Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About JeffPoretsky
JeffPoretsky
Loves-to-Learn
Member since:
04-21-2022
10-31-2024
Community Statistics
| Posts | 7 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 04-21-2022 |
Activity Feed
- Posted Re: Index not populating on Splunk Search. 05-03-2022 06:36 AM
- Posted Re: Index not populating on Splunk Search. 05-02-2022 08:35 AM
- Posted Re: Index not populating on Splunk Search. 04-26-2022 06:00 AM
- Posted Re: Index not populating on Splunk Search. 04-26-2022 05:38 AM
- Posted Re: Index not populating on Splunk Search. 04-21-2022 12:28 PM
- Posted Re: Index not populating on Splunk Search. 04-21-2022 12:01 PM
- Posted Why is index not populating? on Splunk Search. 04-21-2022 11:52 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 |
05-03-2022
06:36 AM
I presume those are all ansible plays. Thank you. Now to run those and see how they _will_ fail.
... View more
05-02-2022
08:35 AM
Finally getting around to this. On all servers where splunk is installed the service splunkd is running. (an example from grep: {server}-106 | CHANGED | rc=0 >> splunk 5131 1 0 Apr07 ? 01:18:04 splunkd -p 8089 start splunk 5233 5131 0 Apr07 ? 00:00:00 [splunkd pid=5131] splunkd -p 8089 start [process-runner] ) running the index=_internal host!=utility-log-* | stats max(_time) as _time count by host returns many servers. Again. The only changes made to the clients and servers has been patching, updating and rebooting . Yes _some_ of the servers did not have the imitating with accept-license. but that's been fixed. So it looks like I have no hope of getting this fixed due to the way Splunk does "support".
... View more
04-26-2022
06:00 AM
next step. ran another oneliner to check splunk status While there are a few which do not have license accepted, which I will fix shortly, all others are running properly, and the log shows current activity.
... View more
04-26-2022
05:38 AM
Ran an ansible one-liner against all my clients. All are running splunkd. Will check the next suggestion shortly. (work got busy)
... View more
04-21-2022
12:28 PM
1 - probably 2 - if by that you mean /opt/splunk/splunkforwarder, yes that is the default on all clients in our environment 3 - I see almost all of our servers using the search given 4 - haven't touched our config files since installation. I have done splunk updates and OS patching. Both using a shutdown/patch-or-update/restart sequence that has been approved directly by splunk. I expect I will get nowhere here as the answers so far have presumed knowledge that the admin team here was _never_ _given_. Again. We were supposed to have training on days 4 and 5 of installation. But since days 1 and 2 were taken doing tasks that we were told had to be done before install could happen - even though we asked what to do before the installation - we DID NOT GET TRAINING. I know the very basics. But nothing more.
... View more
04-21-2022
12:01 PM
huh. on admin nodes I get either a reading error or a message about 0 population, but splunk is running on all splunk servers.
... View more
04-21-2022
11:52 AM
User of splunk attempted a search of index="os"
It returns nothing after Dec 23. (Yes this went unnoticed for this long. We were on a single version of RedHat until recently).
Splunk servers are all RH7.9
Version:8.2.4
Build:87e2dda940d1
Clients are all 7.9 or 8.5
... View more
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
10-31-2024
11:14 AM
|
