...n instance of Splunk, and a working Livestatus that provides a socket for which data from Nagios can be obtained. I understand that Livestatus can pull information from Nagios such as echo 'GET h...
Hi Team,
We have SPlunk Cloud Victoria, We have 2 SH's (Core SH & ES SH) We have installed MS Cloud Service Add-ononCore SH and it is automatically reflecting on ES SH but we have c...
Hello everyone, I'm currently trying to optimize Splunk with disk space and index. I read about : Changing the parameter "Pause indexing if free disk space (in MB) falls below" N...
I'm not having any luck finding what the functional differences are between a lookup created in splunkcore ( Settings > Lookups > add new) that lives in the ES app context, and a managed l...
Hello, I'm just having a bit of difficulty differentiating between Splunk Enterprise, ITSI, SOAR, UBA, and Enterprise Security. It seems like they all do similar things. Do they a...
Hi Everyone,
i am having problems configuring a splunk app, here are the instructions.
Configure a 'Light Weight Forwarder' ontheNagios server
cd $SPLUNK_HOME/bin (eg. cd /opt/splunk/b...
Hi , The below line is pasted from developer license page.
"You want to build applications that work on top of Splunk platform, then you need a license to Splunk Enterprise software, which is o...
I tried to use the TA-fortinet, built-in in ES - forFortiGate logs send via FortiAnalyzer in syslog format.
But the field-extractions are not working, as the field-aliases in theadd-on are ie. for...
I have a correlation search creating notable events.
In the index=itsi_tracked_alerts, I see one event for a given event_id.
But onthe Episode review, I see the event being member of several E...