Splunk Enterprise

Community Activity

upgrade to kvstore v7 impossible on MacOS?! Hi all,When upgrading from v9.4.1 to a newer version (including 10) on MacOS (arm) i receive the error message:-> Cur... by schose Builder in Splunk Enterprise 08-15-2025 1 6	1	6
Splunk Enterprise version upgrade from 8.2 to 9.0 guidance Dear All, As a splunk Admin , i have a earlier experience of doing upgradation from splunk enterprise version 9.1 to ... by AsmaF2025 Explorer in Splunk Enterprise 08-15-2025 0 5	0	5
How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED___default-autolb-grou Hi everybody ! How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED___d... by idris_tester Explorer in Splunk Enterprise 08-15-2025 0 9	0	9
Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca." Splunk 9.4Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown... by OGS Explorer in Splunk Enterprise 08-14-2025 0 2	0	2
The is_risky parameter not working as expected We're trying to suppress the warnings for reports that use dbxlookup command to enrich data in the report. We have a... by BradOH Path Finder in Splunk Enterprise 08-14-2025 0 11	0	11
Universal Forwarder only forwarding select logs I am having an odd issue regarding SUF with one of my windows domain workstations that I really could use some help w... by jkastner New Member in Splunk Enterprise 08-14-2025 0 1	0	1
KVstore error output after splunk enterprise upgrade from 9.1.1 to 9.4.1 ./splunk cmd mongod -versionmongod: /splunk/lib/libcrypto.so.10: no version information available (required by mongod... by swamybhatta New Member in Splunk Enterprise 08-14-2025 0 7	0	7
KV Store Upgrade Failure from 4.17 to 7.x During Splunk Enterprise Indexer Upgrade from 9.3.2 to 9.4.x Environment:Product: Splunk Enterprise (Indexer)Deployment: On-premisesCurrent Version: 9.3.2Target Version: 9.4.x (t... by Narendra_Rao Loves-to-Learn Lots in Splunk Enterprise 08-13-2025 0 2	0	2
Does _internal report the expiration date of the certificate? We are in the process of updating the certificates and we go manually to check each one via the browser whether the c... by danielbb Motivator in Splunk Enterprise 08-13-2025 0 5	0	5
Issue with kvstore in version 9.4.3 Having issue with starting kvstore on 9.4.3 on RHEL8.x Error seen:ERROR CertStorageProvider [1067727 KVStoreConfigura... by sushilkar Explorer in Splunk Enterprise 08-13-2025 0 10	0	10
Supervisor error I upgraded Splunk Enterprise to 10.0.0, but the supervisor is not running.Checked the server.conf the supervisor is e... by Kevin0202 Engager in Splunk Enterprise 08-12-2025 0 4	0	4
How do I enable mTLS for the replication port on a Search Head Cluster? Please share your knowledge.Splunk 9.4referencehttps://docs.splunk.com/Documentation/Splunk/9.4.2/Admin/ServerconfI'm... by OGS Explorer in Splunk Enterprise 08-11-2025 0 4	0	4
Attempting to revert the SPLUNK_HOME ownership? This happens regardless of it I am installing fresh or upgrading to version 9.1.0.1an existing install. Every action ... by Skeer-Jamf Path Finder in Splunk Enterprise 08-11-2025 1 7	1	7
Why is my log routing via props.conf and transforms.conf not working? Route logs from combined_large.log to webapp1_index or webapp2_index based on log content ([webapp1] or [webapp2]).Se... by Shakeer_Spl Explorer in Splunk Enterprise 08-10-2025 0 5	0	5
[URGENT] All splunk forwarders upgraded to 10.0 version are crashing We upgraded from 9.4.3 to 10.0 and now all the splunk forwarders are crashing because of the splunk-winevtlog service... by hl Path Finder in Splunk Enterprise 08-08-2025 0 1	0	1
No Options for Downloadable PDFs on New Documents Portal We are looking to upgrade our Splunk instance to the latest version. I would like to download install manuals for Sp... by bz1 Engager in Splunk Enterprise 08-07-2025 1 3	1	3
Storage for DB Connect Checkpoint values HiWhere are the Checkpoint values for enabled DB Connect Inputs stored?I did check at folder:/opt/splunk/var/lib/splu... by altink Builder in Splunk Enterprise 08-07-2025 0 9	0	9
Updating splunk to 9.4.4 Hello everyone, could you help me.I have a splunk Heavy Forwarder server, version 8.1.14, it simply forwards data fro... by igor5212 Engager in Splunk Enterprise 08-07-2025 0 10	0	10
Support for OIDC Authentication Method Hello,I would like to know if there are any plans for Splunk to support OIDC (in addition to SAML)If so, is there a r... by stavush New Member in Splunk Enterprise 08-07-2025 0 3	0	3
Need to Splunk UF from 8.2.9 to 9.4.3 in AIX 7.2 Hi All,I need to upgrade the Splunk Universal Forwarder (UF) on AIX 7.2 from version 8.2.9 to 9.4.3. However, after a... by vis1519 Loves-to-Learn in Splunk Enterprise 08-06-2025 0 2	0	2
Show a count of all failures from VPN traffic Query: \| tstats count from datamodel=Network_Sessions.All_Sessions where nodename=All_Sessions.VPN action=failure vpn... by hl Path Finder in Splunk Enterprise 08-06-2025 0 5	0	5
Metric dimension truncation - 2048 character limit I'm trying to ingest some metrics with very long attribute values and the length of "<dim_name>::<dim_value>" seems t... by tlopes Engager in Splunk Enterprise 08-06-2025 0 2	0	2
Filtering out logs based on sourcetype I'm at a loss and hoping for an assist. Running a distributed Splunk instance, I used the Deployment Server to push p... by jessieb_83 Path Finder in Splunk Enterprise 08-05-2025 0 6	0	6
How to deal with extremely long values in table view? Hello everyone!I'm trying to create a table view of IIS logs.The main issue I've encountered is some very long URL fi... by NoSpaces Contributor in Splunk Enterprise 08-05-2025 0 7	0	7
Monitoring Trellix log I have a requirement to monitor log files created by Trellix on my windows 11 and 2019 hosts. The log files are locat... by sswigart Explorer in Splunk Enterprise 08-04-2025 0 6	0	6