Hello all - Trying to get Azure Event Hub data to flow into Splunk. Having issues configuring it with the add-on for Microsoft Cloud Services. I have configured an app in Azure that has Reader &a...
Hello,
I have created a splunk app, very similar to the weather example here on github
My app needs to be authenticated in order to access the 'service.storage_passwords' , however when running t...
Hi There,
I am new to Splunk and am currently trying to get Windows Services data into Splunk. I am using Splunk Cloud and already have Windows Event Log data being ingested via a Universal F...
Dears,
How to set inputs file for collect WinEventLog for File Replication Service?
I try to add two kind of stanza in splunkforwarder file "$SPLUNK_HOME/etc/system/local/inputs.conf" as b...
Hello, We have an Splunk Enterprise version 8.0.5 configured in PRD, we have enabled boot-start with --systemd-managed 1 and specified the user splunk as the owner of the service. It keeps failing d...
Hello,
Has anyone a working systemd script for Redhat/SUSE?
If I using the script from https://answers.splunk.com/answers/59662/is-there-a-systemd-unit-file-for-splunk.html
I get some error a...
Hello, does anyone here have an idea why cisco cloud security umbrella addon is interfering the authentication within Splunk TA Cloud Services? I try to ingest nsg flow data via a storage blob....
...onsequently on boot, defeating the purpose of the systemd setup. Using chattr to make the servicefile immutable is a current workaround. This behavior seems specific to CentOS Stream 9. How to r...
...ot start the Splunkd service on Local Computer. Error 2: The system cannot find the file specified."
Answer can be found below. I hope it helps someone save some time.
Are Splunk IT Service Intelligence (ITSI) notable event aggregation policies stored in a .conf file? If so, where is it? the only thing that I see documented is how to view via the GUI.