Dear community,
After i forwarded the syslog from Cisco ASA into SPLUNK i noticed that the logs are duplicated and this is consuming our license. Any help please ? Thank You
I'm using Splunk Enterprise 9.x with Universal Forwarders 9.x on Windows 2019. All my forwarders are connected to a deployment server. I notice the following for example: I update a d...
I was trying to build an add-on using splunk add-on builder. We need to use api key to authenticate into a third party service. The question is how does splunk add-on builder store password? I c...
...servers or not. Could you please help me with the below: 1) How to check if ssl communication is enabled between splunk servers 2) how to check if the existing certificates are default o...
Hello,
When I enable sslVerifyServerCert in server.conf under [sslConfig], I am seeing the following errors. From where does it understands that there is an IP address mismatch...
So I have an application that runs as a docker container in AWS ECS Fargate, and in log configurations for the container , I have used splunk log driver , here I have used --log-opt env to let say s...
Hello community, I have come across the issue when I got identical token generated for SOAR user "REST" that I am using for SIEM-SOAR integration and the same was in the Splunk app for SOAR. When I...
We had an EC2 instance become inaccessible via the AWS Session Manager.
Root cause was the main volume filling-up with various splunkfowarder-x.x.x RPM files in /usr/bin/
Yesterday the f...
Please submit one Splunk t-shirt idea per answer. I am sure that there are a lot of awesome ideas out there. Try to be as clever, creative and short as possible.
Extra points for the ones which c...