Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Search
Splunk Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Search
Search the Community
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
1,000 results
Sorted by:
01-14-2023
05:45 AM
I have Splunk setup and it establishes connection with syslog and splunk universal forwarder from a remote server: I have syslog-ng setup as follows: You can see the c...
Labels
05-09-2014
05:16 AM
Hi,
I'm quite new to Splunk and I get an strange error that I'm unable to find out any help. Basically, when trying to configure the receiving section from "Forwarding and receiving" I get an e...
02-18-2016
05:18 AM
...indows machines. Would that single (universal forwarder) be able to receive and forward logs from all those machines? Would that be an acceptable setup?
Regards
08-26-2015
09:49 PM
...cknowledgment doesn't have an effect if there's no connection at all. Specifically, it says "Without load balancing, the forwarder has no way to continue sending data if its receiving node goes down....
07-27-2017
06:50 PM
I want to create an alert to reminde to remind me that the number of logs sent by forwarders is increasing dramatically.
For example:
12: 00-13: 00 The number of events sent by the UF is 5...
- Tags:
- splunk-enterprise
09-27-2015
08:30 PM
...o today. I am receiving data from about 150 hosts. Unfortunately, I should be receiving data from closer to 350. My domain controllers are included in the list of the systems that are not forwarding...
08-01-2012
02:53 PM
...ne reports X but the new platform reports Y, about 1/3 the number. Is there a way that I can confirm this update was received by the Forwarders without logging onto each of them? I have over 100 of t...
- Tags:
- deployment
- forwarders
04-22-2016
06:08 AM
Quick question about HF.
Do you necessarily need two separated Splunk instances for Heavy Forwarding data? (One for receiving and one for forwarding).
If not, how can you do this without t...
- Tags:
- splunk-enterprise
02-13-2020
12:44 PM
Hi,
I have a new HF once accepted logs for about a week, then stopped receiving on almost all logs at a same time.
I compared this HF with the old working one and I don't see rotated logs c...
01-20-2016
02:13 PM
I would like to use the JMS Modular Input to receive messages from a remote ActiveMQ JMS Queue. My scenario is this:
I have a splunk environment with 1 search head, 2 indexers, and a Universal Forward...
