Hi ,
I need some insights on useful alerts to be created to monitor logs and indexing in common..
We have huge logs indexed daily. What kind to alerts can be created to monitor those in common.
need some use case.
Thanks
Mala S
Any general alerts to monitor incoming logs/indexed logs which is helpful for Splunk admins
for example: Detect the lag in indexing and alert on it.
The Alerts for Splunk Admins app (https://splunkbase.splunk.com/app/3796/) as a ton of examples.
What do you mean by "indexing in common"? In common with what?