Hi,
I want to know the best practice and patterns that makes Forwarders highly available and redundant.
- SH pooling for Search Head redundancy,
- Indexer's Index&Forward (Replication) f...
...ike DB conn, AWS Add-on) and also exposes HEC endpoint
- Other servers for other functions (like deployer, cluster master, license master etc)
We have been asked by our client to implement a redund...
Hallo, I would like to investigate the login behaviour of users. I use this search: I receive the following example log: The "abstract" function creates the field "Kontoname". This contain...
...ormat) we have redundant time values. For example my search result will bring:
»17/10/2012 22:12:45.904[This is the left hand side time with the dropdown arrow] and then the event shows 22:12:45.904 2...
Hi all, Currently have setup multiple Splunk servers configured in outputs.conf for the universal forwarders but I am wondering if there is a way to specify only index to the second server if the fi...
I am using a single universal forwarder on my windows machine to send a log file to my Splunk host machine deployed on Ubuntu. The problem is that there were 3 logs events initially in the f...
We recently deployed the Splunk for Exchange app, and I just happened to notice that some perfmon information from the Exchange hosts are not being indexed, specifically the standard Windows objects ...
Can the license master config point to a DNS name?
I.e if there was an issue with Licese master server we do not want to make config changes on all indexers.... we want to just make a DNS change....