I was looking more for a setting from a Splunk config. Managing Acls is along the same lines as having to manage permissions. Also, I have SunOS, AIX, & Linux to manage. I should have been more specific in my question. Thanks for the feedback though. ... View more

Typically you need a default group for that: Add this to your outputs.conf [tcpout] defaultGroup=nothing disabled = false indexAndForward = true http://docs.splunk.com/Documentation/Splunk/4.3.1/Deploy/Forwarddatatothird-partysystemsd "Note: If you want to forward only the data specifically identified in props.conf and transforms.conf, set defaultGroup=nothing." ... View more

how about these parameters? ./bonnie++ -n 0 -u 0 -r free -m | grep 'Mem:' | awk '{print $2}' -s $(echo "scale=0; free -m | grep 'Mem:' | awk '{print $2}' *2" | bc -l) -f -b -d /tmp ... View more

What did this end up being? ... View more

What did this end up being? ... View more

What did it end up being? ... View more

What did it end up being? ... View more

add to server.conf seems like a solution.. if using a forwarder. [license] active_group = Forwarder ... View more

add to server.conf seems like a solution.. [license] active_group = Forwarder ... View more

worked for me on 4.2.2 ... added to splunklightforwarder app that is deployed out.. ... View more

4.2.3 is out.. what is cmdline option? ... View more

In 4.2 to switch to free license: login the UI, go to manager > licensing change the license group to "free license" restart I'm looking for cmdline way to do it still.. ... View more

Anyway at cmdline to change it? especially when using LWF/forwarders and gui is not running? ... View more