...95, ack 1, win 512, length 118
08:32:06.990080 IP splunk.xxx.9997 >xxx.56097: Flags [.], ack 895, win 2512, length 0
my receiver is enabled on port 9997 but Splunk is not indexing the data. I h...
...GPO to the default dc policy to enable the auditing and powershell as outlined in the doc.
However, one of my DCs does not report any data in the Directory Services Performance and Replication P...
...ant to enable _internal logs indexing for the heavy weight forwarder but not for Universal forwarders. Please advise.
Our Log flow:
Universal forwarder ---> Heavy weight forwarder --->Indexer
We have a Splunk cloud account for my organization. But I don’t see Forwarding & Receiving link in Settings menu. Is this license issue or I need to enable some feature for my cloud account....
I have am error with ver 4.2.4 and ACI v.3.2(5d). I am not getting any data and splunkd.log if full of error messages that end with "Did not receive a session key from splunkd. Please enable p...
...he Indexers, i.e; UF ---> HF ---> Indexers ---> SH
The new architecture will enable us to perform parsing on the HF instance, as well as forward data to 3rd parties. Local indexing w...
...hreads when a blockage is detected Enable stacks on endpoints to quickly generate call stacks of running threads
Watchdog messages are logged to $SPLUNK_HOME/var/log/watchdog/watchdog.log
W...
Hi Team,
I've set up the Universal Forwarder(UF) forwarder in the Linux source server using CLI commands and also enabled the receiving in the Splunk server.
but I still don't see any logs in t...
I have a Heavy Forwarder set to forward load balanced data to two Splunk indexers on 9997.
When I enablereceiving on the indexers (via Settings -> Forwarding and Receiving -> Configure Receiv...
We tried to enable SAML authentication for our Splunk 6.3.1 Search Head. For this, we tried to import the IdP metadata XML file, but this fails with the following message:
"Unable to parse the p...