...se the same username and password can not login the web interface. If I remove $SPLUNK_HOME/etc/passwd to "passwd.bak" and restart splunk, when I try to login with "admin" it will say "No users exist....
...orwarder and how to configure input config fileand output config fileand how to add monitor command and i have tried installing Splunk forwarder but facing difficulty. Kindly connect and l...
I use username: admin and password: changeme to log in to my Splunk universal forwarder. I am trying to forward logs from my Ubuntu server that's running on Vagrant VM. I know that the forwarder i...
I have a tar.gz fileand I wan't to continuously monitor it. I tried to index it to SplunkEnterprise via Settings>Data Inputs>Files&Directories, but when I run a search, Splunk doesn't r...
...(Add Data -> Monitor -> Files & Directories) I get this error: "Parameter Name: Path must be absolute".
Is there any way to fix that? How can I check if theSplunk has access to the...
...rrors writing to that path. I can run the script in CLI using "./pulldata.sh" as thesplunk user and it is fine to write the temp files to the "scripts" directory. I tried to use "/opt/splunk/bin/splunk...
Hello,
I have set up my SplunkEnterprise Instance as deployment-server and designated a forwarder on another machine as its deployment client.
In my $SPLUNK_HOME$/etc/deploymentapps/appname/l...
...ines to the indexer?
For a fact, I know that if I restart Splunk again, the new lines will be indexed. Please note that it is a production system and manually monitoring filesand restarting Splunk i...
I have been racking my brains and have searched the internet over multiple time and can't find a resolution to this issue.
I have Splunk running on a Windows 2K3 server and want to monitor 4 directories...
...uplicated. I did find info on current_only , however it seem this is only for the Windows Event Log Monitor, and not theMONITOR:.
Is there anything we need to make sure we have in place?
How w...