows client PCs using SCCM. But I'm confused about the index settings... by DashZentin Explorer in Splunk Enterprise 2 weeks ago 0 2	0	2
	upgrade from 9.3.8 to 10.0.2 What is the correct position on upgrading UFs from 9.3.8 to 10.0.2? by gitau_gm Explorer in Splunk Enterprise 2 weeks ago 0 6	0	6
	How to upgrade OpenSSL on Splunk servers? We have this Tenable vulnerability on some of our Splunk servers - https://www.tenable.com/plugins/nessus/266318And t... by danielbb Motivator in Splunk Enterprise 2 weeks ago 0 2	0	2
	KV limit in limits.conf Hi,We develop a Splunk app that ingests JSON events with 150+ fields. Our props.conf uses:[our_sourcetype]KV_MODE = j... by manthantsarwade New Member in Splunk Enterprise 2 weeks ago 0 3	0	3
	What would be the proper upgrade path for this Tenable vulnerability coming from 9.3.3? We have a Splunk environment of over 20+ servers, and they are all consistently running Splunk version 9.3.3 Core & U... by danielbb Motivator in Splunk Enterprise 2 weeks ago 0 2	0	2
	extract specific field i want to extract last word in resource_id field from below events. by ra_52194724 Engager in Splunk Enterprise 2 weeks ago 0 1	0	1
	KV Store Failing to start 9.4 .1 I have migrated to 9.4.1. I initially I had certificate issues, which have been resolved. kv store still fails to s... by romedawg Engager in Splunk Enterprise 2 weeks ago 0 9	0	9
	KVstore unable to start after upgrade to Splunk Enterprise 9.4 Hi,After completing the upgrade from Splunk Enterprise version 9.3.2 to v9.4 the KVstore will no longer start. Splunk... by gloom Loves-to-Learn Lots in Splunk Enterprise 3 weeks ago 0 12	0	12
	Splunk Enterprise 9.4.7 released but not listed in the official Products Version Compatibility Matrix – is this expected Hi Splunk Community & Splunk Docs team,Splunk Enterprise 9.4.7 was released on November 26, 2025 (fixed issues page i... by ParsaIsHash Loves-to-Learn Lots in Splunk Enterprise 3 weeks ago 0 2	0	2
	Splunk MCP for On-Prem Instances Hi Team,I have seen the news that Splunk MCP is available for both cloud and enterprise environments. However, in the... by thangarun Explorer in Splunk Enterprise 3 weeks ago 0 6	0	6
	splunk to soar I am using sendtophantom in Splunk ES to send events to SOAR. The action shows success in the logs, but the events r... by kn450 Explorer in Splunk Enterprise 3 weeks ago 0 5	0	5
	About Splunk Command options Hi There Dear Splunkers, So, today myself and my friend were reading that question about "splunk kvstore backup"... l... by inventsekar SplunkTrust in Splunk Enterprise 3 weeks ago 0 4	0	4
	when backup kvStore using "-auth" option Hello.Currently, SH's Enterprise core version is 9.2.7.I'm performing daily kvStore backups on SH using the following... by tkdguq0110 Path Finder in Splunk Enterprise 3 weeks ago 0 2	0	2
	Splunk Machine Learning Toolkit: Density Function Hi, I'm trying to use the density function to detect anomalous logins compared to normal user usage.I use the fit com... by Nick102 New Member in Splunk Enterprise 3 weeks ago 0 1	0	1
	create testing LAP enviroment what is requirment to create testing LAP enviroment with free licenses , please share with me any video or article r... by Najm Engager in Splunk Enterprise 3 weeks ago 0 1	0	1
	Where are login credentials to peers stored? And why bin/scripts/ is deleted after upgrading? Hi.QUESTION #1: search peer login credentialsIn previous versions, i'm talking about v7 and/or v8, in my memory, logi... by verbal_666 Builder in Splunk Enterprise 4 weeks ago 0 3	0	3
	Whitelist specific pod in namespace for Heavy Forwarder I have a namespace, hammy, in k8s with several pods deployed. Out of all the pods, i'd only want the pods with the na... by jarelloy Engager in Splunk Enterprise 4 weeks ago 0 4	0	4
	License manager / slave certificates Hello,Does Splunk license slave node with default certificates can communicate with license manager that has custom C... by splunkreal Motivator in Splunk Enterprise 4 weeks ago 0 3	0	3
	How do I uninstall an app from a search head cluster? In Splunk Enterprise, prior versions, I used to be able to: Cd /opt/splunk/etc/shcluster/appsrm -rf this_old_appApply... by TheBravoSierra Path Finder in Splunk Enterprise 4 weeks ago 0 3	0	3