Most of the time, we are seeing that the Splunk universal forwarder or heavy forwarder is failing to forward data to the indexer. In this scenario, what troubleshooting steps should we take to i...
We use VMware and Microsoft Hyper-V. I want to use Splunk Enterprise to troubleshoot my virtualization server infrastructure. I want to implement the searches published at What are the best p...
Hi All,
My hot bucket is not rolling when its span has exceeded maxhotspansecs. Could you please provide assistance?
We are currently using a Splunk index, purely for data archiving purposes w...
Hello,
When I enable sslVerifyServerCert in server.conf under [sslConfig], I am seeing the following errors. From where does it understands that there is an IP address mismatch...
Hello community, I have come across the issue when I got identical token generated for SOAR user "REST" that I am using for SIEM-SOAR integration and the same was in the Splunk app for SOAR. When I...
I've configured the email settings on Splunk, but emails won't send. In the logs, I'm seeing the server referenced as "localhost". I've restarted the Splunk server, but it doesn't seem to be taking e...
...ile .csv i have the following error "File is binary or file encoding is not supported, only utf-8 encoded files are supported splunk".
I tried to change the permission on the app's folder on windows b...
..._network_test" on any configured servers
When I run ldapsearch, user details returned successfully. I use the same bind user/password as splunk does.
What is the next step to troubleshooting this?
Previously working scheduled reports are not working AND newly created reports are not working.
Creating a new test search works:
index=test1 | timechart count by status
The timechart i...
Hi,
One of our customers is using Splunk 5.0.4. The log files are forwarded to indexer using Splunk Universal Forwarder.
The log in flow is like this:
Splunk UF on Devices --> Splunk U...