Hi,
I have a simple AWS environment, and want to create an EC2 instance with the Splunk SOAR (On-premises) AMI from the Amazon Marketplace running on it.
I am following these i...
Hello, I have to migrate from an old Splunk standalone instance (version 6.4) to a new one. Is it possible to use in the new instance the same license currently used in the old one in production?&n...
Hello,
before the upgradation to splunk 9.x we have to move the actual instances of Splunk to new VMs with new OS version and additional resources (CPU, RAM and disk space [indexers]):
c...
Hello, I am attempting to add an External Splunk Enterprise Instance to SOAR and receive the following error when I click "Test connection": I am running Splunk Enterprise On-Prem v8.2...
I've just upgraded to Splunk v9.1.0.1 in a stand-alone (S1 SVA) lab instance from 9.0.x. All fine and operating at a basic level, see attached image. However since the upgrade there is a UI issue....
Hi All,
is it possible to retrieve the (splunk soar) instance details inside a playbook?
For instance when sending an email, I want to be able to tell if the playbook ran in dev or prod e...
Hello Splunkers,
from time to time, we observe a bit weird state of our indexer cluster and want to understand its reason. There are 3 indexers in the cluster (let's say z1el1, z1el2, z1el3) , one...
Hello, I have the below Splunk search and I want to put the results into a line graph so I can compare all of the disk instances e.g. C, D , F over a period of time. The search that I...
Hi,
I'm having some architecture deployment issues on an indexer. When I check hosts using (index="_internal" | stats count by host). I double-checked my outputs.conf on all my instanc...