I am looking for anyone who might know the appropriate BIND logging configuration to capture DNS replies so that we can map these into the Network Resolution model in Enterprise Security. Logging the...
...ile , and now what is the best method to ingest them into SPLUNK with the right format mapping?
What is your experiences with Linux DNS service?
I'm collect events with Splunk Deployment s...
I'm working with a standalone splunk 8.1.3 instance with theSplunk CIM 4.20.2. I have several accelerated data models that are populating data properly. &n...
I need to install multiple instances of Splunk 6.4 on a single Linux server. For example, I would like to know how I can set up 4 indexers on a single instance. This is not for production, merely t...
Splunk can only connect to one domain in an AD forest at this time. That's a known limitation.
However, is it possible to set whatever user name you want in the SSO header when you do the re-w...
I have some firewalls and stuff like that send logs to my Splunk server (using normal syslog at the moment). For now in "search" there are only one source "udp:514". I would like to filter so it l...
...ut this is a stock debian install)
netstat -an:
splunk:~# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address For...
Good Morning,
I'm trialing Splunk Cloud in anticipation of a purchase. I have installed Splunk Enterprise as the deployment server and universal forwarders on three servers. My clients are s...
...r TextField) modules at the top. When a user picks a value in one or more of these form elements, I want that value to stick with them even if they just randomly click away to one of the other views u...