Forums: Posted by ASW3382

Topic	Author	Replies	Latest Post
Splunk misreporting indexed events? In: SplunkAdministration (Not tagged) ahhh now those were interesting, took 4 minutes a piece to run about but gave me a neat graph ;) I need ... ya it just says localhost. Oh and if it helps I am only monitoring 6 hosts. oh I assumed since the numbers were so high it was counting the indexes themselves, counting events ... I run a fairly small network, about 70 users, I have exceeded the 500MB limit 3 times. Once by about ...	ASW3382 Posts	6	5 months ago...
Logging Advise In: SplunkAdministration (Not tagged) Oh I log everything, I am still in the trial stages of Splunk. Something that I have found exceedingly ...	awilisch Posts	2	5 months ago...
Trying to index IIS log files, having some issues In: SplunkAdministration (Not tagged) I havent run snare on an IIS server, does it support them? But if you are just testing, Dump the ...	Subversive Posts	7	5 months ago...
Wrong Host Reported In: SplunkAdministration (Not tagged) Any movement on this araitz? I doublechecked my DNS settings just to be sure and cant find any weirdness. ... If I tag it then What happens when my fortigate sends logs then? As I showed above my PTR records ... oops, that nslookup for fortigate10 should look like: Server: DNS.domain.tld Address: X.X.10.107 Name: ... sorry that post was clear as mud, let me simplify. X.X.30.111 with a fqdn as www.domain.tld, but splunk ... I have logs coming from a syslog-ng client on a X.X.30.111 address. which an nslookup will show the ...	ASW3382 Posts	7	5 months ago...
FIFO Queues In: SplunkAdministration (Not tagged) if the license wasn't $5K there wouldn't be a problem ;) 30 days isn't log enough for me to get a good ... ya I am thinking of using netcat to push the files out. If not I am sure I could whip up a perl script ... Ok I got it working, a lot of tweaking, your script you copied and pasted is wrong, your (5000) should ... Cool, we will see if that works. I was under the impression that TCP did not work with the free server, ... I am running Splunk on a windows server. I am using a FIFO queue because I dont know how to create ... Ok, I am having a hard time justifying purchasing the pro product here when I cant do something as simple ... I have created a fifo queue using the only instructions I could find on the net regarding it. found ...	ASW3382 Posts	10	5 months ago...
How to monitor logs in other machine? In: SplunkPreview (Not tagged) //It would be nice to have a client that can be deployed to a group of macnines with a preset configuration. ...	halcyon8 Posts	7	5 months ago...
Bugs In: SplunkPreview (Not tagged) Along these lines, a password change to the current logged on account causes crawl link to break until ... Found the default U/P here //www.splunk.com/doc/print/3.2.6/admin// spoke too soon, fixed the local browser issue, problem with IE. Still having issues with u/p or maybe just ID10T errors as it seem other people are runing the preview just fine. I installed on ...	ASW3382 Posts	3	5 months ago...
Windows Mass Deployment In: SplunkAdministration (Not tagged) Sorry, just saw your post today :) Did you get this all done? I don't have a script yet. But if you ... Also with splunk, (newbie here), I am assuming the upgrades are just a matter of pushing the data to ... Well I can only speak for my environments, pretty small so far >1000 nodes. But my app pushes have ... I handle all my inventory checks with a 3rd party inventory software, Spiceworks. GPO works well for ... You can push them out via GPO easily. You can then set the instance (I am guessing as a forwarder) ...	xplodersuv Posts	9	5 months ago...
Splunk not firing In: SplunkAdministration (Not tagged) //Turns out I need the 'http://' in front of that and it works fine.// Bah you IE users ;) j/k ... The installer should have opened a browser, if it didn't I would guess that the installation had issues. ... Clicking splunk in the start menu just starts the service. If you want the webgui you need to open ...	jamesvdm Posts	7	5 months ago...
AD Guide In: SplunkAdministration (Not tagged) OK here is precisely what I was looking for and found. I will document here for fellow newbies. Below ... I use other applications to monitor many boxes via WMI calls. Of course this is a kind of round robin ... Ok this was great and all until I hit the hitch that receiving is only enabled in the enterprise version. Am ... Perfect thanks! in my 'obtuseness' I did not understand that from the documentation. I will have to ... I am new to splunk and it seems to be a fantastic product in my demoing of it. However, I am running ...	ASW3382 Posts	6	5 months ago...

close

Splunk.com