Learn more about the Splunk Community and how we can help Community Blog Community happenings, product announcements, and Splunk news Learning Paths Discover Community and Learning Resources for your Role User Groups Meet up with other Splunk practitioners, virtually or in-person Office Hours Webinar-style deep dives and workshops for hands-on ...
Splunk Platform users can access Splunk Observability Cloud monitoring metrics in Splunk Dashboard Studio and leverage Splunk’s real-time metrics store to build powerful charts alongside SPL dashboards.
Is sub-search possible in Splunk? Yes, is possible, beware only to one thing: the field names in main and sub search must be the same (field names are case sensitive). Can we search the result of a secondary or inner query as the input to the primary or outer question? yes, remember only that a sunsearch has the limit of 50,000 results.
The Splunk Product Best Practices team helped produce this response. Read more about example use cases in the Splunk Platform Use Cases manual. For more information on this and other examples, download the free Splunk Security Essentials app on Splunkbase. Discovering real credentials is a key component for any attacker. A time-honored way to find weak passwords is to try hundreds of common ...
Good Evening, I am in the process of scheduling a test for a Splunk Certification with Pearson Vue and would like to know how I can locate my Splunk ID? Thank You that would be a great help.
A side question, besides creating the /etc/init.d/splunk file, does the /opt/splunk/splunkforwarder/bin/splunk enable boot-start -user splnkfwd do anything else?
I'm a Splunk administrator, not a Windows administrator, so my Windows knowledge is limited. Nonetheless, many teams can benefit from having Windows Event Log data in Splunk. What are the best practices to collect basic Event Log data from Windows endpoints?
In an indexer cluster, remove the app from $SPLUNK_HOME/etc/manager-apps (or master-apps) and push the bundle. For universal forwarders, remove the app from the appropriate server class (es).
