Our Splunk alerts were integrated to Service Now via email ingestion. But it suddenly stopped and we are not receiving tickets from SNow even though there are alerts triggered in Splunk. What is the...
The UF service failed to start after a reboot on a Windows Server. I've addressed that issue, but there are logs that were generated during the downtime that are not being forwarded.&n...
...n my Websense app is UDP 514.
My syslog input is configured to set the source type to websense:cg:kv.
I am searching the correct index, which is the main index.
The Siem Collector service i...
I'm trying to ingest 3-party alerts as Notable Events in IT Service Intelligence, and I'm following the steps in the docs (I don't have enough carma to post links, but google 'splunk itsi ingest t...
I am in the middle of a Splunk migration. One of the tasks is to moved data from some sourcetypes onto the new servers using the | collect index=aws sourcetype=* command.
The numbers added u...
Someone recently asked me how they could tie Splunk in with the free AlientVault OTX feed service. Has anyone ever done this and can they provide the dance steps?
THANKS!
So we just updated to 8.2.1 and we are now getting an Ingestion Latency error…
How do we correct it? Here is what the link says and then we have an option to view the last 50 messages...
Ingest...
Hi, we use the app Splunk Add-on for Microsoft Cloud Services version 5.3.1 on our HeavyForwarder. We ingest data from an eventhub which is splitted in a lot of eventhub names for different m...