Hey guys,
I'm new on the Splunk planet.
I'm trying to find a script that would :
- Send archive data to a nas location when an index is full (as soon as an index is full, without the need o...
Hello,
By default:
Splunk Enterprise decompresses archive files before it indexes them. It can handle these common archive file types: tar, gz, bz2, tar.gz, tgz, tbz, tbz2, zip, and z.
(h...
...ars it wants. How to I properly configure the jars for searching S3 archived buckets?
I ran the | archivebuckets command and it worked fine and archived the buckets, but the search errors out s...
Installed Splunk 6.5.1 and followed the steps from https://docs.splunk.com/Documentation/Splunk/6.5.2/Security/Howtoself-signcertificates and enabled the Splunk Web SSL. Still facing the issue
C...
...However, since I intend to sign the bucket before archiving, I used the
signtool -s ARCHIVE_DIR
line in the script just before the bucket was to be copied to the location(as stated in the d...
Hello, I'm trying to set the authnrequests to be signed by a sha256 cert, as that's a requirement of my ldp for SAML. However, when I look at the SAML trace, it looks like it's still getting sent a...
...yslogServer/win2003). The subfolders contain .csv files. I would like splunk to index those files.
The syslog server has an universal forwarder installed and on my distribution server I tried to configure...
Hello Everyone,
I am having trouble configuring self-signed certs and was wondering if I could possibly get some advice.
I am doing this in a test environment with the express purpose of r...
So let’s say I have 2 or 3 indexers and I configure the coldToFrozenDir in the indexes.conf…
[default]
maxWarmDBCount = 200
frozenTimePeriodInSecs = 432000
rotatePeriodInSecs = 30
c...