Hello Splunkers,
I have a quick question, is there a Splunk command to list all receiving port enable on a specific instance ? I know you can check that from the GUI under "Settings/F...
...95, ack 1, win 512, length 118
08:32:06.990080 IP splunk.xxx.9997 >xxx.56097: Flags [.], ack 895, win 2512, length 0
my receiver is enabled on port 9997 but Splunk is not indexing the data. I h...
...ixedissues You can enable it on forwarding side in outputs.conf maxSendQSize = <integer>
* The size of the tcpout client send buffer, in bytes.
If tcpout client(indexer/receiver connection) send b...
We have a Splunk cloud account for my organization. But I don’t see Forwarding & Receiving link in Settings menu. Is this license issue or I need to enable some feature for my cloud account....
...ant to enable _internal logs indexing for the heavy weight forwarder but not for Universal forwarders. Please advise.
Our Log flow:
Universal forwarder ---> Heavy weight forwarder --->Indexer
Hey,
I'm missing something rather basic here. If Splunk is set by default to listen on port 8089, why when running the Universal Forwarder installation is the receiving end's default port set to 9...
...he Indexers, i.e; UF ---> HF ---> Indexers ---> SH
The new architecture will enable us to perform parsing on the HF instance, as well as forward data to 3rd parties. Local indexing w...
Constant Memory growth with Universal Forwarder with ever increasing channels. Once third party receiver is restarted, UF re-sends lot of duplicate data and frees up channels.
Hello,
We tried to enable the SAML SSO on Splunk,
We thought it's simple cause of the swap of both xml configuration data but that's not working at all. When we log in, we are redirected on an u...