...se the same username and password can not login the web interface. If I remove $SPLUNK_HOME/etc/passwd to "passwd.bak" and restart splunk, when I try to login with "admin" it will say "No users exist....
...orwarder and how to configure input config fileand output config fileand how to add monitor command and i have tried installing Splunk forwarder but facing difficulty. Kindly connect and l...
I use username: admin and password: changeme to log in to my Splunk universal forwarder. I am trying to forward logs from my Ubuntu server that's running on Vagrant VM. I know that the forwarder i...
I'm seeing the error below under messages in my Splunkenterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...
...ight after getting SplunkEnterprise installed on their local machine. It can be daunting to log into Splunk for the first time and know what the heck you should do. A person can get through the i...
I have a tar.gz fileand I wan't to continuously monitor it. I tried to index it to SplunkEnterprise via Settings>Data Inputs>Files&Directories, but when I run a search, Splunk doesn't r...
...(Add Data -> Monitor -> Files & Directories) I get this error: "Parameter Name: Path must be absolute".
Is there any way to fix that? How can I check if theSplunk has access to the...
...rrors writing to that path. I can run the script in CLI using "./pulldata.sh" as thesplunk user and it is fine to write the temp files to the "scripts" directory. I tried to use "/opt/splunk/bin/splunk...
Hello,
I have set up my SplunkEnterprise Instance as deployment-server and designated a forwarder on another machine as its deployment client.
In my $SPLUNK_HOME$/etc/deploymentapps/appname/l...
Since it's a best practice to install Splunkand run it as a non-root UNIX user, how can I make sure Splunk has the necessary read permissions for thefiles it needs to monitor?
This UNIX c...