The dojo of Splunk. Learn, share, teach, mentor.
-
Alexander Szoenyi
- Vienna
- Austria
- Share
- Share on Twitter
- Share on Facebook
- Blog Posts (1)
- Discussions (6)
- Events
- Groups
- Videos
Alexander Szoenyi's Page
Gifts Received
Alexander Szoenyi has not received any gifts yet
Latest Activity
Hello,
In the Forum are so many questions about installing Splunk in a environment.
I have make a PPT for typical Scenarios for this questions.
Splunk install Scenarios.pdf
I hope it will be usefull.
regards Alexander
Hello,
1. You can install so many FW you need, it is not a license question, you are only license Data/day for indexing at the Splunk Indexer.
2. You new scenario is correct.
3. If the customer do not want to invest in a new System for MS FW, use…
Hello,
What Linux do you have ?
If you have a rpm or dep you can make a remote install script for that.
example: rpm -i ftp://xx.xx.xx.xx/splunk.rpm
or dpkg -i ftp://xx.xx.xx.xx/splunk.deb
Please read also the documentation for ./splunk help
Or…
Hello,
For your POC, install a Splunk FW on a MS OS System and configure evt/evtx, WMI and ADMON.EXE.
you need for this max. 1 hour.
Install on the Splunk Indexer the Windows APP.
With this little tasks your POC is working ;-)))
regards Alexander
Hello,
Please read the online Documation about deployment server.
http://www.splunk.com/base/Documentation/latest/Admin/Aboutdeploymentserver
regards Alexander
Hello,
1. You can export the evt and evtx, only to a Splunk with MS OS, because the evt and evtx are binarys and only on Windows you can transform this.
2. For WMI you need a Splunk Indexer with MS OS or a Splunk FW on MS OS, WMI works only on MS…
Hello,
Point 1
Go to the Search App -> Status -> Inputs Activity.
There you can find the "Most recently ignored files".
or use this search
index="_internal" source="*splunkd.log" earliest=-24h Component="fileclassifiermanager" Message="invalid f…
Profile Information
- Are you an existing splunk user?
- Licensed
- What do you do for your day job?
- Business Development Manager
- Web / Blog Address
- http://www.spp.at/splunk/
SPP Splunk Reseller, Consulting and Development
SPP is a Austria Company, based in Vienna.
We over Services, Consulting, Development and License for Splunk in
Austria, Hungary, Czech Republic, Slovakia, Slovenia, Ukraine and Rumania .
http://www.spp.at/splunk
mailto:a.szoenyi@spp.at
We over Services, Consulting, Development and License for Splunk in
Austria, Hungary, Czech Republic, Slovakia, Slovenia, Ukraine and Rumania .
http://www.spp.at/splunk
mailto:a.szoenyi@spp.at
Alexander Szoenyi's Blog
Install Scenarios for Splunk
Hello,
In the Forum are so many questions about installing Splunk in a environment.
I have make a PPT for typical Scenarios for this questions.
Splunk install Scenarios.pdf
I hope it will be usefull.
regards Alexander
In the Forum are so many questions about installing Splunk in a environment.
I have make a PPT for typical Scenarios for this questions.
Splunk install Scenarios.pdf
I hope it will be usefull.
regards Alexander
Posted on February 4, 2010 at 1:19am —
Comment Wall
- No comments yet!
About
Latest Splunk Community Postings
Latest Splunk Forum Posts
Events
© 2010 Created by Michael Wilde on Ning. Create a Ning Network!
