Hello - As the subject states, does Splunk send your daily usage etc to corp on a nightly schedule?
The reason I ask is that I am new to Splunk, (learning it for enterprise clients) and ran into something odd.
I set up Splunk last week (using Vagrant locally) and connected my router to it for sys logs. Digging through all the logs found that something appears on my network at the same time every early AM and connects to a few IP's (AWS mostly but one had a few references for Splunk) for a few minutes then goes away.
Now this could have been on my network without my knowledge but the IP's at AWS and one that came up for Splunk have made me want to dig into this router a little further first.
Thank you in advance!
- Justin
If that's happening around 3:05am, you've probably opted in to sharing usage, performance, or license data with Splunk: http://docs.splunk.com/Documentation/Splunk/6.5.1/Admin/Shareperformancedata
If that's happening around 3:05am, you've probably opted in to sharing usage, performance, or license data with Splunk: http://docs.splunk.com/Documentation/Splunk/6.5.1/Admin/Shareperformancedata
There's also update checks, should be apps.splunk.com - AWS IPs behind that.
Good to know, thank you for that info.
I actually found out what my "rouge" issue was. It was my kindle syncing, that I thought was off sitting in the closet. 🙂
If nothing else at least now I know about Splunk updates and logging/usage stuff now for clients. 🙂
OK it is not Splunk then. I checked that link and my settings and that is turned off. Thank you for the response!