Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
58 results
Sorted by:
06-18-2018
07:03 AM
...estricted to only sending logs by either Universal Forwarder or Heavy Forwarder. We have seen the discouragement associated with the heavy forwarder, and we would like to get a few things cleared up. P...
...unk at it? How is this traffic filtered or authenticated? Control of which index the data is dumped to seems to be in forwarder configuration, so the server seems to not have any control o...
Labels
- Labels:
-
access control
-
authentication
...understand there are methods for restricting forwarder to indexer access but not forwarder to index. I also understand that with proper forwarder configurations this shouldn't be an issue but given d...
Labels
- Labels:
-
access control
04-28-2015
12:31 PM
1 Karma
Working with a hosting provider (Pantheon), they allow access to the access logs, but not to install a forwarder on their servers. So I installed a forwarder on a server i have control over and set u...
05-30-2017
04:10 AM
...s headquarter data itself. The data from subsidiaries must be available 24/7 from the headquarter's search head, although it could be not the newest.
We tried two approaches:
1. Universal Forwarder...
Labels
- Labels:
-
license
-
search head
-
universal forwarder
09-26-2015
10:12 PM
...ield Access-Control-All-Headers is not allowed by Access-Control-Allow-Headers. error.My server.conf config are as follows
[sslConfig]
sslKeysfilePassword = $1$0RQz5YVamCN2
enableSplunkdSSL = f...
03-26-2014
01:49 PM
I usually used a web application to control or edit settings for data forwarder. Yesterday, the web access to the localhost:8000 is disabled showing page not found. I checked netstat -an | grep 8...
12-14-2018
01:45 AM
When enabling the receiving function in a Splunk Enterprise instance (indexer for example), it will be listening on port 9997 by default (changeable) and any forwarder with the information (indexer I...
06-10-2019
08:20 AM
Hello all,
I have a working universal forwarder that happily sends data to my Enterprise indexer.
The data shows up under the forwarder's hostname on the indexer.
I would like to have a c...
11-07-2013
02:29 PM
So I have a deployment server up and running which I fully control.
In another secure part of the network they currently have a light forwarder and have some syslog and universal forwarders r...
