×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
umang_solanki
New Member
Member since: ‎07-23-2015
‎06-05-2020
Community Statistics
Posts 3
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎07-23-2015
Activity Feed
View All

Re: Splunk for Snort: How to configure a universal...

by in All Apps and Add-ons
‎06-21-2018 09:10 AM
‎06-21-2018 09:10 AM
Can someone please explain what is the need of configuring inputs.conf at receiver side (indexer) if the receiver port (9997) is already configured (May be through GUI) ? ... View more

Is there anyway to fetch the logs of Live HTTP/HTT...

by in Getting Data In
‎05-23-2016 02:26 AM
‎05-23-2016 02:26 AM
Is there anyway to fetch the logs of Live HTTP/HTTPs traffic (Web traffic)? For E.G : I am searching multiple sites in my machine and I want to get them fetched in Splunk in terms of logs. 1. At what time I surfed the URL? 2. What URL I have surfed? 3. What is the size of the data I have used? I know - this has to be fetched through Firewall, but any other way to get it in Splunk directly? ... View more

Searching events for a specific host, why are we g...

by in Getting Data In
‎07-23-2015 01:56 AM
‎07-23-2015 01:56 AM
Hello, In our Splunk Enterprise, we have created a customized indexer. We are trying to get certain events of a specific host, but as soon as we type index="Event_Logs" host=WindowServer in Search, we get the results of 2 hosts with the same host name. 1. WINDOWSERVER (UPPER_CASE) 2. windowserver (lower_case) The count appearing in the Search results is different. Any idea about this behavior? Appreciate your help. == Umang Solanki ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM