Hi,
I'm facing the situation that there is the identical stanza twice within a single conf file.
E.g.
authorize.conf
[role_admin]
srchIndexesDefault = main
[role_admin]
s...
Hi at all, I installed Enterprise Security 7.2.0 on Splunk 9.1.1 and I'm receiving the following message: Unable to initialize modular input "confcheck_es_bias_language_cleanup" defined in the a...
Hi, I'm encountering this error when i run btool check: Invalid key in stanza [email] in /opt/splunk/etc/apps/search/local/alert_actions.conf, line 2: show_password (value: True). and in...
We are trying to filter out events from a Syslog server that is ingesting data for a number of sources but the one we are trying to filter is from our Meraki devices. Each Meraki is considered ...
Did the blacklist/whitelist got replaced by denylist/allowlist in Splunk 9? In some Blogs i read that Splunk 9 replaced blacklist with denylist? Or is blacklist still usable? In the Changelogs ...
Hello Splunkers,
I have a question, would it be possible to assign a specific sourcetype to some logs inside a input stanza, depending on the content of the log itself (based on the key / fields e...
I have the problem that my scheduled searches all have a lifetime of 10 days.
This is the case for searches that run once every day but also searches that run every 4 hours. Changing the "Expires" ...
...ethods, but they all failed in one way or another:
yum and dnf are missing from the container, and microdnf appears to be broken. This makes it difficult to customize the container's conf...
Invalid key in stanza [workday://user_activity] in /opt/splunk/etc/apps/TA-workday/local/inputs.conf, line 2: include_target (value: 0). [workday://user_activity] include_target = 0 index = workda...