...guess I have 2 questions:
1.What happens behind the scenes when I select from the various sourcetypes available onthe Data Inputs screen?
2.Is there a tried and true method for automatically i...
I'm having issues ingesting data correctly as custom sourcetype defined in Splunk Cloud are completely ignored when set on our Heavy Forwarders. In the web interface of theSplunk Cloud cluster I...
...erver that it came from. Long story short, we have servers that we don't want theSplunkForwarder on because we know that it can execute scripts creating a vulnerability with theSplunkFor...
...n Splunkforwindows servers. But foronly two of our windows server, except CPU & Memory other sourcetypes are being captured in Splunk.In inputs.conf of theaddon monitoring stanza in p...
Our team just transitioned from SplunkAdd-onforwindows v4 to v5. Changing references to sourcetypes among knowledge objects (KOs) (savedsearches, dashboards, data models, and notables) was a h...
...nstance on a single VM, Installed and configured theSplunkAdd-onfor Microsoft Windows TA. I'm ingesting the files I need with a "monitor" stanza in theWindows app's inputs.conf: [monitor://C:\i...
...hrough theWindowsAddOn upgrade documentation.
Any further advice/tips would be very appreciated (i.e. what to specifically look for using btool or potential root causes)
Cheers.
...host spd1agd01 and found that splunkforwarder was not installed,we installed but although we are not getting the results. We also checked at the following path: C:\Program Files (x86)\Symantec\S...
I'd like to implement some basic searches for server and OS monitoring without getting caught up in the differences between sourcetypes and field names.
I already implemented theSplunkAdd-onfor...
I need assistance with whitelisting as I can’t make it work. I’m running the free trial version 9.0.0 of Splunk Enterprise. I have 1 Receiver (on a CentOS VM), and some Windows and CentOS s...