I have installed splunkadd-onfortomcaton search head and indexer and by using Universal Forwarder I am sending my Tomcat logs to SH and indexer. I have configure my Tomcat URL under the setup p...
...ocumentation/AddOns/released/Tomcat/Recommendedfields As recommended by Splunk documentation, we setup the following in className="org.apache.catalina.valves.AccessLogValve " in of server.xml p...
...ogs into the Cortex Data Lake and then streaming them from there to Splunk Cloud via the HEC. When I configure that HEC to use the Source Type of pan:firewall_cloud, which was recommendedin the setup d...
...uspicious activity. With the add-on removed there are very few fieldsin either the XmlEventLogs or the WinEventLogs data sources. I would love to have a direction to move forw
How do I install and configure the Splunkfor Cisco IronPort Web Appliance app onSplunkbase?
http://www.splunkbase.com/apps/All/4.x/app:Cisco+IronPort+Web+Security+Application
I'm seeing the error below under messages in my Splunk enterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...