by Kristof Vandenborn | Jul 29, 2023 | Apple, Mac, MacOS
This question came up at work the other day, and I did not know the answer to it. Now I do ;). Here are the steps to do it. First we create a few files to work with. The files are empty but that does not matter for now: touch file1.txt touch file2.txt touch file3.txt...
by Kristof Vandenborn | Jul 28, 2023 | Big Data, Splunk
In the article about roles. we treated a decent amount of different roles. But up until now we did not see yet who is responsible for getting the data to the indexers. Here is where forwarders come in. Universal Forwarder (UF) The Splunk Universal Forwarder is a very...
by Kristof Vandenborn | Jul 26, 2023 | Big Data, Splunk
In a distributed environment we will no longer have all functions performed by the same server, Each server will be designated one or more roles. These roles are also important from a monitoring perspective. As we will see in a later article Splunk’s Monitoring...
by Kristof Vandenborn | Jul 22, 2023 | Big Data, Splunk
Splunk has two ways of being deployed. One is a standalone box and the other is called a ‘distributed deployment’. What are the differences? In a standalone deployment you will have one server that does all of the work. In a distributed deployment you will...
by Kristof Vandenborn | Jul 17, 2023 | Big Data, Splunk
In our last article about Splunk metadata we spoke about the sourcetype field being one of the metadadata fields. In our article about getting data in Splunk we also saw that at a certain moment we had to chose a sourcetype for our data. What we did not do was open...
