Monitoring Splunk
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Are Splunk Manager error messages logged anywhere?

Ant1D
Motivator
‎02-03-2012 06:46 AM

Hey,

In the past, when I have opened the Splunk Manager page in Splunk web, I have seen a red error message appear at the top of the screen with the following example error:

Misconfigured view 'view_1' - Unknown parameter 'width' is defined for module SimpleResultsTable. Make sure the parameter is specified in SimpleResultsTable.conf.

Do these error messages get logged in Splunk's internal indexes (e.g. _internal, _audit)?

It would be good to know if these messages are logged anywhere. I am using Splunk v4.2.1

Thanks in advance for your help.

Reply

drutstein
Explorer
‎04-16-2024 01:52 PM

It doesn't appear that these get logged since the bulletin board does not log these into an index, but they are accessible via REST:

| rest /services/admin/messages splunk_server=local

 

More details found here:
https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/managebulletins/

0 Karma
Reply

jrodman
Splunk Employee
Splunk Employee
‎05-05-2015 03:01 PM

Years later.. No. The bulletin board messages are not attached to a log. The code paths that produce bulletin board messages need to pass the relevant information to logging channels when appropriate as well as the bulletin board. Thus, some messages (for example search output) may appear in search.log for relevant searches, and many important status messages from the backend are written to splunkd.log as well as the messages system.

For the old python modules system that would have been handling that sort of view validation when this question was asked, it should have logged to web_service.log, but apparently did not.

0 Karma
Reply

araitz
Splunk Employee
Splunk Employee
‎02-03-2012 03:28 PM

Try:

index=_internal source=*web_service.log
0 Karma
Reply

Ant1D
Motivator
‎02-10-2012 02:51 AM

Thanks, I tried this but I couldn't find any errors that I have seen in Splunk Manager.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎02-03-2012 02:15 PM

My guess is that this would be in python.log, which is indexed in _internal. There's some information that might help in the Troubleshooting Manual: http://docs.splunk.com/Documentation/Splunk/latest/Troubleshooting/WhatSplunklogsaboutitself.

0 Karma
Reply

Ant1D
Motivator
‎02-10-2012 03:32 AM

Thanks, I tried having a look at python.log but couldn't find any similar error messages.

0 Karma
Reply
Get Updates on the Splunk Community!

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...

Explore the Latest Educational Offerings from Splunk (November Releases)

At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of ...