Any news on this? ... View more

I would also be very interested in if there is a possibility to use the Slack app via a web proxy. ... View more

Hello everybody Sorry for the late answer. I created the app for my own purposes. To share it with you and give you an example of an App for Puppet I put this on Splunkbase. I did not think that this would be used actively. I will try to create a new version for splunk 7.0. Unfortunately I can not say how long I will need. Best Regards, Yanick ... View more

Hi Thompson Thank you for your quick reply. In our windows environment we have cluster-based applications (consisting of up to 3 systems), which write all their logs on the NFS share (same logfile). The application runs on one of these systems and can be switched at any time automatically depending on the utilization of the systems. Now we ask ourselves how we monitor such a setup with our Splunk Heavy Forwarders. If we configured a Splunk Heavy Forwarder on each of these systems, which would monitor the same application log files, we would have duplicate data in the Splunk because each server sees the log files on the NFS share. To configure the logfiles only on one of these Heavy Forwarders is also unsightly, because then we have unconsistent configurations over the same application. So it would be nice if there was the possibility that the Heavy Forwarder on all systems monitors the same log files on the NFS share, but the events only occur once in the Splunk. So they somehow share the pointer(fishbucket) for these log files. I hope I could explain it understandly. Now we want to know what methods there are? To your remaining questions. Yes we are using a clustered configuration with Search and Index Cluster. Best Regards, Yanick ... View more

We have configured the default value (10) for percent_peers_to_restart in server.conf. ... View more

Yes the stanza is enabled in the local/inputs.conf: [jmx://midw] config_file = config.xml polling_frequency = 60 sourcetype = jmx index = jmxitd disabled = 0 ... View more

Yes, my stanza name for JMX Input is unique in the whole /opt/splunk Directory: ./etc/apps/SPLUNK4JMX/local/inputs.conf:[jmx://midw] Meanwhile i could solve the problem with the following command: /opt/splunk/bin/splunk enable app SPLUNK4JMX Why this works, i d'ont know. In my default/app.conf the state is enabled: [install] state = enabled is_configured = true The enable command writes only an app.conf in the local directory with state = enabled. Strange.. Regards, Yanick ... View more

Hi vsingla1, I can currently not answer this question, because I have not tested. Once I tested it you get communication from me. Anyway, in the near future I have to develop a new version from this app. Best regards, Yanick ... View more

Take the DB Connect 1.1.7 app and java7 and you'll see it works. That was my step because i had the same problem with the MSSQL databases if i upgrade to 1.2 and java8. Another problem is the encryption on the MSSQL database. Disable that on the database and the connection works. I hope this helps. ... View more