splunkninja

The dojo of Splunk. Learn, share, teach, mentor.

Alexander Szoenyi
  • Vienna
  • Austria
Share
Share on Twitter
Share on Facebook

Alexander Szoenyi's Friends

 

Alexander Szoenyi's Page

Gifts Received

Gift

Alexander Szoenyi has not received any gifts yet

Give Alexander Szoenyi a Gift

Latest Activity

Alexander Szoenyi added a blog post
Hello, If you can not install a Splunk Forwarder at your *NIX Systems, but you want to monitor this systems and include this systems in your Splunk *NIX App, read this Document. Monitor your NIX Systemes with no Forwarder.pdf regards Alexander Sz…
April 22
Alexander Szoenyi added a blog post
Hello,To give you a great start with Splunk, i hope i can help you with this short description, to build your own simple Apps.How to build a simple App for Splunk.pdfHave Fun ;-))best regardsAlexander
March 25
Stefan Baryakov and Alexander Szoenyi are now friends
March 11
Alexander Szoenyi was featured
Congratulate them!
February 7
Alexander Szoenyi added a blog post
Hello, In the Forum are so many questions about installing Splunk in a environment. I have make a PPT for typical Scenarios for this questions. Splunk install Scenarios.pdf I hope it will be usefull. regards Alexander
February 4
Alexander Szoenyi replied to yanu pratomo's discussion 'take log windows to splunk without forwarder'
Hello, 1. You can install so many FW you need, it is not a license question, you are only license Data/day for indexing at the Splunk Indexer. 2. You new scenario is correct. 3. If the customer do not want to invest in a new System for MS FW, use…
February 3
Alexander Szoenyi replied to Hot Splunk's discussion 'Deployment on Linux / *NIX'
Hello, What Linux do you have ? If you have a rpm or dep you can make a remote install script for that. example: rpm -i ftp://xx.xx.xx.xx/splunk.rpm or dpkg -i ftp://xx.xx.xx.xx/splunk.deb Please read also the documentation for ./splunk help Or…
February 3
Alexander Szoenyi replied to yanu pratomo's discussion 'take log windows to splunk without forwarder'
Hello, For your POC, install a Splunk FW on a MS OS System and configure evt/evtx, WMI and ADMON.EXE. you need for this max. 1 hour. Install on the Splunk Indexer the Windows APP. With this little tasks your POC is working ;-))) regards Alexander
February 3
Alexander Szoenyi left a comment for Hot Splunk
February 3
Alexander Szoenyi replied to Hot Splunk's discussion 'Deployment on Linux / *NIX'
Hello, Please read the online Documation about deployment server. http://www.splunk.com/base/Documentation/latest/Admin/Aboutdeploymentserver regards Alexander
February 3
Alexander Szoenyi replied to yanu pratomo's discussion 'take log windows to splunk without forwarder'
Hello, 1. You can export the evt and evtx, only to a Splunk with MS OS, because the evt and evtx are binarys and only on Windows you can transform this. 2. For WMI you need a Splunk Indexer with MS OS or a Splunk FW on MS OS, WMI works only on MS…
February 3
Alexander Szoenyi replied to Dave P's discussion 'Splunk skipping input files & Order of precedence'
Hello, Point 1 Go to the Search App -> Status -> Inputs Activity. There you can find the "Most recently ignored files". or use this search index="_internal" source="*splunkd.log" earliest=-24h Component="fileclassifiermanager" Message="invalid f…
December 29, 2009
Alexander Szoenyi updated their profile
December 29, 2009
Alexander Szoenyi added the App Gmail Chat
December 28, 2009
Alexander Szoenyi updated their profile photo
December 23, 2009
Alexander Szoenyi is now a member of splunkninja
Welcome Them!
December 23, 2009

Profile Information

Are you an existing splunk user?
Licensed
What do you do for your day job?
Business Development Manager
Web / Blog Address
http://www.spp.at/splunk/

SPP Splunk Reseller, Consulting and Development

SPP is a Austria Company, based in Vienna.
We over Services, Consulting, Development and License for Splunk in
Austria, Hungary, Czech Republic, Slovakia, Slovenia, Ukraine and Rumania .

http://www.spp.at/splunk

mailto:a.szoenyi@spp.at

Alexander Szoenyi's Blog

Alexander Szoenyi

Remote System Monitoring (without using a Forwarder from Splunk) ,but works with the *nix App

Hello,


If you can not install a Splunk Forwarder at your *NIX Systems, but you want to monitor this systems and

include this systems in your Splunk *NIX App, read this Document.






rega
Continue

Posted on April 22, 2010 at 3:23am —

Alexander Szoenyi

How to build a simple App in Splunk (Example with Snort)

Hello,

To give you a great start with Splunk, i hope i can help you with this short description, to build your own simple Apps.

How to build a simple App for Splunk.pdf

Have Fun ;-))

best regards

Alexander

Posted on March 25, 2010 at 3:18am —

Alexander Szoenyi

Install Scenarios for Splunk

Hello,

In the Forum are so many questions about installing Splunk in a environment.
I have make a PPT for typical Scenarios for this questions.

Splunk install Scenarios.pdf

I hope it will be usefull.

regards Alexander

Posted on February 4, 2010 at 1:19am —

Comment Wall

You need to be a member of splunkninja to add comments!

Join splunkninja

  • No comments yet!
 
 
 

Videos

Latest Splunk Community Postings

Latest Splunk Forum Posts

Adding additional servers to *Nix app?

Create new Field and Assign existing field in transforms.conf

How do I remove Sources?

Clear Windows Logs?

Create new Field and Assign existing field in transforms.conf

© 2010   Created by Michael Wilde.   Powered by .

Badges  |  Report an Issue  |  Terms of Service

Sign in to chat!