×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
jswilmoth
Engager
Member since: ‎10-25-2018
‎06-05-2020
Community Statistics
Posts 3
Solutions 1
Karma Given 0
Karma Received 0
Member Since ‎10-25-2018
Activity Feed
View All

Re: Splunk_TA_stream - deployment server install f...

by in Deployment Architecture
‎05-09-2019 11:13 AM
‎05-09-2019 11:13 AM
Solution was: 1.) disable all streams in the configuration 2.) created a custom app with a scripted input: net stop npf -- this should remove the lock on the files (or reboot) 3.) app deploys successfully 4.) mark custom app to uninstall (so the command stops running) 5.) re-enable the streams in the configuration ... View more

Re: CEF Files on Syslog-NG with Universal Forwarde...

by in Splunk Enterprise Security
‎10-26-2018 12:38 AM
‎10-26-2018 12:38 AM
Let's start with some basic data feed troubleshooting: any messages in splunkd.log confirming the forwarder has started to monitor that folder? are you sure permissions on those files are correct for splunk to be able to read them? any errors in splunkd.log on that forwarder related to this feed? what does the forwarder's metrics.log say about this sourcetype? what do your indexer metrics.log say about this sourcetype? have your tried searching for 'all time', in case time stamp extraction isn't working perfectly? ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM