Splunk Enterprise

Ask a Question

Discussions

Thread Info

How to configure UF to send data to splunk stand alone instance?

I am trying to send logs through UF to my Stand alone instance but data is not getting forwarded. I have UF install...

by Builder in

How to compare a field from different index and display multiple fields from both indexes?

I want to compare one field between two index. For example Field A. index A: Field A, Field B, Field C index B: F...

by Observer in

clarification with role inheritance needed

Hello, I am trying to create basic roles for my app, the corresponding authorize.conf looks as follows: # Ind...

by Builder in

DB Connect 3: not able to create output

Hello, I need to create a db output, however when I try to do this the option to choose schema and table are grayed...

by Builder in

How to read data from email in outlook and index it in splunk?

Hi, I have requirement where I have to read data from an email in outlook and index it in splunk. Every week afte...

by Builder in

[Smartstore] Can we change homepath or coldpath or path for DM acceleration post migration to remote store.

We would like to remove EBS volumes which were used for cold store and DM summary Docs is not overly clear on the r...

by Splunk Employee in

Windows Event Index redirects

Trying to route windows application logs to correct index based on event data. The scenario I have XmlWinEventLogs co...

by Engager in

Question on a Splunk Searchhead app and distsearch.conf

Hi! I am looking to try to standardize my configuration across my Search Head Cluster. I have 15 Search Heads, and wh...

by Communicator in

Event annotation for the min and max value of a field

Hey everyone. I have never tried creating event annotation before so i am not able to grasp it properly. I want to...

by Explorer in

.conf20 Splunk Platform Announcements

What were the new Splunk platform announcements made at .conf20?

by Splunk Employee in

Python upgrade

Hi at all, probably it's an already asked question but I cannot find the correct one: I upgraded Splunk to 8.0.2 on m...

by SplunkTrust in

Regarding extracting show source code from an event

I want to know how can I extract show source code from event action type. I tried using _raw and and rex command. I e...

by Observer in

Insight into Citrix VDI

Has anyone been able to track "unintended" disconnections from Citrix VDI with Splunk? We have a DB Connection to the...

by Engager in

Does Splunk support SSL Certificate SAN (Subject Alternative Name)

We have scenario where we run a indexer cluster with 10+ indexers and the Universal Forwarders send data to all these...

by Explorer in

In searchhead cluster with six machines, only one SH machine is not giving results for a particular app.

In searchhead cluster with six machines, only one SH machine is not giving results for a particular app. We hav...

by Path Finder in

Settings for upgrade ufw app

hi all,Has anyone able to get the upgrade ufw app for windows to work? I get a message in the logs saying it started...

by Loves-to-Learn in

Upgrade 300 Forwarders to latest version

Hello plp. At the moment i need to upgrade a bunch of Ufs (linux and windows), from versions 6 & 7 to 8.0. I have se...

by Loves-to-Learn Lots in

How to correlate two diferent searches into one event

Hi guys, I need to configure an alert when people access as root in a server and for that I have two types of events:...

by Explorer in

Adding attributes to existing event

Hi all, Does anyone know of any way to update an event in Splunk? so far what my searches brought me was reindexi...

by Loves-to-Learn in

Splunk 8.1.0 tags are unreliable

Hi,I just upgraded our Splunk server to 8.1.0 and after a while realized some of our good old searches utilized in a...

by Communicator in

AppInspect Time for Approval

I would like to pubblish an app on the Splunkbase and I would like to know how long it takes to get the approval afte...

by Engager in

how to change the fields in the dashboard for splunk

Hi, In this dashboard ,i want the changing fields and coloumn. For example I want the " planned_AB_ECD1" Besi...

by Loves-to-Learn in

Which Splunk version is supported on AZURE platform/premises?

We are planning to deploy our splunk enterprise into Azure Premises. Which Splunk version is supported in Azure pla...

by Builder in

Changing default conversion provided by Splunk for the UI language does not work in case of navigation menus

Hi, I'm trying to internationalize the Splunk Web user interface by adding support for languages such as Japanese, ...

by Path Finder in

AWS WAF logs SQL Injection Splunk Query

Hello, Integrated the AWS WAF logs to Splunk, now we need to monitor the Splunk SQL Injection and Cross-Site Script...

by Path Finder in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

How to configure UF to send data to splunk stand alone instance?

How to compare a field from different index and display multiple fields from both indexes?

clarification with role inheritance needed

DB Connect 3: not able to create output

How to read data from email in outlook and index it in splunk?

[Smartstore] Can we change homepath or coldpath or path for DM acceleration post migration to remote store.

Windows Event Index redirects

Question on a Splunk Searchhead app and distsearch.conf

Event annotation for the min and max value of a field

.conf20 Splunk Platform Announcements

Python upgrade

Regarding extracting show source code from an event

Insight into Citrix VDI

Does Splunk support SSL Certificate SAN (Subject Alternative Name)

In searchhead cluster with six machines, only one SH machine is not giving results for a particular app.

Settings for upgrade ufw app

Upgrade 300 Forwarders to latest version

How to correlate two diferent searches into one event

Adding attributes to existing event

Splunk 8.1.0 tags are unreliable

AppInspect Time for Approval

how to change the fields in the dashboard for splunk

Which Splunk version is supported on AZURE platform/premises?

Changing default conversion provided by Splunk for the UI language does not work in case of navigation menus

AWS WAF logs SQL Injection Splunk Query

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

How to Monitor Google Kubernetes Engine (GKE)

Index This | How can you make 45 using only 4?

Splunk forwarder is not validating ExtendedKeyUsag...

Splunk UBA Anomalies and Threats

mothership not sending retrieved data to index

Wich Ciber Vision version supports the API realeas...

Classic Dashboard - need line breaks in select cel...