Evening Splunk community, My organization practices Blue / Green data-centers and requires us to switch production data centers every quarter. In my environment I manage two standalone S...
I want to set up an organized system of permissions so we can give the right access to the right data and the right Splunk features to the right analysts in my organization. Can I get a sketch of h...
I have a SplunkEnterprise/Splunk Cloud deployment that's been on autopilot for a while. We've been adding data sources and use cases, but I think there's a lot more we can get out of Splunk, and I...
I currently have an Enterprise trial license and was wondering what would happen after the trial ends. Will I still be able to forward data into the instance and create searches?
In my indexers inputs.conf we have the standard stanza in place for receiving inbound logs from forwarders.
[splunktcp://9997]
disabled = 0
Am I able to add additional stanza(s) to the i...
Hi,
I want to confirm where the KVStore reside on the Splunk Architecture stack. I know that there's a related MongoDB process along with Splunk and therefore was wondering if it's part of the Splunk...
Hi,
could not find anything on the website. I like to try and maybe use splunk indefinteley on my home lab. Is there such a thing like free license or home license? Enterprise trial is for 60 d...
Hi,
I have been migrating Splunk's alerts and dashboard from one instance to another by transferring the .xml files (for dashboard) and the saversearches.conf files (for alerts) from the old i...
Wildly frustrated poring over the Splunk documentation -- there are absolutely no good introductions to any topic! Anyway...
I've got a simple JSON file:
[
{"acct": 1333, "name": "Customer 1...
Hi,
I am wondering if there is a version control system used by any of the splunk users for maintaining their artifacts like Splunk Dashboards, Reports and Alerts?
I understand most people u...