Hello The deployment-client setting is required for the remote Universal Forwarder. And then I want to restart Universal Forwarder. I know the ID/PW. Can I set it up in My Deployment-Server?   ... View more

Hello Multiple PCs can access the same ID when connecting the web to the splunk. Even if I connect to multiple PCs with the same ID, I only keep the last session I accessed, and the PCs I logged in to before are looking for a way to disconnect the session I accessed. In a single instance, the session could be cut off as follows. ./splunk _internal call "/services/authentication/httpauth-tokens/[SESSION_ID]" -method DELETE  The above SESSION_ID used the other field value of the splunk ui access log. However, this method does not work in a search header cluster. Can I have a search header cluster maintain only the last session I accessed when connecting from multiple PCs with the same ID? I look forward to hearing from you.   ... View more

Hello Logs are being collected through Cisco eStreamer. I want to convert hex of packet field to ASCII. If you know how to convert the packet field of Cisco eStreamer to ASCII, please share it. Thank you. ... View more