I am working on Linux based usecases that are available in Splunk ESCU. Most of the usecases are using Endpoint. process data model. When checked in the official Splunk Linux addon, only 3 sourcetypes...
Hello, Are there any queries I can run from SPLUNK search head to find: 1. all configured DB Connections and their associated index/sourceTypes in SPLUNK. Any help will be highly a...
hi experts
seek assistance with configuring Sysmonfor inputs.conf on a Splunk Universal Forwarder.
Configuration based ontheSplunk Technology Add-on (TA) forSysmon.
[WinEventLog://M...
Good evening,
I have been trying to figure out a way to get a list of all of the software that runs on my servers under the user Administrator.
The end goal is to disable the admin account a...
Hi, Im dummy in Splunk and I have one doubt. Maybe you can help me. I want to insert in an index that I have created some data that I have obtained when executing a script in python, so the r...
What needs to happen in order forSysmonTA to parse the Windows Sysmon Event Logs? Here is the output I get when I try to upload the file manually:
I select - "Sourcetype X...
The Cisco ACI Add-onforSplunk Enterprise provides these sourcetypes:
cisco:apic:health
cisco:apic:stats
cisco:apic:class
cisco:apic:authentication
And is Common Information Model (CIM) 4...
...have installed the application "SplunkAdd-onforSysmon", and in another seperate splunk enterprise docker image I tried installing the "Microsoft SysmonAdd-on" application, In the i...
...ecause they exist outside of Splunk.
Analogies tend to be a great way to convey new concepts. So I'm curious what analogies forsourcetype have worked for you?