As of now we have not had to repeat the process; I think the problem existed for a very long time before we detected it. Latest from Splunk Support is a patch will be in a 7.3.x version for this issue.
... View more
Hi @sirajnp,
Seems like a network error: "socket error or timeout".
Which Splunk version are you running and is it in a clustered environment ? In case it's an SHC, please make sure that port 8191 is reachable between SHC members.
Cheers,
David
... View more
Hi ,
My script is working fine.
It is able to get auth token and able to connect with SEPC cloud.
but in event export no logs are coming...but i am able to see logs in sepc console
... View more
You need to get access for the access of twitter. Twitter created a curl like tool called twurl
https://github.com/twitter/twurl
twurl authorize --consumer-key key --consumer-secret secret
After the request with twurl I can use it with Splunk.
... View more
FYI this post is from over 3 years ago!
Splunk indexes.conf.spec
* Default: volume:_splunk_summaries/$_index_name/datamodel_summary,
where "$_index_name" is runtime-expanded to the name of the index
The max volume size I checked in 8.0.0 appears to be unlimited, I will remove the 100GB per index comment, and I've updated my above post.
... View more