About buysse

buysse · ‎11-10-2018

Was there anything in the documentation about this change? It kind of seems like a big one, and I don't see anything in upgrade notes or anything in the release notes, and it's kind of biting me right now.

buysse · ‎03-27-2018

I don't believe that there is any version of the forwarder available that will work on that old of a system. HP (HPE) ended all support for Tru64 at the end of 2012. Unfortunately, the best answer is to upgrade your system to something supportable. Assuming that's not possible, your best bet to get logs to Splunk would be to use syslog from the Tru64 machine to a Splunk syslog target (preferably an intermediate forwarder).

buysse · ‎06-09-2017

transtrophe - I'm late to this party, but did you ever file this as an enhancement request? I'll happily pile on if you did.

buysse · ‎10-12-2016

lukasz92 - did reinstalling work to eliminate the artifacts? We're seeing the same thing. What versions were you running (our forwarders are on 6.3.2, indexers on 6.4.3)?

buysse · ‎09-22-2016

This is an old question, but the HTTP event collector is a good answer (and didn't exist at the time the last answers were added.) Rather than parsing a log, it's a HTTP POST to an endpoint. Docs are here: http://docs.splunk.com/Documentation/Splunk/6.4.3/Data/UsetheHTTPEventCollector .

Posts	5
Solutions	1
Karma Given	2
Karma Received	1
Member Since	‎06-08-2011

Online Status	Offline
Date Last Visited	‎02-12-2022 02:05 PM

Re: Why are my source types missing after upgradin...

Re: What are the steps to install a universal forw...

Re: Is there a method to change the pass4SymmKey v...

Re: How to troubleshoot why we are seeing unexpect...

Re: Possible to stream data into Splunk (like Grap...