Splunk Enterprise

Community Activity

Splunk Deployment Server - Linux /var/log/secure Hello,Through deployment server i am able to update inputs.conf on linux client.I want to ingest /var/log/secure log ... by RAVISHANKAR Loves-to-Learn Lots in Splunk Enterprise 08-19-2025 0 2	0	2
How to get the hook when disabling or deleting the inputs in splunk add on I have developed splunk python add on using splunk ucc. Here I have a handling needed when input got disabled or dele... by TestUser Loves-to-Learn Lots in Splunk Enterprise 08-19-2025 0 1	0	1
message "did not match any allowed names" is output to splunkd.log. Splunk 9.4.2I'm investigating communication between the LicenseMaster and Indexer (LMTracker).Please tell me about SA... by OGS Explorer in Splunk Enterprise 08-18-2025 0 6	0	6
Adding an additional Index Peer to an Indexer Cluster Hi Guys,We are about to expand an Indexing Cluster from 2 to 3 with an additional Index peer.The process is pretty cl... by MakszimM Engager in Splunk Enterprise 08-17-2025 0 4	0	4
upgrade to kvstore v7 impossible on MacOS?! Hi all,When upgrading from v9.4.1 to a newer version (including 10) on MacOS (arm) i receive the error message:-> Cur... by schose Builder in Splunk Enterprise 08-15-2025 1 6	1	6
Splunk Enterprise version upgrade from 8.2 to 9.0 guidance Dear All, As a splunk Admin , i have a earlier experience of doing upgradation from splunk enterprise version 9.1 to ... by AsmaF2025 Explorer in Splunk Enterprise 08-15-2025 0 5	0	5
How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED___default-autolb-grou Hi everybody ! How to solve this problem >Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED___d... by idris_tester Explorer in Splunk Enterprise 08-15-2025 0 9	0	9
Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca." Splunk 9.4Running splunk list forward-server returns "error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown... by OGS Explorer in Splunk Enterprise 08-14-2025 0 2	0	2
The is_risky parameter not working as expected We're trying to suppress the warnings for reports that use dbxlookup command to enrich data in the report. We have a... by BradOH Path Finder in Splunk Enterprise 08-14-2025 0 11	0	11
Universal Forwarder only forwarding select logs I am having an odd issue regarding SUF with one of my windows domain workstations that I really could use some help w... by jkastner New Member in Splunk Enterprise 08-14-2025 0 1	0	1
Purchasing Splunk Enterprisse at Vietnam I'm going to buy license Splunk at Vietnam but I didn't find anything to buy it. Please help me give any contract? by phupn1510 Explorer in Splunk Enterprise 08-14-2025 0 5	0	5
KVstore error output after splunk enterprise upgrade from 9.1.1 to 9.4.1 ./splunk cmd mongod -versionmongod: /splunk/lib/libcrypto.so.10: no version information available (required by mongod... by swamybhatta New Member in Splunk Enterprise 08-14-2025 0 7	0	7
KV Store Upgrade Failure from 4.17 to 7.x During Splunk Enterprise Indexer Upgrade from 9.3.2 to 9.4.x Environment:Product: Splunk Enterprise (Indexer)Deployment: On-premisesCurrent Version: 9.3.2Target Version: 9.4.x (t... by Narendra_Rao Loves-to-Learn Lots in Splunk Enterprise 08-13-2025 0 2	0	2
Does _internal report the expiration date of the certificate? We are in the process of updating the certificates and we go manually to check each one via the browser whether the c... by danielbb Motivator in Splunk Enterprise 08-13-2025 0 5	0	5
Issue with kvstore in version 9.4.3 Having issue with starting kvstore on 9.4.3 on RHEL8.x Error seen:ERROR CertStorageProvider [1067727 KVStoreConfigura... by sushilkar Explorer in Splunk Enterprise 08-13-2025 0 10	0	10
Supervisor error I upgraded Splunk Enterprise to 10.0.0, but the supervisor is not running.Checked the server.conf the supervisor is e... by Kevin0202 Engager in Splunk Enterprise 08-12-2025 0 4	0	4
How do I enable mTLS for the replication port on a Search Head Cluster? Please share your knowledge.Splunk 9.4referencehttps://docs.splunk.com/Documentation/Splunk/9.4.2/Admin/ServerconfI'm... by OGS Explorer in Splunk Enterprise 08-11-2025 0 4	0	4
Attempting to revert the SPLUNK_HOME ownership? This happens regardless of it I am installing fresh or upgrading to version 9.1.0.1an existing install. Every action ... by Skeer-Jamf Path Finder in Splunk Enterprise 08-11-2025 1 7	1	7
Why is my log routing via props.conf and transforms.conf not working? Route logs from combined_large.log to webapp1_index or webapp2_index based on log content ([webapp1] or [webapp2]).Se... by Shakeer_Spl Explorer in Splunk Enterprise 08-10-2025 0 5	0	5
[URGENT] All splunk forwarders upgraded to 10.0 version are crashing We upgraded from 9.4.3 to 10.0 and now all the splunk forwarders are crashing because of the splunk-winevtlog service... by hl Path Finder in Splunk Enterprise 08-08-2025 0 1	0	1
No Options for Downloadable PDFs on New Documents Portal We are looking to upgrade our Splunk instance to the latest version. I would like to download install manuals for Sp... by bz1 Loves-to-Learn Lots in Splunk Enterprise 08-07-2025 0 3	0	3
Storage for DB Connect Checkpoint values HiWhere are the Checkpoint values for enabled DB Connect Inputs stored?I did check at folder:/opt/splunk/var/lib/splu... by altink Builder in Splunk Enterprise 08-07-2025 0 9	0	9
Updating splunk to 9.4.4 Hello everyone, could you help me.I have a splunk Heavy Forwarder server, version 8.1.14, it simply forwards data fro... by igor5212 Engager in Splunk Enterprise 08-07-2025 0 10	0	10
Support for OIDC Authentication Method Hello,I would like to know if there are any plans for Splunk to support OIDC (in addition to SAML)If so, is there a r... by stavush New Member in Splunk Enterprise 08-07-2025 0 3	0	3
Need to Splunk UF from 8.2.9 to 9.4.3 in AIX 7.2 Hi All,I need to upgrade the Splunk Universal Forwarder (UF) on AIX 7.2 from version 8.2.9 to 9.4.3. However, after a... by vis1519 Loves-to-Learn in Splunk Enterprise 08-06-2025 0 2	0	2