What are best practices fordeploying theSplunkAdd-onfor Unix and Linux in a distributed environment?
Any "gotchas" or good-to-know practices to get ahead of common issues? Consider this an a...
...ven though the index is deployed, there is no way for me to be able to add data to the index from the search head.
It does not exist in the settings->indexes view in Splunk Web (search head).
H...
VMware data collection is working fine but when pushing out SplunkAdd-onfor VMware from the index master node the following warnings are reported:
[Not Critical]No spec file for: /app/splunk/e...
OntheSplunk Light server (indexer + UI , configured to be Distributer) i did the following:
I installed theSplunkAdd-onfor Unix and Linux (Splunk_TA_nix) according to instructions.
I set u...
I just realized that the NIX TA is being deployed to our forwarders via thedeployment apps, to the indexers via the master apps and to the SHs via the SH apps. It was a surprise for me to realize t...
Because this app stores a number of passwords and secrets in an encrypted format, I can't copy and put thethe app on our deployment server as I normally do with other apps. Does anyone have a m...
I want to automate thedeployment of this TA on a heavy forwarder which means not pushing any credentials through the web interface. I don't have access to the web interface, this is locked down i...
Where should I deploythe Blue Coat Add-onfor proxy SG logs? I'm running a Splunk indexer cluster with a couple of indexers, a master, and a search head. I wanted to find out where to install the a...
My current environment is 2 splunk servers. One acting as a search head / indexer and one acting as a heavy forwarder. I have multiple UF clients pointing to the HF which filters and forwards to the...
Greetings!
how to deployfortimail add-ons in splunk enterprise distributed environment?
As per now ,I was already downloaded the apps and uploaded in splunk search head , what next to d...