Splunk Enterprise

Community Activity

Is it impossible to apply SSL to HEC in the Splunk trial version Is it impossible to apply SSL to HEC in the Splunk trial version? by kwangwon New Member in Splunk Enterprise 12-17-2024 0 2	0	2
Getting "Action forbidden" error when going to "https:///en-US/app/search/analytics_workspace" on Splunk Cloud Hello,Getting Action forbidden error when going to "https://<hostname>/en-US/app/search/analytics_workspace" on Splun... by rahusri2 Path Finder in Splunk Enterprise 12-17-2024 0 2	0	2
Drill-down Search Earliest Latest Offset When I edit a correlation search, I want to configure the time of the drill-down search. If I put "1h" in the form "E... by Splunk_Fabi Observer in Splunk Enterprise 12-17-2024 0 1	0	1
Validate and Check Restart Does Not Update Bundle Hello Splunk Community,I am running Splunk Enterprise Version: 9.2.3Steps to reproduce:Make a config change to an app... by SplunkNinja Path Finder in Splunk Enterprise 12-17-2024 0 3	0	3
Setup M365 Index on Indexer Cluster with two Searchheads (normal and ES) Hello,We have a Splunk indexer cluster with two searchheads and would like to use the addon in the cluster: https://s... by Serial98 Explorer in Splunk Enterprise 12-17-2024 0 6	0	6
Support for Splunk Enterprise on Amazon Linux 2023 (6.x kernel) Current version of Splunk Enterprise on Linux supports several flavors of 5.x kernel, but does not seem to support 6.... by mmeytin Engager in Splunk Enterprise 12-16-2024 1 2	1	2
Indexer Cluster Migration to VM with different OS Hello, We have an multisite indexer cluster with Splunk Enterprise 9.1.2 running in Red-hat 7 VMs and we need to migr... by aguilard Explorer in Splunk Enterprise 12-16-2024 0 4	0	4
Unable to Access on Splunk Enterprise Hello,I have an issue where I was part of multiple roles on Splunk Enterprise and Splunk Enterprise Security, the sam... by Roy_9 Motivator in Splunk Enterprise 12-16-2024 0 1	0	1
Errors After Upgrading Splunk from 9.1.1 to Latest Version Hi Splunk Community,I recently upgraded my Splunk environment from version 9.1.1 to the latest version. After the up... by BRFZ Communicator in Splunk Enterprise 12-16-2024 0 1	0	1
Azure Firewall Logs Issue Hi Splunk Community,I’ve set up Azure Firewall logging, selecting all firewall logs and archiving them to a storage a... by MeWoW Loves-to-Learn Lots in Splunk Enterprise 12-16-2024 0 4	0	4
Is it possible to store events coming from the same source in different indexes, depending on their content? Hi,Perhaps this question has been asked before... Is it possible to store events coming from the same source in diff... by michaje Explorer in Splunk Enterprise 12-16-2024 0 5	0	5
how to automatically change index name in all the searches it is using Hi i initially created a index name with XYZ and there are around 60 reports alerts and 15 dashboard created on this ... by deepthi5 Path Finder in Splunk Enterprise 12-15-2024 0 3	0	3
Upgrade to 9.3.2 appears to have broken my installation Hi all, I was upgrading Splunk Enterprise from 9.0.x to 9.2.4 and then 9.3.2. When I try to restart the Splunk Servic... by zarchitect New Member in Splunk Enterprise 12-13-2024 0 5	0	5
SAML Login problem: Saml response does not contain group information. Hello. I am trying to get SAML authentication working on Splunk Enterprise using our local IdP, which is SAML 2.0 com... by Branden Builder in Splunk Enterprise 12-13-2024 0 2	0	2
Splunk Windows Migration Universal Forwarders Hello,Bit of a novice here.I am in the process of planning to migrate a Splunk universal forwarder from one windows s... by Hashtables New Member in Splunk Enterprise 12-13-2024 0 3	0	3
A question about installing and configuring Splunk Enterprise on Windows server before start ingesting data I just installed Splunk Enterprise on Windows Server 2022. I am able to access web gui. At this point, do i need make... by jkamdar Communicator in Splunk Enterprise 12-12-2024 0 3	0	3
Custom alert trigger count range I want my alert to trigger when the result count is between 250 and 500, trying to use the custom trigger condition i... by jwv Explorer in Splunk Enterprise 12-11-2024 0 5	0	5
Is there a reason why the Upgrade Readiness App does not scan deployment-apps? In the Splunk URA, it says that it includes the /etc/apps and /etc/peer-apps folders in the scans, but it does not in... by BlueSocket Contributor in Splunk Enterprise 12-11-2024 0 4	0	4
Can we still search data with expired license on multisite cluster with smartstore? Hey folks, been a while - I have a question I figured community would be better to answer: We have a multisite cluste... by johnansett Communicator in Splunk Enterprise 12-10-2024 0 3	0	3
How does Splunk handle the frozen storage ? Hello, My index configuration is provided below, but I have a question regarding frozenTimePeriodInSecs = 7776000. I ... by hazem Path Finder in Splunk Enterprise 12-09-2024 0 5	0	5
Scheduled search with only \| inputlookup in the search returns zero results I created a scheduled search that reads 2 input lookup csv files. It returns zero results when I look at the "View Re... by SteveBowser Explorer in Splunk Enterprise 12-09-2024 0 5	0	5
SPL to find KOs ? Hello community, I want to make it efficient when offboarding with clients. Is there an spl to find ALL of the KO's c... by Kenny_splunk Path Finder in Splunk Enterprise 12-09-2024 0 2	0	2
Internal server Error when exposing 8089 port for splunkd rest API with an ingress. I have been trying to set up splunk on my Kubernetes cluster so i can use it with a python script to access the rest ... by shail Loves-to-Learn in Splunk Enterprise 12-09-2024 0 2	0	2
Replace values of host, before indexing, with data from event Hi everyone,I’m currently working on extracting the webaclId field from AWS WAF logs and setting it as the host metad... by nuaraujo Path Finder in Splunk Enterprise 12-09-2024 1 2	1	2
Can not access splunk console at first time installed on EC2 I downloaded splunk Enterprise on EC2 at /opt folder using tgz file. unzipped it using tar. then started it on port n... by shivprasad New Member in Splunk Enterprise 12-09-2024 0 3	0	3