Splunk Enterprise

Discussions

Thread Info

Splunk website monitoring Thread limit reached

Hello all,We have encountered a performance issue with our website monitoring inputs. It appears that the thread limi...

by Engager in

version `GLIBC_2.25' not found (required by /opt/splunk/bin/temp_splunk-preinstall)

Dear fellas, I am trying to upgrade the Splunk Enterprise from version 9.4.3 to 10.0.0 but i face these errors whic...

by Explorer in

Apps -> Manage Apps now Requires license feature='Auth' after upgrade to Splunk 10.0.0 from 9.4.3

Requires license feature='Auth' now showing up after upgrading from Spunk Enterprise from 9.4.3 to 10.0.0. I had the ...

by Explorer in

static list of released Splunk versions

We have automation which compares installed versions of Splunk (universal forwarder mostly, but other instances) with...

by Explorer in

Splunk Deployment Server - Linux /var/log/secure

Hello, Through deployment server i am able to update inputs.conf on linux client.I want to ingest /var/log/secure l...

by Loves-to-Learn Lots in

How to get the hook when disabling or deleting the inputs in splunk add on

I have developed splunk python add on using splunk ucc. Here I have a handling needed when input got disabled or dele...

by Loves-to-Learn Lots in

message "did not match any allowed names" is output to splunkd.log.

Splunk 9.4.2 I'm investigating communication between the LicenseMaster and Indexer (LMTracker).Please tell me about...

by Explorer in

Adding an additional Index Peer to an Indexer Cluster

Hi Guys, We are about to expand an Indexing Cluster from 2 to 3 with an additional Index peer. The process is pre...

by Engager in

upgrade to kvstore v7 impossible on MacOS?!

Hi all, When upgrading from v9.4.1 to a newer version (including 10) on MacOS (arm) i receive the error message: ...

by Builder in

Splunk Enterprise version upgrade from 8.2 to 9.0 guidance

Dear All, As a splunk Admin , i have a earlier experience of doing upgradation from splunk enterprise version 9.1 to ...

by Explorer in

How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED___default-autolb-grou

Hi everybody ! How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING...

by Explorer in

Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca."

Splunk 9.4Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown...

by Explorer in

The is_risky parameter not working as expected

We're trying to suppress the warnings for reports that use dbxlookup command to enrich data in the report. We have a...

by Explorer in

Universal Forwarder only forwarding select logs

I am having an odd issue regarding SUF with one of my windows domain workstations that I really could use some help w...

by New Member in

Purchasing Splunk Enterprisse at Vietnam

I'm going to buy license Splunk at Vietnam but I didn't find anything to buy it. Please help me give any contract?

by Explorer in

KVstore error output after splunk enterprise upgrade from 9.1.1 to 9.4.1

./splunk cmd mongod -version mongod: /splunk/lib/libcrypto.so.10: no version information available (required by mon...

by New Member in

KV Store Upgrade Failure from 4.17 to 7.x During Splunk Enterprise Indexer Upgrade from 9.3.2 to 9.4.x

Environment: Product: Splunk Enterprise (Indexer)Deployment: On-premisesCurrent Version: 9.3.2Target Version: 9.4.x...

by Loves-to-Learn Lots in

Does _internal report the expiration date of the certificate?

We are in the process of updating the certificates and we go manually to check each one via the browser whether the c...

by Motivator in

Issue with kvstore in version 9.4.3

Having issue with starting kvstore on 9.4.3 on RHEL8.x Error seen: ERROR CertStorageProvider [1067727 KVStore...

by Explorer in

Supervisor error

I upgraded Splunk Enterprise to 10.0.0, but the supervisor is not running. Checked the server.conf the super...

by Engager in

How do I enable mTLS for the replication port on a Search Head Cluster?

Please share your knowledge. Splunk 9.4 referencehttps://docs.splunk.com/Documentation/Splunk/9.4.2/Admin/Serverc...

by Explorer in

Attempting to revert the SPLUNK_HOME ownership?

This happens regardless of it I am installing fresh or upgrading to version 9.1.0.1an existing install. Every action ...

by Path Finder in

Why is my log routing via props.conf and transforms.conf not working?

Route logs from combined_large.log to webapp1_index or webapp2_index based on log content ([webapp1] or [webapp2]). ...

by Explorer in

[URGENT] All splunk forwarders upgraded to 10.0 version are crashing

We upgraded from 9.4.3 to 10.0 and now all the splunk forwarders are crashing because of the splunk-winevtlog service...

by Path Finder in

No Options for Downloadable PDFs on New Documents Portal

We are looking to upgrade our Splunk instance to the latest version. I would like to download install manuals for Sp...

by Loves-to-Learn Lots in

Get Updates on the Splunk Community!

Splunk Enterprise

Discussions

Splunk website monitoring Thread limit reached

version `GLIBC_2.25' not found (required by /opt/splunk/bin/temp_splunk-preinstall)

Apps -> Manage Apps now Requires license feature='Auth' after upgrade to Splunk 10.0.0 from 9.4.3

static list of released Splunk versions

Splunk Deployment Server - Linux /var/log/secure

How to get the hook when disabling or deleting the inputs in splunk add on

message "did not match any allowed names" is output to splunkd.log.

Adding an additional Index Peer to an Indexer Cluster

upgrade to kvstore v7 impossible on MacOS?!

Splunk Enterprise version upgrade from 8.2 to 9.0 guidance

How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED___default-autolb-grou

Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca."

The is_risky parameter not working as expected

Universal Forwarder only forwarding select logs

Purchasing Splunk Enterprisse at Vietnam

KVstore error output after splunk enterprise upgrade from 9.1.1 to 9.4.1

KV Store Upgrade Failure from 4.17 to 7.x During Splunk Enterprise Indexer Upgrade from 9.3.2 to 9.4.x

Does _internal report the expiration date of the certificate?

Issue with kvstore in version 9.4.3

Supervisor error

How do I enable mTLS for the replication port on a Search Head Cluster?

Attempting to revert the SPLUNK_HOME ownership?

Why is my log routing via props.conf and transforms.conf not working?

[URGENT] All splunk forwarders upgraded to 10.0 version are crashing

No Options for Downloadable PDFs on New Documents Portal

Celebrating Fast Lane: 2025 Authorized Learning Partner of the Year

Tech Talk Recap | Mastering Threat Hunting

Observability for AI Applications: Troubleshooting Latency

cgroup error when Splunk Universal Forwarder v9.4....

AI toolkit app 2890

Assistance Needed: Pulling Data from Splunk Enterp...

issue on splunk deployment server forwarder manage...

Deployment Manager フォワーダー管理でエージェントが表示されない

Splunk Enterprise

Are you a member of the Splunk Community?

Discussions