Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Disabled input methods/scripts throwing errors within Splunk ES

rturk
Builder
‎10-01-2014 02:15 AM

Hi All,

I have a pretty generic Splunk for Enterprise Security implementation. Every hour I get prompted with a whole bunch of messages such as the ones below:

alt text

I believe I have disabled all inputs that call on these binaries and scripts (checked using ./splunk cmd btool inputs list) and yet I still get them... can anyone suggest a possible culprit?

Cheers 🙂 RT

0 Karma
Reply

ekost
Splunk Employee
Splunk Employee
‎10-01-2014 02:28 PM

There was a bug with Windows modular inputs and the Splunk App for Enterprise Security. They were fixed with the releases of Splunk Enterprise 6.0.5 and 6.1.3, and is marked as fixed in the Enterprise Security 3.1 Release Notes under SOLNESS-4629.

Reply

rturk
Builder
‎10-01-2014 03:01 PM

Hi ekost - thanks for that. I should have specified we're running the latest versions of both. I'll log a formal ticket with support today. Thanks again 🙂

0 Karma
Reply
Get Updates on the Splunk Community!

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...

.conf24 | Personalize your .conf experience with Learning Paths!

Personalize your .conf24 Experience Learning paths allow you to level up your skill sets and dive deeper ...

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

WATCH NOWAs AI starts tackling low level alerts, it's more critical than ever to uplevel your threat hunting ...