Solved: What should sourcename override and connection for...

jliaw · ‎07-02-2018

In monitor, using TCP and UDP sourcetype, what should be filled in at source name override and connection form be filled? And how to use the same port or remove the old port ?

Using Splunk llight, Windows10.

manish_singh_77 · ‎07-02-2018

Hi Jliaw,

Fyi: pls refer this link: https://docs.splunk.com/Documentation/Splunk/7.1.1/Data/Monitornetworkports

View solution in original post

manish_singh_77 · ‎07-02-2018

Hi Jliaw,

Fyi: pls refer this link: https://docs.splunk.com/Documentation/Splunk/7.1.1/Data/Monitornetworkports

jliaw · ‎07-03-2018

Hi Manish. Thanks for your answer. I have read through the suggested web and have difficulty in looking the Splunk bin. Is that only available for Splunk enterprise? I'm using Splunk Light.

manish_singh_77 · ‎07-03-2018

Hi jliaw,

It seems Splunk light have "$SPLUNK_HOME/bin/splunk" as per the below mentioned link.

"http://docs.splunk.com/Documentation/SplunkLight/7.1.1/Installation/UpgradeSplunkLight".

If you are using cloud version then you will not have access for the same, check & let me know in case of any queries.

jliaw · ‎07-03-2018

Thanks for your answer! I will find out more about Splunk Light free trial Vs Splunk light and Splunk Light free Vs Splunk Enterprise free trial.

manish_singh_77 · ‎07-03-2018

Sure, please check and let me know if you have any queries, I will also try to get more detailed information on it.

What should sourcename override and connection form filled in for UDP TCP in monitor when add data?

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector

Adoption of Infrastructure Monitoring at Splunk