https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316444#M5274 <P>That's great!</P> <P>So, for example, could we monitor:</P> <UL> <LI>Number of TCP Connections for a server</LI> <LI>Parse the logs to identify the number of open connections</LI> <LI> Specific errors</LI> </UL> <P>...and have, say, the number of TCP connections displayed in a graph format (e.g. time vs number of connections)? And we don't need the REST API to do that, we can just write that ourselves?</P> <P>Any ideas on how to get started?</P> Tue, 11 Apr 2017 05:56:43 GMT Alexw1900 2017-04-11T05:56:43Z https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316442#M5272 <P>Hello</P> <P>We currently run an on-prem application with the following tiers;</P> <P>Client - App servers - Database servers</P> <P>The App servers are Windows 2012, the Database is SQL 2008 on Windows 2012.</P> <P>At the moment, we have a bespoke monitoring tool that ingests logs from the App/Database servers and displays the pertinent information graphically on a web interface. We have also set up alerts for specific log entries.</P> <P>Our organisations uses SPLUNK so I was thinking of a way of ingesting the logs to a SPLUNK repository and then writing a custom tool that could display the same information. This way, we can decomm one more bespoke monitoring platform.</P> <P>Has anyone had any experience of this or point me in the right direction? I understand that SPLUNK has Rest API's to hook into that I'm hoping can help.</P> Sun, 09 Apr 2017 19:55:31 GMT https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316442#M5272 Alexw1900 2017-04-09T19:55:31Z https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316443#M5273 <P>Welcome to the real monitoring tool mate :). We have used Splunk as monitoring tool for 1000's of systems and have got near real time data and alerting</P> <P>Well, you can use Splunk to any level of monitoring. You don't need to write any kind of custom tool in my opinion nor REST api, once you see the data. Few options for you</P> <UL> <LI>Get all the data for your application into Splunk (Using Splunk Universal Forwader OR syslog or DBconnect or any other methods)</LI> <LI>Write searches and dashboards to view what you requite for monitoring</LI> <LI>Write searches and alerts to alert you</LI> <LI>Create reports for your team and management</LI> <LI>If you require service modelling (impact analysis based approach) lot of free apps are available within splunk. Or there is official ITSI app which can do all wonders</LI> <LI>if none of above is sufficient you can look into REST api or custom tool.</LI> <LI>Any queries/help with searches post in this forum</LI> </UL> Sun, 09 Apr 2017 21:33:16 GMT https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316443#M5273 koshyk 2017-04-09T21:33:16Z https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316444#M5274 <P>That's great!</P> <P>So, for example, could we monitor:</P> <UL> <LI>Number of TCP Connections for a server</LI> <LI>Parse the logs to identify the number of open connections</LI> <LI> Specific errors</LI> </UL> <P>...and have, say, the number of TCP connections displayed in a graph format (e.g. time vs number of connections)? And we don't need the REST API to do that, we can just write that ourselves?</P> <P>Any ideas on how to get started?</P> Tue, 11 Apr 2017 05:56:43 GMT https://community.splunk.com/t5/Monitoring-Splunk/Using-Splunk-as-a-monitoring-tool/m-p/316444#M5274 Alexw1900 2017-04-11T05:56:43Z