I would like to black list (get alert) for all the ports excepting the approved portlist using interestingportlist.
Please advise on the available options to achieve this.
...ogs are delivered to forwarder. Moreover, both indexer1 and indexer2 listen to ports 9997. If I run a search to indexers (e.g. indexer1) it seems that logs are delivered to indexer1:
Search: i...
Hello, We are using the Tenable Infrastructure Vulnerability scanner to scan regularly our complete infrastructure. Tenable reports following findings for the Splunk Server Ports: https://w...
...achine
2. Installing snmp and snmptrapd on splunk server
3. on my machine listing trapsink as splunk servers public ip
4. giving the same ip in snmptrap command
I followed the same steps to get t...
...his file appears to be updating each day as expected.
I've actually had this all configured a few weeks, but it's only just now bubbled back up to the top of my to-do list to fix. Therefore, no b...
The following error is captured in puppetserver.log (no error in splunkd.log): [puppetserver] Puppet Could not send report to Splunk: execution expired
["org/jruby/ext/openssl/SSLSoc...
I've seen the other questions regarding this topic and only the Solaris question & answer get close.
I am looking to change the default port Splunkweb runs on from 8000 to 80 for obvious u...
...Can I implement this using Splunk without a good background in programming? I know IP routing but not much on coding. I can configure all routers pointing to the syslog server. What are the things I...