Clayton Homes faced the increased challenge of strengthening their security posture as they went through rapid digital transformation. The challenge was further exacerbated by the hybrid cloud reality as Clayton Homes moved more deployments to the cloud. They wanted a better way to build a secure and more resilient digital world while migrating to the cloud. Join us in this webinar to hear from Clayton Homes on how to build scalable security while moving to the cloud successfully and efficiently with Splunk. By deploying Splunk Enterprise Security, a data-centric modern information and event management (SIEM) solution in the cloud, Clayton Homes was able to detect and respond to threats quickly. Hear how Splunk enabled Clayton Homes to gain end-to-end visibility across their IT environment with Splunk Cloud Platform without the need to purchase, manage or deploy infrastructure. In the webinar you will learn more from Clayton Homes on the best practices for: Migrating on-prem deployments to the cloud with success Harnessing data-driven insights with scalable security to protect your business and mitigate risks Building a solid foundation for your hybrid cloud with the right tools, expertise and services from Splunk Register Now!

Can an alert be run from a specific Search Head in a clustered environment?  We would like to configure report from a specific search head that is in the clustered environment, and we dont want the report to be replicated across all of the SH's.  Can we force to run the report from specific SH based on the app?  Thanks, Dhana

Hi Team, Not able to see the ABAP system details in AppDynamics Controller. Getting the below error. HTTP server yourcompany.saas.appdynamics.com (URI '/controller/rest/applications') responded with status code 500 (Connection Broken) Regards, Giridhar ^ Post edited by @Ryan.Paredez minor formatting changes

Hi,   I found a problem in Splunk DB connect when I tried to add a new input. I can add new connections and the current inputs are working. But when I try to add new input or try to use the “SQL Explorer” after choosing connection I get a “Cannot get schemas“ error message. In the _internal index I found this error message: „Unable to get schemas metadata java.sql.SQLException: Non supported character set (add orai18n.jar in your classpath): EE8ISO8859P2” After this I updated DB Connect and the Oracle JDBC drivers but it did not help. I consulted our DB admins. As it turned out these DBs really differ when it comes to character encoding (EE8ISO8859P2 vs. UTF8). Of course the orai18n.jar file is there with the driver. I found this in the documentation: https://docs.splunk.com/Documentation/DBX/3.14.1/DeployDBX/Troubleshooting#Unicode_decode_errors "Splunk DB Connect requires you to set up your database connection to return results encoded in UTF-8. Consult your database vendor's documentation for instructions about how to do this." Is it possible that DB Connect can only handle Oracle DB with UTF-8 encoding?   Thanks, László  

Hi,  my logs do not appear in the index and in splunkd.log i get the following error   09-21-2023 16:36:40.693 +0200 INFO AutoLoadBalancedConnectionStrategy [7698 TcpOutEloop] - Connected to idx=xx.xx.xx.xx:16313, pset=0, reuse=0. using ACK. 09-21-2023 16:36:48.003 +0200 INFO TailReader [7705 tailreader0] - Batch input finished reading file='/opt/splunkforwarder/var/spool/splunk/tracker.log' 09-21-2023 16:37:10.613 +0200 INFO AutoLoadBalancedConnectionStrategy [7698 TcpOutEloop] - Connected to idx=xx.xx.xx.xx:16313, pset=0, reuse=0. using ACK. 09-21-2023 16:37:18.002 +0200 INFO TailReader [7705 tailreader0] - Batch input finished reading file='/opt/splunkforwarder/var/spool/splunk/tracker.log'     my inputs.conf has only the following:   [default] host = myhostname index = vcenter-index-name [monitor:///var/log/remotelogs/vcenter-rep/analytics.log] sourcetype = "vcenter" queueSize = 50MB crcSalt = <SOURCE> disabled = false   I would mention that I have the same configuration on a different server and logs end out in splunk without a problem and this error does not appear on the other servers:   09-21-2023 16:37:18.002 +0200 INFO TailReader [7705 tailreader0] - Batch input finished reading file='/opt/splunkforwarder/var/spool/splunk/tracker.log'