Hi,
I'm experiencing an issue where logs with EventCode=4625 from Windows systems (an account failed to log on) are not appearing in my Splunk instance. I have checked the datacollectionand i...
Most of the time, we are seeing that the Splunk universal forwarder or heavy forwarder is failing to forward data to the indexer. In this scenario, what troubleshooting steps should we take to i...
...imple design - one central Windows indexer, running 4.2.2, and several distributed Windows forwarders, also running Universal Forwarder 4.2.2.
I have a custom app to collect various bits and bobs, and...
Hi
We are collecting all logs from Windows (wineventlogs, windows, perfmon) from all the Domain Controllers. It's a huge amount of logs we are ingesting. What is the best practice to get the l...
...e a specific counter, but it occurs when the Splunk-Perfmon.exe process is running, even if no perfmon collection is occurring. I don't see any errors in Splunk itself and the Splunk-Perfmon process i...
I have a clean install of the newest GA Splunk + the universal forwarder on one windows server.
I did a basic setup, didn't configure anything than forwarding and receivings etc. basic stuff. I h...