Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- About Space_Crawler
Space_Crawler
Observer
Member since:
02-23-2025
03-25-2025
Community Statistics
| Posts | 6 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 02-23-2025 |
Activity Feed
- Posted Re: Splunk 9.4.0 - hostname, issues with license manager reports after hostname change on Monitoring Splunk. 03-25-2025 11:01 AM
- Posted Splunk 9.4.0 - hostname, issues with license manager reports after hostname change on Monitoring Splunk. 03-25-2025 09:55 AM
- Posted Re: installing CA signed cert - TLS certificate is missing or invalid on Splunk Enterprise. 03-18-2025 05:18 PM
- Posted installing CA signed cert - TLS certificate is missing or invalid on Splunk Enterprise. 03-18-2025 04:52 PM
- Tagged installing CA signed cert - TLS certificate is missing or invalid on Splunk Enterprise. 03-18-2025 04:52 PM
- Posted Re: Cisco AMP for Endpoints Events Input is logging a 403 error on All Apps and Add-ons. 02-23-2025 07:57 PM
- Posted Meraki TA - Could not identify datetime field for input on Getting Data In. 02-23-2025 07:29 PM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 |
03-25-2025
11:01 AM
Hey Will, the hostname has been changed for over 7 days now. |rest splunk_server=local /services/server/info | table host returns the correct (updated) hostname, and it does match the hostname of the search query index=_internal source=*license_usage.log* License Manager report, the drop down in the top-left corner is still somehow uses the old (amazon assigned) hostname that is not reflecting the name change.
... View more
03-25-2025
09:55 AM
Hi, I have recently changed the OS hostname, followed by Splunk hostname change on a single node deployment. I am still seeing old hostname in splunk License Manager reports, which are also showing blanks for both today and historical license consumption. Followed several articles on things to check, ie https://splunk.my.site.com/customer/s/article/In-the, and https://community.splunk.com/t5/Splunk-Dev/How-to-fix-incorrect-Instance-name-after-change-hostname/m-p/613316 Same outcome - the license manager still showing incorrect hostname in dropdown, and license usage stats are not reflected in the UX If someone could please provide additional guidance on things I can check?
... View more
Labels
- Labels:
-
license usage
-
monitoring console
03-18-2025
05:18 PM
Thanks for a quick reply. I have already validated that as well, the cert file is in the correct order. Here is an interesting finding, - reading through https://docs.splunk.com/Documentation/Splunk/latest/admin/webconf I noticed the "Default" path values. I have replaced the cert/key in the default location with the same files I am attempting to link through the explicit path - and splunk loaded them correctly, with WebUI becoming accessible. So this seems to point to the way the path to the cert/key is defined in my config? I have attempted a 'relative' path specification to $SPLUNK_HOME, with the same outcome - it fails as long as I specify the paths to the cert/key in web.conf. If I leave the paths commented out, relying on default values - splunk loads them fine somehow from the default location where I copied them.
... View more
03-18-2025
04:52 PM
Hi, I am working on installing CA-signed (ssl.com) cert to a splunk enterprise instance, and keep hitting these two errors: 03-18-2025 23:32:08.751 +0000 ERROR UiHttpListener [122666 WebuiStartup] - TLS certificate is missing or invalid, please check your configuration or certificate file. 03-18-2025 23:32:08.751 +0000 ERROR UiHttpListener [122666 WebuiStartup] - Loaded TLS configurations from conf file=web, TLS cert check failed web.conf: [settings] mgmtHostPort = 0.0.0.0:8089 enableSplunkWebSSL = true privKeyPath = /opt/splunk/etc/auth/mycerts/splunk.key serverCert = /opt/splunk/etc/auth/mycerts/splunk.crt crt file contains the server cert, as well as CA chain concatenated at the end of the file. Cert file is valid: [root@splunk mycerts]# openssl x509 -in splunk.crt -noout -enddate notAfter=Jun 16 19:25:41 2025 GMT openssl verify -CAfile splunk.ca-bundle splunk.crt splunk.crt: OK How exactly does splunk perform "TLS cert", and is there a debug method to figure out what exactly it does not like about the CA-signed cert I am trying to configure? Permissions and cert file ownership are setup correctly (ie, 600/644 and splunk:splunk) Thank you!
... View more
- Tags:
- configuration
Labels
- Labels:
-
administration
02-23-2025
07:57 PM
Hi, I am seeing the same error message. Has anyone been able to resolve this?
... View more
02-23-2025
07:29 PM
Hello, I have a fresh install of splunk and Meraki TA App. I have configured several inputs in the App, however I am seeing a large number of these error messages under various inputs (for example, appliance_vpn_statuses, appliance_vpn_stats) in the following manner: 2025-02-24 03:12:56,971 WARNING pid=50094 tid=MainThread file=cisco_meraki_connect.py:col_eve:597 | Could not identify datetime field for input: cisco_meraki_appliance_vpn_statuses
... View more
Labels
- Labels:
-
field extraction
Contact Me
| Online Status |
Offline
|
| Date Last Visited |
03-25-2025
02:22 PM
|
