Hi Splunkers, I have to forward data inside csv files from an on prem HF to Splunk Cloud and I'm facing some issues, cause data seem to not be forwarded. Let me share with you some additional bits....
Hi. I'm using Splunk Enterprise 7.3.2 and installed universal forwarder 8.2.6 on Linux. I was asked to monitor the .bash_history file, so I installed the universal forwarder and checked that data i...
...ny adhoc request to get the data for that hour period, so once Splunk is up then what we need to do (restart splunk forwarder?) to restore data or data will be restored by itself or data w...
Hello, I have a windows machine with UF installed on that machine. How can I configure my Universal forwarder to ingest windows performance monitoring logs into SPLUNK. Our Windows Source server i...
Is there a way to monitor the searches for some specific fields? Let's say I wish to monitor if anyone is running any query that returns my SSN in the results.
We are rolling out a customer service chatbot. Has anyone needed to collect the data such as input/output and logs between an chatbot and OpenAI to monitor it in Splunk? If so, what did you use to G...
...se as a syslog and audit log store similar to how ELK is often used. While we will add additional data sources at some point my primary focus is on collecting and forwarding /var/log/audit/a...
On a Windows Server when I go to Settings \ Monitoring Console and launch it, there is a Menu item called: Forwarders: Instance which appears not to be configured and when I try to run setup I get t...
...ndex any new logs at all. If I take off the whitelist, the logs come in. [monitor://E:\Program Files\some app\Logs\...\servername_LOGTYPE_*.txt]
disabled=0
index=someindex
sourcetype=somesourcetype
r...
We use Kubernetes, and I'd like to use Splunk to get more granular insight into how we use them. Do you have any best practices or apps and add-ons I can use?