In search head clustering you use a deployer instance to push apps to the search head cluster members using the command:
$SPLUNK_HOME/bin:
./splunkapply shcluster-bundle -target https://10.10...
Hi All,
I am planning to start learning about Splunk. I wanted to know the difference between Splunkand HP Arcsight. I have googled for it, but couldnt get convincing answers. Hence, thought of p...
I am very new using Splunk but I am enjoying it a lot so far. I am being tasked with writing a document on how to verify that all Domain Controller's logs are going into Splunkforthe SecOps team t...
I am running a distributed Splunk environment. I have three indexers, an index master, a search head, and a universal forwarder deployment server. The universal forwarders load balance between the...
*Environment
Index server: Splunk version is 4.2.2 on Linux
Forwarder: VMware with vCenter on Windows Server 2008 (Universal Forwarder is 4.2.2)
Question,
If we install a Universal For...
I've deployed thedeployment-app on thedeployment client from deployment server.
The server appeared on the phoned list. But is not indexing the logs.
Thesplunkforwarder logs don't show any e...
...onitor vmware hosts(mainly performance metrics). I started checking splunk documentation, but I am a little bit confused what should I use. It looks like till now there was an app- SplunkAppfor I...
...warder), andthen once your app is configured the way you want it, manually deploythe config out to your forwarders?
Or do you generally download the package from Splunkbase, unpack it y...
Hello plp,
I am making an alert, that export a csv , the problem here is when this .csv is exported, only have rw permissions and i want to have rw-r. I make a script that convert this file w...
Hello, i want to install the universal installer on a windows 11. I proceed according to these instructions: till now what i have done below steps- 1- install Universal forwarder into w...