The following procedures are used to build the system. https://docs.splunk.com/Documentation/Splunk/latest/Data/FormateventsforHTTPEventCollector I am trying the following command listed in Raw e...
Working on a fresh install of Stream into an on-prem distributed environment with a small number of endpoints. I'm not sure where to install and operate Stream from and I've seen differing i...
I am responsible for an "agent" that sends Syslog messages to a variety of SIEMs and similar software. I have based on trial-and-error introduced some options that seem to make it more "Splunk-f...
I am setting up a SplunkStream. I am having trouble with the official instructions, which are very confusing for a beginner. Below is the environment that has already been set up. Server A X...
Hi,
I've setup and installed SplunkStream in a test environment consisting of 1 single deployment and 1 universal forwarder. Everything is working as expected, and i am able to receive data f...
Hi,
I'm trying to stream AWS logs using the Kinesis firehose method. I followed a tutorial and verified each step a few times.
I have generated a certificate for my Splunk Enterprise server u...
Hi, I'm trying to get the audit logs from github cloud into splunk instance which has limited network access.
the problem is that ip of github that sends the data to splunk often changes.
I...
Hello,
According to the documentation of Splunk App for Stream, 'src_ip' value should capture the 'X-Forwarded-For' header value instead of the original src_ip. But it doesn't seem to work on my i...
Hello I have SplunkStreams installed on a Centos 6 Server which is also acting as a NFS Server. This is capturing packets and writing pcaps to the correct directory.
I have a Windows Search h...
Hi All,
We are trying to stream alert data from systems like Splunk, Nagios etc to Hadoop using Kafka and Spark.
We are unable to find any information regarding forwarding alert data from Splunk...