I am looking for anyone who might know the appropriate BIND logging configuration to capture DNS replies so that we can map these into the Network Resolution model in Enterprise Security. Logging the...
...ile , and now what is the best method to ingest them into SPLUNK with the right format mapping?
What is your experiences with Linux DNS service?
I'm collect events with Splunk Deployment s...
Good Morning,
I'm trialing Splunk Cloud in anticipation of a purchase. I have installed Splunk Enterprise as the deployment server and universal forwarders on three servers. My clients are s...
I have some firewalls and stuff like that send logs to my Splunk server (using normal syslog at the moment). For now in "search" there are only one source "udp:514". I would like to filter so it l...
I'm seeing the error below under messages in my Splunk enterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...