*/5 19,20,21,22,23,24,01,02,03,04,05,06 * * *
is giving me an invalid cron, and I checked the format multiple times. I also tried */5 19-06 * * * and it still didn't work. I keep getting invalid cron. Any ideas?
... View more
I kept cycling through the options for the Alert, and I couldn't figure out a way that allows me to setup an alert to run realtime but only start between the hours 7:00PM-6:00AM?
... View more
To be more specific, documents(primarily txt documents) uploaded from a computer through the network through the server through the internet to an ip. Is there any Windows event log that signifies data is being copied and uploaded?
... View more
I'm trying to search for logs relating to an upload of data. For example, a computer uploads a file to dropbox or some external server. What is a keyword used to search and identify that log?
... View more
I am having trouble setting up an Alert to send to my gmail account. I understand that I can't just add my email to the alert list when it prompts me to, and I am having trouble adding it to the .conf file for the alert. Does anyone have a link to a step by step of setting up a gmail with splunk or can explain?
... View more
I am trying to use it on two different versions of Windows: 7 and 2008 R2 Servers. This is what shows on my splunk-launch.conf along with the other info.
Version 6.1.1
SPLUNK_HOME=C:\splunk\build-home\6.1.0
SPLUNK_DB=C:\splunk\build-home\6.1.0\var\lib\splunk
And I tried to catch the output and it gave me a blank txt file. The WinLog gets the output as the all the standard information and text that shows up on the Splunk CLI, and it says no error, but it closes immediately after opening. I have full administrative powers. Any ideas? I get the same problem when I try on both separatly
... View more
I just tried opening CMD as an admin and executing splunk, as well as going to the bin and running splunk as an admin. Both times I had the same result: Splunk CLI opens for a split second and then closes. I'm checking the WinLog events and it gives me Audit Success and No errors when I run it as an Admin-->so that is good. But, however, that doesn't explain why Splunk CLI keeps shutting down on me. Any ideas?
... View more
So, I've narrowed my issue down to "Not enough arguments, please specify a valid command from this list" and then Splunk CLI shutting down. Still, any ideas?
... View more
When I try to use cmd, to open it, if I don't use an _ then cmd returns C:\Program is not an executable command. If I do use the _ , it returns that the it could not find the path specified. Okay, now, since I know where it is located, I just went to the folder to open it, but it opens the Splunk CLI and then it closes automatically after about half a second. Any ideas?
... View more
Whenever I enter the path name in cmd, it can't find it. I have checked the file path multiple times to make sure it's correct. C:\Program_Files\Splunk\bin\splunk
and I have tried every variation of that. The backslashes in between.
... View more
How can I access the CLI for Splunk. I have tried for nearly an hour now with no success. The guides are helpful but evidently not nearly enough. Any help is appreciated!
... View more
I most likely am going to use forwarders then, but how can Splunk be configured to grab data from other computers? It sounds to be more difficult to set up.
... View more
If the main computer with Splunk has access to the Users via the Network, and I'm looking for specific data, can I just use the Add Data and fill out the information to, say, record if a User incorrectly logs in 5 times and send an email alert? Or do I still have to set up the forwarder?
... View more
Each forwarder, then, needs to be configured to handle data on the local system and only send information I specify to the main computer, correct?
... View more
How can I add a data input(s) for remote computers connected to a Network using Splunk? Splunk has access to the network and I want to collect data usage and WinLog Events.
... View more