Hi, can someone answer the reason for Splunk SmartStorerequiring 90days of local storage when using Enterprise Security rather than 30days? Many thanks in advance
Deployment has 30 indexers and 100 indexes
Each indexer has two 10TB filesystem ( /data1/indexes/... and /data2/indexes/..) . and both file systems have active indexes.
Half of the indexes u...
Hi All,
We are trying to size an AMI Linux VM Heavy Forwarder for a new installation of 6.2.6 and have found the Splunk recommended systemrequirements of 2x six-core, 2+ GHz CPU, 12 GB RAM at t...
Hi,
We are currently looking into using the smartstore feature, however, I am having difficulty in finding documentation on how to calculate the amount of storage we would need - both local for t...
In the Splunk App for Enterprise Security on Splunk Cloud, there is a frequent message that the systems don't meet the minimum requirements for Splunk. The message keeps popping up periodically, e...
I am having trouble clearing a STIG that requires file permissions, ownership, and group membership of system files and commands match the vendor values. It is hitting on pretty much all of t...
We are receiving messages about how our indexers (distributed environment) doesn't meet the minimum systemrequirements, but after taking a further look at Splunk's reference hardware d...
I am in the process of setting up a Universal Forwarder that will be running on EC2. I am looking for information on hardware recommendations for on the forwarder. There is great information on the S...
Hi,
We plan to deploy the Splunk cluster and migrate our stand-alone indexer server.
While the requirements for Cluster Node are obvious, its not clear to me what Master and Search head server s...