Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About Dias
Dias
Explorer
Member since:
05-05-2021
02-15-2022
Community Statistics
| Posts | 10 |
| Solutions | 1 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 05-05-2021 |
Activity Feed
- Posted Re: invalid Stanza error in SplunkEnterpriseSecuritySuite on Splunk Enterprise Security. 12-02-2021 08:15 PM
- Posted Re: SSLCommon - Received fatal SSL3 alert in splunkd.log on Splunk Enterprise. 09-01-2021 11:44 PM
- Posted Re: Searches delayed in search head captain on Splunk Search. 09-01-2021 11:37 PM
- Posted Re: Different number of buckets on Deployment Architecture. 07-13-2021 08:52 PM
- Posted Re: Configure indexer cluster to send one index to splunk(standalone, not in architecture) on Splunk Enterprise. 07-08-2021 09:47 PM
- Posted SSLCommon - Received fatal SSL3 alert in splunkd.log on Splunk Enterprise. 07-07-2021 10:56 PM
- Tagged SSLCommon - Received fatal SSL3 alert in splunkd.log on Splunk Enterprise. 07-07-2021 10:56 PM
- Posted Re: Different number of buckets on Deployment Architecture. 07-07-2021 04:26 AM
- Posted Re: Different number of buckets on Deployment Architecture. 06-24-2021 04:42 AM
- Posted Different number of buckets on Deployment Architecture. 06-23-2021 11:23 PM
- Posted Configure indexer cluster to send one index to splunk(standalone, not in architecture) on Splunk Enterprise. 06-03-2021 09:59 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
12-02-2021
08:15 PM
Still no answer?)))
... View more
09-01-2021
11:44 PM
Hi, I haven't found a solution to this question yet
... View more
09-01-2021
11:37 PM
Hi, we have the same problem in our topology. Did you find the solution for this answer? Your question only thing in splunk community.
... View more
07-13-2021
08:52 PM
Thanks for the answer, I've checked the internal indexes. And there were those in which repFactor=0. I changed it to repFactor=auto. Your CLI command helped a lot, thanks again.
... View more
07-08-2021
09:47 PM
We decided to make a standalone instance to be searchhead. And then make a user, with access to only one index
... View more
07-07-2021
10:56 PM
Hi, I just noticed an alert "TCP or SSL config issue" in Splunk Admins app, then i followed to the splunkd.log and then noticed there SSLCommon - Received fatal SSL3 alert 07-08-2021 04:45:08.309 +0600 ERROR X509Verify - Server X509 certificate (CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US) failed validation; error=20, reason="unable to get local issuer certificate"
07-08-2021 04:45:08.312 +0600 WARN SSLCommon - Received fatal SSL3 alert. ssl_state='error', alert_description='unknown CA'.
07-08-2021 04:45:08.837 +0600 ERROR X509Verify - Server X509 certificate (CN=Starfield Services Root Certificate Authority - G2,O=Starfield Technologies\, Inc.,L=Scottsdale,ST=Arizona,C=US) failed validation; error=20, reason="unable to get local issuer certificate"
07-08-2021 04:45:08.837 +0600 WARN SSLCommon - Received fatal SSL3 alert. ssl_state='error', alert_description='unknown CA'. How i understand this alert came with an error that doesn't accept certificate. I use Splunk's build in certificate, and dont know why this error shows up. Could this error be due to server overload or lack of resources? Because in other environments with the same settings this error doesn't show up.
... View more
- Tags:
- splunk-enterprise
07-07-2021
04:26 AM
I checked the indexes and it is "repFactor=auto"everywhere. Do you know where to check for internal indexes repFactor?
... View more
06-23-2021
11:23 PM
Hi, I have an issue in indexer cluster. It's been a month since i noticed there are different number of buckets in two indexers. Search factor, Replication factor fine. What is the reason for this difference?
... View more
Labels
- Labels:
-
indexer
-
indexer clustering
06-03-2021
09:59 PM
Hi, i have a problem with sending one index from indexer cluster to another standalone Splunk instance. I have a 4 indexers, replication factor = 3 . How should I configure my cluster to send only 1 index? I tried to install UF on indexer and monitor the index directory. The event was in wrong format. Also tried to configure forwarding all events in indexer to standalone splunk, and then filter to receive only one index. But nothing came of it.
... View more
Labels
- Labels:
-
administration
-
configuration
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
02-15-2022
12:37 AM
|
