I'm tasked with moving the $SPLUNK_HOME/etc/system/local/ conf files within our peer nodes to their own Splunk apps for easier management using the deployment-server/cluster master method. S...
...ince there is file order precedence, does Splunk look into each file for configurations? Or does it look into highest priority and go with that?
I'm wondering if I just push only one configuration i...
...urrently the space utilization for the homePath is 900+GB. Did i make a mistake in my configurations? Any advice on how best to manage the indexes would be greatly appreciated.
Another question I h...
Hi,
I'm writing an integration for one of our security solutions.
I'm implementing an alert action, and I want the following to happen:
An alert is triggered regarding a certain e...
This thread is for the Office Hours session Awesome Admins: Managing Your Hybrid/On-Prem Deployment on Wed, June 28, 2023 at 1pm PT / 4pm ET. Register Here to level up your Admin Chops! J...
I'm seeing the error below under messages in my Splunk enterprise console:
Missing or malformed messages.conf stanza for TCPOUT:FORWARDING_BLOCKED_Indexer IP ADDress_default-autolb-group DC-Host N...