All Apps and Add-ons

Website Monitoring Installation issue

garasym
Engager

Dear professionals,

I have found interesting to use Website Monitoring App. Installed App, connected it with new (created by myself) index but there were no data at App Dashboard. Looking at search string showed that there were unexisting index "web_ping". Athough I could find several logs through Splunk search engine.

The question is: am I doing everything the right way?

Thanks!

Tags (1)
0 Karma

LukeMurphey
Champion

Did you define your own index? if so, you will need to add the index to your account's list of indexes to search by default. You can add it by using the Splunk Manager:

  1. Go to Users and authentication » Access controls » Roles
  2. Select the role you want to change (user, admin, etc.)
  3. Add the index to "Indexes searched by default"

To test if that works, run a search for logs with sourcetype of "web_ping" (without specifying the index):

sourcetype=web_ping

LukeMurphey
Champion

You shouldn't need a custom index at all. I would recommend leaving it such that the data gets sent to the main index. The app looks for data that is sourcetyped "web_ping" regardless of the index.

0 Karma

splunkselva
New Member

Hi Luke,

if app installed at search head, data flow will be there in main index or custom index at search head level. If we add more than 100 websites, will it impact any performance ? Or can we install and maintain this app at indexer level ?

0 Karma

garasym
Engager

Luke, thanks!

Unfortunately I use free Splunk version, therefore I can't add index.

May I ask you write step-by-step App installation process on Splunk - best practice?

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Think Like an Architect: Introducing the Splunk Certified Cybersecurity Defense ...

In cybersecurity, defenders respond to threats. Architects design the systems that stop them.    As ...

Best Practices: Splunk auto adjust pipeline queue

When you enable autoAdjustQueue in Splunk, maxSize should be understood as the queue size Splunk starts with ...

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...