Splunk Enterprise

Ask a Question

Discussions

Thread Info

Why did Secure Gateway stopped working (status "not connected") few min after setup?

Hello, I am looking for a solution to send Splunk alerts to Splunk mobile application. So far I was using the "Spl...

by Path Finder in

Is there a better accelerator command that can help to correlate data?

Hello peeps, Does anyone know a better accelerator command that can help to correlate data? Im trying to correlate...

by Path Finder in

Are there any logs maintained by the Splunk Universal forwarder in case of log processing failures?

Are there any logs maintained by the Splunk Universal forwarder in case of log processing failures? I would like to s...

by Loves-to-Learn Lots in

Our customer lost access to support

Hello, Our Customer lost access to support but we need to open ticket. We have name of Customer, invoice etc.... ...

by New Member in

Receiving errors after upgrading to 8.2.4, like "Sum of 3 Highest per-cpu iowaits reached red Threshold of 15"

I get the following after upgrading to Splunk 8.2.4 on Splunk Ent. + ES. I have a large environment with clustered SH...

by Builder in

Splunk SAML SSO configuration: Why is SAML config invalid?

We have been bringing our Splunk 8.2.2.1 Enterprise stand-alone server up with SAML SSO using our windows.net connect...

by New Member in

How to send Events from BMC TrueSight to Splunk

Hello, I know we can send alerts from Splunk to BMC TrueSight. But i would like to get help on sending the even...

by Explorer in

How to get forwarders to forward perfmon counters (CPU, Disk Space etc.) into a metrics index in indexer cluster?

I'm using Splunk Enterprise 8.2.4 and trying to get my forwarders to forward perfmon counters (CPU, Disk Space etc.) ...

by Contributor in

What lookup permission or capability isn't set properly?

We're running Splunk 8.1.7.2. I am an admin. I have created a lookup file (my_lookup.csv), and lookup definition (my_...

by Communicator in

Why does the Banner says "Loading" on certain pages (such as /en-GB/manager/launcher/apps/local)?

When on certain pages, my search head says "Loading" and this never goes away. This also causes weird behaviour and j...

by Communicator in

Splunk Enterprise instance is shutting down due to signal 15

It occurs 3-4 hours after starting splunk. These are the logs found in splunk/var/log/splunk/mongod.log I CONTRO...

by Loves-to-Learn Lots in

Knowledge bundle Error : directory contains large lookup file

Hi All, I have an Warning message on my search head GUI as below: "The current bundle directory contains a large lo...

by Explorer in

Is it possible to prevent a system admin adding inputs at a forwarder?

Is it possible to prevent a system admin adding inputs at a forwarder? I only want sanctioned inputs to be used i.e. ...

by Contributor in

Splunk AD Monitoring: Replace Host with dcName

Hi Community, I'm no Windows expert and just trying to tune an alert that we have in place. It's firing whenever a ...

by Builder in

Trigger Alert and avoid false p[positives

Hi, I've created an alert for one of my main API service and how it works is, it runs every 30 mins, looks into failu...

by Path Finder in

help to improve disk quota

Hi I use a search wich is enough verbose because it queries on system events base on different tokens By default ...

by Motivator in

help on css class

hi this css class dont return results what is wrong please? <row depends="$STYLES$"> <panel> <html> <style...

by Motivator in

help to sort _time

hi why my sort _time doesnt works please? what is strange is that when I click directly on the field the sort doe...

by Motivator in

How to calculate Active Weeks

Hi All I would like to calculate active weeks (weeks count where there is data). The below is the scenario Rep...

by Explorer in

splunk

when iam using this command sanjay@ubuntu:~/opt/splunk$ cd var iam getting this error bash: cd: var: Permissio...

by Observer in

sudo: ./splunk: command not found

sudo ./splunk add forward-server 10.0.0.218 :9997 after running this command[sudo] password for smsplunkforwarder:iam...

by Observer in

help on total sum

hi how to do a total of these 3 fields please? | stats count(hang_process_name) as "h", count(crash_process_n...

by Motivator in

Splunk Enterprise Security upgrade

Greetings!!! How to updrade from 5.3.0 to SPlunk Enterprise Security version 7.0, I am having splunk enterpris...

by Communicator in

Knowledge Bundle

I was investigating bundle sizes coming from one of my SHC and came across several apps in the bundle that had the fo...

by Contributor in

Splunk 8.2.1 on Windows Crashes every night

every night my Server Crashes saying out of memory error however I have more than enough memory. In event logs get ...

by Explorer in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

Why did Secure Gateway stopped working (status "not connected") few min after setup?

Is there a better accelerator command that can help to correlate data?

Are there any logs maintained by the Splunk Universal forwarder in case of log processing failures?

Our customer lost access to support

Receiving errors after upgrading to 8.2.4, like "Sum of 3 Highest per-cpu iowaits reached red Threshold of 15"

Splunk SAML SSO configuration: Why is SAML config invalid?

How to send Events from BMC TrueSight to Splunk

How to get forwarders to forward perfmon counters (CPU, Disk Space etc.) into a metrics index in indexer cluster?

What lookup permission or capability isn't set properly?

Why does the Banner says "Loading" on certain pages (such as /en-GB/manager/launcher/apps/local)?

Splunk Enterprise instance is shutting down due to signal 15

Knowledge bundle Error : directory contains large lookup file

Is it possible to prevent a system admin adding inputs at a forwarder?

Splunk AD Monitoring: Replace Host with dcName

Trigger Alert and avoid false p[positives

help to improve disk quota

help on css class

help to sort _time

How to calculate Active Weeks

splunk

sudo: ./splunk: command not found

help on total sum

Splunk Enterprise Security upgrade

Knowledge Bundle

Splunk 8.2.1 on Windows Crashes every night

.conf25 Global Broadcast: Don’t Miss a Moment

Observe and Secure All Apps with Splunk

What's New in Splunk Observability - August 2025

Assistance Needed: Pulling Data from Splunk Enterp...

issue on splunk deployment server forwarder manage...

Deployment Manager フォワーダー管理でエージェントが表示されない

otel not pushing data to on-prem splunk

Installing additional software with splunk-ansible...

Splunk Enterprise

Are you a member of the Splunk Community?

Discussions