Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- About soumyasaha2506
soumyasaha2506
Loves-to-Learn
Member since:
11-17-2017
Community Statistics
| Posts | 7 |
| Solutions | 0 |
| Karma Given | 0 |
| Karma Received | 0 |
| Member Since | 11-17-2017 |
Activity Feed
- Posted How to remove universal forwarder (or UF configs) using the deployment server? on Deployment Architecture. 06-03-2022 03:55 AM
- Tagged How to remove universal forwarder (or UF configs) using the deployment server? on Deployment Architecture. 06-03-2022 03:55 AM
- Posted Re: can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration. on All Apps and Add-ons. 05-23-2018 06:30 AM
- Posted can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration. on All Apps and Add-ons. 05-23-2018 04:29 AM
- Tagged can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration. on All Apps and Add-ons. 05-23-2018 04:29 AM
- Tagged can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration. on All Apps and Add-ons. 05-23-2018 04:29 AM
- Tagged can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration. on All Apps and Add-ons. 05-23-2018 04:29 AM
- Tagged can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration. on All Apps and Add-ons. 05-23-2018 04:29 AM
- Posted Re: Can anyone please guide me where can i download the certificates for: 1. Splunk accredited Sales Engineer 1 2. Splunk accredited Sales Rep 1 on Training + Certification Discussions. 02-27-2018 02:48 AM
- Posted Can anyone please guide me where can i download the certificates for: 1. Splunk accredited Sales Engineer 1 2. Splunk accredited Sales Rep 1 on Training + Certification Discussions. 02-26-2018 04:30 AM
- Tagged Can anyone please guide me where can i download the certificates for: 1. Splunk accredited Sales Engineer 1 2. Splunk accredited Sales Rep 1 on Training + Certification Discussions. 02-26-2018 04:30 AM
- Tagged Can anyone please guide me where can i download the certificates for: 1. Splunk accredited Sales Engineer 1 2. Splunk accredited Sales Rep 1 on Training + Certification Discussions. 02-26-2018 04:30 AM
- Tagged Can anyone please guide me where can i download the certificates for: 1. Splunk accredited Sales Engineer 1 2. Splunk accredited Sales Rep 1 on Training + Certification Discussions. 02-26-2018 04:30 AM
- Tagged Can anyone please guide me where can i download the certificates for: 1. Splunk accredited Sales Engineer 1 2. Splunk accredited Sales Rep 1 on Training + Certification Discussions. 02-26-2018 04:30 AM
- Posted Re: Why is using base searches causing major performance issues on my dashboard? on Splunk Search. 01-08-2018 01:34 AM
- Posted help needed to understand correlation search in ES (sandbox) on Splunk Enterprise Security. 11-20-2017 02:13 AM
- Tagged help needed to understand correlation search in ES (sandbox) on Splunk Enterprise Security. 11-20-2017 02:13 AM
- Tagged help needed to understand correlation search in ES (sandbox) on Splunk Enterprise Security. 11-20-2017 02:13 AM
- Tagged help needed to understand correlation search in ES (sandbox) on Splunk Enterprise Security. 11-20-2017 02:13 AM
- Tagged help needed to understand correlation search in ES (sandbox) on Splunk Enterprise Security. 11-20-2017 02:13 AM
Topics I've Started
| Subject | Karma | Author | Latest Post |
|---|---|---|---|
| 0 | |||
| 0 | |||
| 0 | |||
| 0 |
06-03-2022
03:55 AM
Is it at all possible to remove/uninstall UFs by pushing some script(s) from the deployment server. I do not have OS access on these endpoints & servers. OS access option is not possible, hence need to think of some alternative ways to achieve this (if possible). I can always disable the inputs on the UF but the requirement is to remove the UF installation itself, if not the installation then all configs like inputs.conf/outputs.conf/deploymentclient.conf and other apps (essentially everything in $SPLUNK_HOME/etc/system/local) Splunk Deployment server version 8.1.x
UF version >7.1 OS - Windows endpoints and servers, Linux servers
... View more
Labels
05-23-2018
06:30 AM
by RDS i mean Amazon Relational Database Service (https://aws.amazon.com/rds/).
As per Wikipedia- "It is a web service running "in the cloud" designed to simplify the setup, operation, and scaling of a relational database for use in applications. Complex administration processes like patching the database software, backing up databases and enabling point-in-time recovery are managed automatically. Scaling storage and compute resources can be performed by a single API call."
My bad should have mentioned in the question itself.
EDIT: Added a snippet of wikipedia explanation of RDS. Hope it helps
... View more
05-23-2018
04:29 AM
can DB connect be used to connect to RDS instances (oracle, MySQL and MSSQL), if so is there any documentation detailing the steps of integration.
i am currently looking at multiple DB instances that are on RDS. I want to integrate the authentication and audit related logs of these databases to be sent to splunk for security use cases.
Later, i might also be interested in other data from the db instances.
Currently i am unable to find any information on the integration, wondering if db connect can do it, if so once the connection is setup do i have to run the query similar to how i did for regular db instances or is there something different for RDS.
... View more
02-27-2018
02:48 AM
one last query, i am unable to login to the okta and splunk learning portal (https://splunk.okta.com/app/) as well as the field enablement portal (https://fieldenablement.splunk.com) with my Splunk credentials
Also, i have received the URL (https://pslearning.splunkoxygen.com/en-US) and credentials for Splunk oxygen, but when i login i just get the welcome page with the below lines mentioned there:
Welcome
Splunk Self Service Practical Lab Portal
This portal provides the platform for Splunk Self Service Practical Labs.
Labs need to be accessed directly form the Splunk Learning Porta (via Okta).
Partners can access Splunk Learning via the partner portal.
Make sure that you are enrolled for each lab you wish to take.
Enrollment links for each lab can be found in your learning path in Splunk learning.
Final Lab Results for all of your attempted Labs can be found below.
I am Splunk SE1 certified, Splunk certified sales rep 1, and Splunk certified power user so i should have access to these portals. am i doing anything wrong here.
... View more
02-26-2018
04:30 AM
Can anyone please guide me where can i download the certificates for:
1. Splunk accredited Sales Engineer 1
2. Splunk accredited Sales Rep 1
In the partner portal in my activities both the certifications are completed
... View more
01-08-2018
01:34 AM
@klinek a bit off topic, how did you get the size of the search results, i could not find anything related in thew job inspector.
... View more
11-20-2017
02:13 AM
I am quite new to ES, although i have an good understanding of data models and other Splunk commands, i am unable to understand the below correlation search in ES.
| datamodel "Authentication" "Failed_Authentication" search | stats values(Authentication.tag) as "tag",dc(Authentication.user) as "user_count",dc(Authentication.dest) as "dest_count",count by "Authentication.app","Authentication.src" | rename "Authentication.app" as "app","Authentication.src" as "src" | where 'count'>=6
My queries are:
1. datamodel "Authentication" "Failed_Authentication" search - is it searching 2 DMs and what does the search at the end signify. going by the syntax it is not a subsearch that usually starts with "["
2. what does values(Authentication.tag) mean, if Authentication.tag is a field, where can i see the exact field extraction of this field
... View more
Contact Me
