...Cloud. For example, let's say: - You have a UF on a machine that forwards data to SplunkIndexers (cloud), you are to make a custom sourcetype for this specific piece of data. Where w...
Issue: Phantom Add-on for Splunk – is not saving any changes done on Saved searches and below error is observed in logs internally. Error observed inInternal logs : 2022-11-17 17:19:1...
Hi Guys,
am trying to configureSplunk to send me alerts through mobile when the requests against my web server are more than a specified value
i ran the search and it shows me the requests n...
Have a requirement to get Cisco AMP events into SplunkCloud. For Splunk Enterprise, I use python, but with no access to the back-end, how is it done inCloud? Their is no "Cisco AMP" T...
Hi, I'm new to Splunk, trying to understand for Splunk we have 1 installation we need to customize it to work as Forwarder or Indexer or Search Head, So want to know which all files need to modify t...
...putlookup csv1
| lookup csv2 field2 as field1 output field2a
| where isnull(field2a)
However, with outputcsv files, Splunk doesn't know the csv is NOT in the app/lookups folder. *There s...
We just got SplunkCloud up and running, and I'd like some tips on how to tell if it's healthy and to troubleshoot problems. Can you get me started, and point me to some resources?
Hi everyone. Is there any way to resolve GPO GUID or SID within Windows Security Logs? For instance, when we change any GPO in the domain it is logged under EventCode 5136. There is a CN name in...