Hi,
I am well trained in Splunk Dashboarding. I would like to try out a POC of the SplunkEnterprise with the below features (strictly).
The architecture consists of 1 forwarder, 1 indexer and...
Hi,
My company is deciding to use Splunk in a Small Enterprise Deployment.
I already read a bit about scaling, the infrastructure design, and the amount of components.
I'm assigned the t...
...o 6.1 and from what I gathered from all the documentation, the process would be this:
Stop SplunkEnterprise 5.0 on the server from which you want to migrate.
Copy the entire contents of the $SPLUNK...
I designed a scheduled search that populates "identities.csv" by querying Active Directory using 'ldapsearch'. Everything looks fine except that when 'Enterprise Security/Incident Review' reports a b...
...rom local servers is being ingested into Splunk. We'll be expanding the architecture to include over 20 sites. In each site, we have a Splunk indexer which collects data of that location.
We are c...
Our original install of 6.1.1 used the pkgadd based installation process (pkgadd -d splunk-6.1.1-207789-solaris-10-intel.pkg) and now I want to upgrade to 6.1.2.
Is it true I want or need to use t...
Splunk documentation for the Enterprise Security App lists support for single-site cluster architectures. I am planning a large ES installation across multiple geographical locations and wanted to k...
All,
I am troubleshooting the built in notable "Anomalous New Process" that comes with Splunk ES on version 5.1.1. Basically, the alert is spamming us non-stop with processes that are far from a...
...ewquestion&utm_campaign=no_votes_sort_relev
yet - my Splunk is running on Windows and not on Linux - this solution is for Linux only.
how do I solve it over Windows ?