cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
vvmmvvmm
Explorer
Member since: ‎08-25-2016
‎06-05-2020
Community Statistics
Posts 6
Solutions 0
Karma Given 4
Karma Received 1
Member Since ‎08-25-2016
Activity Feed
View All

Re: How to limit the amount of data that a splun...

by in Getting Data In
‎08-25-2016 09:55 AM
1 Karma
‎08-25-2016 09:55 AM
1 Karma
Thank you realsplunk, that document will be useful! 🙂 ... View more

Re: How to limit the amount of data that a splun...

by in Getting Data In
‎08-25-2016 09:54 AM
‎08-25-2016 09:54 AM
Thank you so much, appreciate your help! 🙂 ... View more

Re: How to limit the amount of data that a splunk...

by in Splunk Enterprise Security
‎08-25-2016 09:48 AM
‎08-25-2016 09:48 AM
Thank you Chris, and the presentation was really helpful 🙂 ... View more

Re: How to limit the amount of data that a splunk...

by in Splunk Enterprise Security
‎08-25-2016 09:36 AM
‎08-25-2016 09:36 AM
Thank you very much ddrillic 🙂 ... View more

How to limit the amount of data that a splunk u...

by in Getting Data In
‎08-25-2016 03:14 AM
‎08-25-2016 03:14 AM
Hi there I am using Splunk Enterprise for security purposes... But ther is a lot of extraneous data in my Splunk at the moment. Looking through the dashboards I am finding a lot of performance and operational status data which I don't need. The problem is that my splunk license allows me to analyze 2gb of data in a 24 hour period. I would say that at the moment 70% of the data that goes through the system is not security related and the system was procured as a security monitoring system. I would like to find a way to reduce the mount of the data that the "forwarders" send back to the Splunk back end for processing. i.e. exclude all of the performance and operational data from the analysis. My intention is to use that freed up bandwidth to push some Anti Virus and Firewall logs to splunk instead of server performance data. I would really really appreciate some help with this. I have searched previous questions, but can't seem to find the answer. However, if there is a page you know of where I can find my answer please send me the link 🙂 Kind Regards Vera ... View more

How to limit the amount of data that a splunk uni...

by in Splunk Enterprise Security
‎08-25-2016 01:29 AM
‎08-25-2016 01:29 AM
Hi all I am using Splunk Enterprise for security... But I have a lot of extraneous data in Splunk at the moment. Looking through the dashboards I'm finding a lot of performance and operational status data. The problem is that my splunk license allows me to analyze 2gb of data in a 24 hour period. I would say that at the moment 70% of the data that goes through the system is not security related and the system was procured as a security monitoring system. I would like to find a way to reduce the mount of the data that the "forwarders" send back to the Splunk back end for processing. i.e. exclude all of the performance and operational data from the analysis. My intention is to use that freed up bandwidth to push the Sophos Anti Virus and Firewall logs I have, to splunk instead of server performance data. Is this possible, and can anybody provide me with details on how to do this? I would really really appreciate your help! I have searched online for an answer but so far I can't find anything, but if you know of a page where I can find the information I need, please do send me a link 🙂 Kind Regards Vera ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM
Karma from
View All
Karma given to