Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Monitor Splunk

taka
Explorer
‎06-10-2024 11:30 PM

I want to monitor Splunk Enterprise in a cluster environment. I monitor the Splunk infrastructure with Newrelic, and I also want to use the DMC health check item.

Where can I get the health check item other than by updating it? Also, please let me know if there are any other ways to monitor Splunk.

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

deepakc
Builder
‎06-10-2024 11:41 PM

You can start by having a look at the many API's endpoints available for the aspects of Splunk, and yes we mainly use the monitoring console for cluster -checks and health + others - which uses API's for checks

Have a look at the below API endpoints, as a starting point. 

#Cluster Specific 
https://docs.splunk.com/Documentation/Splunk/9.0.2/RESTREF/RESTcluster#cluster.2Fmanager.2Fhealth 

 

 #Other API endpoints 

https://docs.splunk.com/Documentation/Splunk/9.0.2/RESTREF/RESTlist#MLOC 

View solution in original post

Reply
Solved! Jump to solution

taka
Explorer
‎06-11-2024 01:23 AM

Hello deepakc

Thank you for your immediate reply!
Do you have any prerequisites or concerns when implementing monitoring of that API endpoint?

0 Karma
Reply
Solved! Jump to solution

deepakc
Builder
‎06-11-2024 01:44 AM

These would come to mind first - there's plenty more, you can explore the others and use them as you as you see fit. 

1. Check the overall health

/services/cluster/manager/health

2. Check Cluster Status of the peers (Indexers

/services/cluster/manager/peers

3. Check the indexing status

/services/cluster/manager/indexes

4. Check the Replication and Search Factor status

/services/cluster/manager/status

You can also check the CM's resources (CPU/MEM etc)
5. Check Resource Utilisation on the CM

/services/server/status/resource-usage/hostwide

 

Reply
Solved! Jump to solution
Solution

deepakc
Builder
‎06-10-2024 11:41 PM

You can start by having a look at the many API's endpoints available for the aspects of Splunk, and yes we mainly use the monitoring console for cluster -checks and health + others - which uses API's for checks

Have a look at the below API endpoints, as a starting point. 

#Cluster Specific 
https://docs.splunk.com/Documentation/Splunk/9.0.2/RESTREF/RESTcluster#cluster.2Fmanager.2Fhealth 

 

 #Other API endpoints 

https://docs.splunk.com/Documentation/Splunk/9.0.2/RESTREF/RESTlist#MLOC 

Reply
Solved! Jump to solution

deepakc
Builder
‎06-11-2024 03:01 AM

I forgot to mention in terms of pre-reqs: 

1. Newrelic should have some way of using API calls, you can use Splunk Tokens for API use and as a way of authentication  - see below link for info 

https://docs.splunk.com/Documentation/Splunk/9.2.1/Security/CreateAuthTokens  

Reply
Get Updates on the Splunk Community!

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Shape the Future of Splunk: Join the Product Research Lab!

Join the Splunk Product Research Lab and connect with us in the Slack channel #product-research-lab to get ...