Splunk Enterprise

Discussions

Thread Info

Can I login to Splunk Light with Active Directory credentials?

Is it possible to login to Splunk Light using Active Directory credentials, or am I limited to login accounts that I ...

by New Member in

Format different dates in Splunk 7.1.1

We have a Field, say, XYZ with date-time values but format for all values is not same. For some values format is "MM/...

by Communicator in

How to sort severity in search?

Hello all, I am very new to Splunk and I am looking to sort by the following command: index=server-farm Risk=C...

by New Member in

Fixup Status Message is "Waiting 'target_wait_time' before search factor fixup", but target_wait_time setting is much less than Time in Fixup

In Splunk 7.1.0 with Multi-site Index Cluster, I have a bucket that has been pending fixup for more than 1 hour. The ...

by Path Finder in

What is MSICreated app in splunk. how it is created and its use

Hi , someone please answer on this. I see "MSICreated" app created on some splunkforwaders. But, I was not ther...

by Explorer in

change text color of the field name/ Hide field name

Hello Guys, I have a field named count, when displaying in the donut visualization, field name count is also displ...

by Explorer in

How to remove characters from the end of a field?

I have a file called "HelpDeskUsers" I would like to remove the names from the end of the field. HelpDesk Users...

by Path Finder in

Main differences between Splunk Enterprise and Splunk Cloud

Currently we have an all On-Prem Splunk enterprise environment. From an administration perspective what is the differ...

by Communicator in

How to push updates from SH deployer and Index Cluster master?

I had to update a props.conf and I am trying to push it via my Index cluster master and my sh cluster deployer. w...

by Path Finder in

Can we monitor the swap space usage on the forwarder?

We had a couple of cases recently, in which the swap space usage was very high on several Linux servers. Is it possib...

by Ultra Champion in

How do I limit an app to only search one cluster if the SH is connected to several clusters

Currently on 7.1.0 and I have two separate index clusters with different data and purpose, lets name them A and B. I ...

by Explorer in

I can not activate a free version of splunk light.

I can not activate a free version of splunk light. When I log in, I receive a message that the test time has expir...

by Explorer in

Universal forwarderからのログの受信設定について

現在Universal forwarderからindex&Search用Splunkへファイアウォールのログを転送しています。受信側（index&Search）にsourcetypeとindexを指定してログを取り込むよう設定したの...

by New Member in

Splunk Universal Forwarder with WebSphere App Server

I'm confused by the documentation. In some places it says you need a Heavy Forwarder to use the WAS app, yet in the r...

by Path Finder in

Do i create indexs on Search head or on each indexer on non cluster envioment

Hi, We have a indexer{2 indexers] in our environment, 2 fowarder and 1 search heads. If we create indexes on a sea...

by Explorer in

Splunk Drill Down Option Issue

Hi , I am trying to create a dashboard for Error OR fail* from application logs. There are three hosts from where ...

by New Member in

Active Directory – Failed Login Events - SPL – Which is most efficient and why?

Community, New to Splunk, first post, your patience is appreciated. Also, thank you in advance. This post is fo...

by New Member in

Does Splunk use .spec files?

May I know whether .spec files used just for user information or they will also be used by Splunk processes? Having ....

by Contributor in

Search Head getting crashed

Our Primary search head got crashed twice today. When cross verified we found out this is the error message in Crash....

by Path Finder in

Why can I not access the web management interface?

I use Splunk OVA on Vmware environment. I following to setup http://docs.splunk.com/Documentation/OVAVMW/3.4.2/OVADCN...

by New Member in

How can update splunk agent

I can't find any information at docs.splunk how can update agents at machines. Sometime ago I found post where wrote ...

by Path Finder in

Getting "Your Session is Invalid. Please login" when running splunk command

Hi all, I'm running into the error "Your session is invalid. Please login." everytime I try to run a "splunk" comm...

by Engager in

Splunk Universal Forwarder 7.0.1

Where can I get Splunk Universal Forwarder download for 7.0.1? Can I just use the latest release 7.1.2?

by New Member in

Monitoring specific services

Relatively newbie on Splunk and trying to monitor specific services on windows boxes that run a Universal Forwarder. ...

by Explorer in

How to collect citrix events for splunk enterprise?

Hello everyone I work in a citrix service and i need to collect all the citrix events with a forwarder. My forwarder ...

by New Member in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

Can I login to Splunk Light with Active Directory credentials?

Format different dates in Splunk 7.1.1

How to sort severity in search?

Fixup Status Message is "Waiting 'target_wait_time' before search factor fixup", but target_wait_time setting is much less than Time in Fixup

What is MSICreated app in splunk. how it is created and its use

change text color of the field name/ Hide field name

How to remove characters from the end of a field?

Main differences between Splunk Enterprise and Splunk Cloud

How to push updates from SH deployer and Index Cluster master?

Can we monitor the swap space usage on the forwarder?

How do I limit an app to only search one cluster if the SH is connected to several clusters

I can not activate a free version of splunk light.

Universal forwarderからのログの受信設定について

Splunk Universal Forwarder with WebSphere App Server

Do i create indexs on Search head or on each indexer on non cluster envioment

Splunk Drill Down Option Issue

Active Directory – Failed Login Events - SPL – Which is most efficient and why?

Does Splunk use .spec files?

Search Head getting crashed

Why can I not access the web management interface?

How can update splunk agent

Getting "Your Session is Invalid. Please login" when running splunk command

Splunk Universal Forwarder 7.0.1

Monitoring specific services

How to collect citrix events for splunk enterprise?

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

Explore the Latest Educational Offerings from Splunk (November Releases)

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

Does splunkd service sends a signal to the data in...

AWS　SES　alart　mail　cant　sendding

Error when using DSDL app - [mlspl.MLTKContainer] ...

Splunk Add-on for Microsoft Cloud Services - Sourc...

Azure Firewall Logs Issue