Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About cjaramilloc
cjaramilloc
Explorer
Member since:
05-19-2014
03-28-2022
Community Statistics
| Posts | 14 |
| Solutions | 0 |
| Karma Given | 4 |
| Karma Received | 2 |
| Member Since | 05-19-2014 |
Activity Feed
- Posted Re: Where to download Splunk Exchange app? on Splunk Enterprise. 03-28-2022 10:29 AM
- Posted Where to download Splunk Exchange app? on Splunk Enterprise. 03-28-2022 08:09 AM
- Tagged Where to download Splunk Exchange app? on Splunk Enterprise. 03-28-2022 08:09 AM
- Tagged Where to download Splunk Exchange app? on Splunk Enterprise. 03-28-2022 08:09 AM
- Karma Re: Why I'm getting xmlwineventlog? for PickleRick. 02-02-2022 01:35 PM
- Posted Why I'm getting xmlwineventlog? on Getting Data In. 02-02-2022 12:49 PM
- Posted Indexer performance problems after upgrade on Deployment Architecture. 07-22-2021 01:41 PM
- Tagged Indexer performance problems after upgrade on Deployment Architecture. 07-22-2021 01:41 PM
- Posted Re: Email Input on Getting Data In. 08-27-2020 10:05 AM
- Posted Email Input on Getting Data In. 08-26-2020 03:27 PM
- Tagged Email Input on Getting Data In. 08-26-2020 03:27 PM
- Tagged Email Input on Getting Data In. 08-26-2020 03:27 PM
- Karma Re: Monitor Active Directory With Linux Indexer for kbrown_splunk. 06-05-2020 12:48 AM
- Got Karma for Monitor Active Directory With Linux Indexer. 06-05-2020 12:48 AM
- Karma Re: How to estimate a project based on events per second (EPS), not GB/day? for miteshvohra. 06-05-2020 12:47 AM
- Karma Re: Securing indexed files: If someone could access the index directory and make changes in a journal.gz, what would happen? for santiagoaloi. 06-05-2020 12:47 AM
- Got Karma for Is it possible for Splunk to see the performance, transactions, availability, etc. from a Sybase DB on AIX 7?. 06-05-2020 12:47 AM
- Posted Re: How to create more than 10 blacklists for the same input on Getting Data In. 03-13-2017 08:15 AM
- Posted How to create more than 10 blacklists for the same input on Getting Data In. 02-07-2017 12:46 PM
- Tagged How to create more than 10 blacklists for the same input on Getting Data In. 02-07-2017 12:46 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 0 | |||
| 0 | |||
| 1 | |||
| 0 |
03-28-2022
08:09 AM
Hello,
I've been trying to find and download Splunk Exchange app from the archive, but I couldn't find it.
I know the app already hit the EOL, but still need it.
Anybody knows where can I download it or share me a link to download it
Thank you
Christian
... View more
Labels
- Labels:
-
other
02-02-2022
12:49 PM
Hello, I'm trying to get windows data from a couple servers. But instead of receiving wineventlogs I'm getting xmlwineventlog. I'm using the windows add-on and the Windows content pack for ITEW, and the xmlwineventlog is not compatible with this app. Let me know where I can change the configuration to receive the wineventlogs ptoperly Christian
... View more
Labels
- Labels:
-
sourcetype
-
Windows
-
XML
07-22-2021
01:41 PM
Hello, I hope you can help me to figure out what is going on. I have a distributed environment, a search head and two indexers. I've recently upgraded to Splunk 8.1.3 from 7.3. But one of my two indexers its not working properly, the splunkd service is taking all the CPU and memory resources... now the server its painfully slow... The search head I''m seeing messages like this: - The percentage of non high priority searches delayed (50%) over the last 24 hours is very high and exceeded the red thresholds (20%) on this Splunk instance. Total Searches that were part of this percentage=8065. Total delayed Searches=4070 - TCPOutAutoLB-0 Errors
... View more
Labels
- Labels:
-
distributed search
08-26-2020
03:27 PM
Hello Splunkers, I'm wondering the best way to index an email. Not email server logs, the actual mail. There are a couple apps that maybe help with this but they are very old: https://splunkbase.splunk.com/app/3200/ https://splunkbase.splunk.com/app/1739/ Has anyone already did this? Any advice? Christian
... View more
03-13-2017
08:15 AM
I've already did the combinations, but I still need room for more
... View more
02-07-2017
12:46 PM
Hello
Anybodyw know how to create more than 10 blacklists for the same input in windows events monitoring?
According to documentation you can only use blacklist1 through blacklist9: http://docs.splunk.com/Documentation/Splunk/6.5.2/admin/Inputsconf#Windows_Event_Log_Monitor
I have a small license and every once in a while I notice some events I don’t need, and I add them to the blacklist:
[WinEventLog:Security]
disabled = 0
start_from = oldest
blacklist=5XX5,4XX8,4XX6
blacklist1=EventCode="4XX1" Message="\b. *0xO"
...
blacklist9=EventCode="5XX6" Message="Audit Sucess"
Now I'm trying to add a blacklist10 but I can’t. Do you guys know a workaround?, maybe using transforms.
Thank you
Christian
... View more
03-18-2016
04:59 PM
Thanks. It was useful.
I'm receiving a low amount of events (I think), like 50 or 60 per hour... This server manage around a 1000 accounts. There is some configuring that I need to do in my AD server to receive more data?
... View more
03-14-2016
10:58 AM
1 Karma
Hello,
I'm trying to capture Active Directory information from an AD server. I installed an universal forwarder in this server, and using deployment server I configured an input.conf as the manual example:
[admon://DefaultTargetDc]
targetDc = pri01.eng.ad.splunk.com
startingNode = OU=Computers,DC=eng,DC=ad,DC=splunk,DC=com
My search head and my indexers are Linux Centos 7.
My question: Is the universal forwarder enough to accomplish active directory data extraction? or should I install a Heavy Forwarder.
Documentation refers to a splunk-admon.exe process? is this process included in the universal forwarder?.
... View more
10-16-2015
09:50 AM
Hi
I was wondering, if someone could access the index directory and make some changes in a journal.gz, what is it going to happen? Splunk is able to notice this? there will be an error? a security alert?
Thank you
Christian
... View more
09-14-2015
04:14 PM
Hello
I want to estimate a project, but based in EPS (events per second) not GB/day. How can I calculate the max of EPS using X hardware? or at least how many bytes per second? This is a big deployment, the license is estimated in 300 GB per day.
Thank you
Christian
... View more
- Tags:
- eps
- splunk-enterprise
03-19-2015
04:04 PM
1 Karma
I was wondering if Splunk is able to see the performance, transactions, availability, etc. from a Sybase DB on an AIX 7. Is possible, what do I have to do accomplish that?
... View more
- Tags:
- aix
09-04-2014
02:15 PM
Hello,
I'm wondering if is possible to run the universal forwarder with an AIX 5.3. The download page says that only 6.1 and 7.1 are supported, but documentation says otherwise.
Anyone using a 6.1.3 forwarder on an AIX 5.3?
Christian
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
03-28-2022
07:58 PM
|
