I want to grant a role the ability to create a new Event Log Collectiondata input. What capabilities can I grant to the role, to accomplish this, and do I need to make any other changes to the r...
When running splunkforwarder-6.0.1-189883-x64-release.msi you get an error message "Please re-launch the installer as an Administrator. This is required to configure the installation for remote data...
...F -> Splunk Cloud
Due customer policy, we avoided UF and used the WMI Collection, so on HF we configured, as Data Input, the Remote event log Collection.
Configuring Remote event log Collection...
A scheduler issue may be described as: - reduced number of completed scheduled searches running during certain periods - scheduler locks up and doesn’t run any scheduled searches for a period of t...
We are planning to migrate archsight to Splunk via Collection of UF , syslog to HF. How many UF we need to install , Do we need to require 1 UF for each data source.
We are running a distributed clustered Splunk environment on version 6.2 We are planning to upgrade to 6.3 due to definitive requirements. As part of the upgrade instructions, it is mentioned to t...
We wanted to ingest 20000 eps minimum now 1 year later we wanted to go with the 50000 eps to give me some documentation for the heavy forwarder spec with the eps. These logs will go from on perm heav...
I want to set up an organized system of permissions so we can give the right access to the right dataand the right Splunk features to the right analysts in my organization. Can I get a sketch of h...