...se the same username and password can not login the web interface. If I remove $SPLUNK_HOME/etc/passwd to "passwd.bak" and restart splunk, when I try to login with "admin" it will say "No users exist....
...orwarder and how to configure input config fileand output config fileand how to add monitor command and i have tried installing Splunk forwarder but facing difficulty. Kindly connect and l...
I use username: admin and password: changeme to log in to my Splunk universal forwarder. I am trying to forward logs from my Ubuntu server that's running on Vagrant VM. I know that the forwarder i...
I'm seeing the error below under messages in my Splunkenterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...
I have a tar.gz fileand I wan't to continuously monitor it. I tried to index it to SplunkEnterprise via Settings>Data Inputs>Files&Directories, but when I run a search, Splunk doesn't r...
...(Add Data -> Monitor -> Files & Directories) I get this error: "Parameter Name: Path must be absolute".
Is there any way to fix that? How can I check if theSplunk has access to the...
...rrors writing to that path. I can run the script in CLI using "./pulldata.sh" as thesplunk user and it is fine to write the temp files to the "scripts" directory. I tried to use "/opt/splunk/bin/splunk...
What is a good procure to follow for installing a Splunk Universal Forwarder on a Linux host for the first time? A step by step process might help first time users get data into Splunkand u...
Hello,
I have set up my SplunkEnterprise Instance as deployment-server and designated a forwarder on another machine as its deployment client.
In my $SPLUNK_HOME$/etc/deploymentapps/appname/l...
Since it's a best practice to install Splunkand run it as a non-root UNIX user, how can I make sure Splunk has the necessary read permissions for thefiles it needs to monitor?
This UNIX c...