SLL certs for SPLUNK WEB
Just want to confirm process: 1. Create private key on splunk web 2. Create CSR from private 3. Pass to my CA authority and get a pem created 4. place the key and pem on splunk web 5. make web.conf...
View ArticleDbConnect version 2 and 3, Can I run both on the same server?
I am currently running DbConnect version 2.3.0 and I would like to upgrade to DbConnect version 3. My issue is that I have maybe 40 database inputs and various other uses of DbConnect that would make a...
View ArticleSSL certificate for Splunk Web process -- can you verify these steps I'm taking?
Just want to confirm process: 1. Create private key on splunk web 2. Create CSR from private 3. Pass to my CA authority and get a pem created 4. place the key and pem on splunk web 5. make web.conf...
View ArticleHow can I monitor logs from a WAN?
I want to monitor logs on a remote computer (on the wan) I would like to forward the logs in order to watch them on my local computer. How can I do?
View ArticleSplunk DB Connect: Setting alias as "Group" is not working when select from...
Suddenly, DB-Connect is not retrieving data. And when investigating we found that searching using dbxquery we found an error regarding setting an alias to Group in select query. The search query (Not...
View ArticleHow to extract my event in index time using props.conf and transforms.conf?
How to extract my event in index time using props.conf and transform .conf? How to extract by event in index time to get expected format? Actual format: Tue Sep 26 11:38:08 EDT 2017 name="queue_browse"...
View ArticleIs there any plan to pull Azure Security Center logs and alerts from Splunk...
Is there any plan or in a roadmap to support pulling Azure Security Center logs/alerts as mentioned in this Microsoft article...
View ArticleHow to disable realtime searches for the power user role?
I'm wanting to disable real-time searches for the roles 'user' and power-user'. For the user role, I removed most of the capabilities including `rtsearch`. When I login as a local user account, I do...
View ArticleActual disk size
A few months back I was doing a dashboard and looking at various disk usage charts, one being Overall Disk Usage As I was doing research, I came across several posts that mentioned a rule of thumb of...
View ArticleIs it possible to collect data from vSphere without a domain name?
Currently, we are in the process of setting up Splunk to collect from our vSphere POC instance. However, when I go to add the vCenter server, it wants the fully qualified domain name (FQDN). We not...
View ArticleSplunk DB Connect: Can I run 2 versions on the same server to avoid migrating...
I am currently running DbConnect version 2.3.0 and I would like to upgrade to DbConnect version 3. My issue is that I have maybe 40 database inputs and various other uses of DbConnect that would make a...
View ArticleWhat is the latest supported Splunk version for servsers with OpenSSL for...
I am new to Splunk and trying to understand some Security issues with the Splunk version. My servers are a bit old (2003 and 2008 windows ). If I can get the last supported Splunk version for all the...
View ArticleWhy are we getting these error messages with Outlook-Exchange server?...
We are getting issues while setting IMAP-MailBox to Outlook-Exchange Server with valid user account We are not seeing any mail in Splunk. 10-03-2017 17:10:33.478 +0530 ERROR ExecProcessor - message...
View ArticleCSV Searches
Hello everyone. I've been reading and reading and I can not get consistent results from anything I have tried. So hopefully someone can help me get this straight. I have a csv as follows: Indicator...
View ArticleRiverbed Steelhead Technology Add-on: Can't see any of the prebuilt panels in...
Hi Team, I have a distributed environment which is running on version 6.6.2. I have installed the Riverbed Steelhead Technology Add-on in it. Currently I am unable to see the prebuilt panel in the app....
View ArticleIs it okay to install Splunk DB Connect on the Enterprise Security search head?
Hello all, Potentially a bit of a sensitive topic, but I wanted to see what others thought. Splunk Best Practice are *great* and really help installations to go smoothly and work optimally, but I can...
View ArticleWhat is splunk-wmi.path ?
I'm trying to account for a number of Splunk configurations on a domain controller and I was trying to figure out what the splunk-wmi.path script was that points to splunk-wmi.exe. I wasn't sure if...
View ArticleIs it possible to restore the sendemail.py file?
I am interested in knowing if it's possible to restore files. I somehow deleted "sendemail.py" file, tried modifying and receiving a following error: Installed Files Integrity Checker: File Integrity...
View ArticleIs it possible to change the shape and color of values in a dashboard based...
How to create a flowchart shape in Splunk dashboard and get some value inside, according to the value change the shape colour I have a search string using rangemap and it was structured inside the tag...
View ArticleMongoDB Monitoring: logs appear on cmdline but aren't updating in Splunk
Hey, I am able to view the MongoDB logs in Splunk by adding the data input and configuring using the third way mentioned on the github readme. The problem I am having is the logs aren't live, I can see...
View Article