Splunk Enterprise

Community Activity

Replicate Splunk dashboard using internal logs Hi All,I have a use case where I want to check the total number of files in Linux that Splunk uses. I was able to get... by _pravin Contributor in Splunk Enterprise 4 weeks ago 0 5	0	5
Improve indexing thruput if replication queue is full. Here are the configs for on-prem customers willing to apply and avoid adding more hardware cost.9.4.0 and above most ... by hrawat Splunk Employee in Splunk Enterprise a month ago 2 5	2	5
License manager connections What is the maximum grace period for a Splunk cluster to remain functional once the connection to the License Manager... by manhdt Explorer in Splunk Enterprise a month ago 0 3	0	3
How do I check that the UFs are being used? I have Cribl Workers running and UFs running on the same machine, I see by tailing splunkd.log that we are not sendin... by LovingSplunk Path Finder in Splunk Enterprise a month ago 0 5	0	5
SSL vulnerabilities Hi Splunk, Could you please help me to resolve the below mentioned vulnerability.SynopsisThe remote service encrypts ... by Pooja1 Loves-to-Learn Everything in Splunk Enterprise a month ago 0 10	0	10
Regarding rex in SPL2 supports raw string literals. Dear Splunk Gurus, Pls find these lines in the given page below:Differences between SPL and SPL2The differences betwe... by inventsekar SplunkTrust in Splunk Enterprise 05-09-2026 0 3	0	3
Is CIM 6.4.0 compatible with ES 7.3.2 on Splunk Enterprise 9.4.x? QuestionWe are running Splunk Enterprise 9.4.7 with Splunk Enterprise Security (ES) 7.3.2 and want to upgrade the bun... by ParsaIsHash Explorer in Splunk Enterprise 05-08-2026 1 2	1	2
Metadata token inside macro Hello,I have a requirement where I need to have the name of the current running saved search available to itself. And... by akai Explorer in Splunk Enterprise 05-07-2026 0 1	0	1
fresh splunk installation, acccept license gives warning Hi there, On a windows desktop, installed a virtualbox and ubuntu 24 and downloaded splunk 10.2.3 using the deb packa... by inventsekar SplunkTrust in Splunk Enterprise 05-06-2026 0 4	0	4
What is this error "Socket error from [Search Head IP] while accessing /services/streams/search: broken pipe"? I have recently run into an issue with multiple "WARN HttpListener [HttpDedicatedIoThread:0] Socket error from [Sear... by jencot01 Explorer in Splunk Enterprise 05-06-2026 0 8	0	8
Logs not ingested into Indexer Logs are not getting ingested into my Indexers.Suspecting it could be due to my logs are getting rotated i.e. Zipped ... by RAVISHANKAR Explorer in Splunk Enterprise 05-06-2026 0 5	0	5
Is there an example/advice on some SPL for tracking down users running AD-HOC searches that search on all indexes? Hello, Could anyone offer an example/advice on some SPL for tracking down users running AD-HOC searches that search o... by cass_major Engager in Splunk Enterprise 05-05-2026 0 4	0	4
extract time with sc4s Hello, I hope you are well. I’m having some issues with log parsing on the rsyslog side.Let me explain: I’m working w... by anissabnk Path Finder in Splunk Enterprise 05-04-2026 0 6	0	6
Not able to upgrade Splunk Ent. 10.2.1 -->10.2.2 / 10.2.3 - on Windows 2019 Hi,I am not able to upgrade Splunk Ent. (dev10.2.1 --> 10.2.2 or 10.2.3 - on Windows 2019. Since 10.2.1 I am not able... by apietersen Contributor in Splunk Enterprise 05-04-2026 1 3	1	3
Has anyone successfully configured webhook alerts to use an HTTPS proxy on Splunk 9.4? Webhook alert actions are failing withurlopen error [Errno 101] Network is unreachableProxy settings added to:server.... by beataficek Explorer in Splunk Enterprise 05-03-2026 0 1	0	1
postgres update i am getting on vulnerability on one of the servers . how can i upgrade it. by SiddhatNegi Engager in Splunk Enterprise 05-01-2026 0 8	0	8
Splunk URL is not correct for my Splunk Alerts Splunk URL contains only the hostname in all my Splunk alerts and it's not reproducing the correct URL instead it's j... by RAVISHANKAR Explorer in Splunk Enterprise 05-01-2026 0 3	0	3
SPLUNK UF on WIN7 32 bit System Hi, I'm attempting to install the latest SPLUNK UF on a WIN7 32bit system, which cant be upgraded. Every time I try t... by andrew_lander New Member in Splunk Enterprise 04-30-2026 0 4	0	4
Are there any restrictions on the free Cribl license? Not sure if I can post this question here, but Cribl is a complementary product. Our current license is at 5 TB quota... by LovingSplunk Path Finder in Splunk Enterprise 04-30-2026 0 4	0	4
Best practice for archiving frozen data I am in the process of pulling together a design for a new Splunk deployment.The deployment will be on the small side... by mike_k Path Finder in Splunk Enterprise 04-27-2026 0 5	0	5
Offline Documentation? New to splunk... I am installing it on an ISOLATED and OFFLINE Network, as such I cannot go to help.splunk.com to loo... by Ish42 Engager in Splunk Enterprise 04-27-2026 1 3	1	3
Passing search results to a python script in alert_actions Hi all,I'm trying to execute a script in a scheduled Alerts, when results of a search are greater than 0.I've created... by fabrizioalleva Path Finder in Splunk Enterprise 04-27-2026 0 2	0	2
internal index always exceed the Max Size defined Hello there,I have an issue with the internal index of my indexers (_audit, _introspection, _metrics) because, for an... by spoonmaniac Explorer in Splunk Enterprise 04-27-2026 0 8	0	8
Correct syntax for new WinEventLog Entry I have been given the task to insert or attempt to insert Event Logs from Applications and Service Logs.Im assuming ... by sgabriel62 Engager in Splunk Enterprise 04-25-2026 0 2	0	2
Architecture: criteria for number of Indexers estimation Hi Splunkers, I'm curious about a sizing issue: deciding the number of Indexers.I've addressed this topic many times,... by SplunkExplorer Contributor in Splunk Enterprise 04-24-2026 1 9	1	9