Hello. Please see the screenshot on this post, its from theSplunk Universal Forwarder (UF) installer steps. Are we supposed to check the box for “Add useras local administrator” when installing a U...
Hello,
Does theWindowsuser for Splunk forwarder need "Remote Desktop access" rights?
In general, what kind of Windowsuser/role/rights is recommended?
Thanks.
...tep by step? the truth worries me a lot As I see it, it is as if they asked me to move a program in windows from C to a D partition and hope that it continues to work normally and obviously t...
Hello to everyone! I have many FlexEngine.log files in different directories that are ingested by Splunk UF 9.0.8 The path from logs is network share on theWindows Server, in which client-s...
...ownloaded. The company doesn't want to provide Splunk with a DA-level account or something similar. What is the best "Least Privilege" way for theSplunk UF to be able to restart it's own service a...
I just started rolling out universal forwarder 9.1.0.1 on a few machines. To my horror i noticed that splunk again made a significant change in a minor release. The forwarder is now owner by user "splunk...
...ight after getting SplunkEnterprise installed on their local machine. It can be daunting to log into Splunk for the first time and know what the heck you should do. A person can get through the i...
Hi, We wonder how to monitor the smbV1 access in a domain. We are already enabled the eventcode 3000 log on windows log. Now we want to know who use smbV1 to access on e...