Hope you are doing great.
Again facing a challenging and seeking some help.
Prob statement
We have 200 windowsserver out of which 3 devices and not reporting suddenly.
I tried t...
...howing up in "Forwarder Management" but I can't seem to get event logs from any servers except the deployment server. I have enabled firewall ports outbound 8089 and inbound 9997 on the deployment server. T...
I initially tested the Splunk Server on a Windows 7 machine and installed the Universal Forwarder on another WIndows 7 machine.
This worked with no issues other than having to run sfc /scannow to get...
...sl_subject!="CN=sa*" | dedup ssl_subject | convert timeformat="%Y/%m/%d" ctime(ssl_end_time) | sort +ssl_end_time | table ssl_start_time ssl_end_time ssl_subject The log I am getting the data from: {t...
Hello all, I need your help in analyzing my collected log data. I have all of our Windowsservers connected in Splunk using the Universal Forwarder. This includes the domain controllers as well. O...
HI,
I think this is a rather silly question, but I haven't been working with Splunk for too long and just can't figure it out.
We just cloned a Windows box (server1) that has a Splunk f...
I am installing a new Splunk server on Windows using the trial subscription for now, which may be changed to the free license later. I have data from another Splunk for Windowsserver t...
I am trying to use a Universal Forwarder to get a load of windows event logs that I need to analyse into Splunk. The event logs are from about 7 different systems and are all located on my local l...
Hello Team,
I am new to splunk,
I need to collect Remote event Log on my Windows splunk server.
So Under my splunk GUI
Manager » Data inputs » Event log collections » My_server_logs
It G...