Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk Architecture Documentation

jonathon
Path Finder
‎08-06-2012 12:56 PM

I am interested in finding out more about how the splunk processes (splunkweb, splunkd, etc) work together to provide the overall splunk service. This includes the various logfiles, and ports. I've looked through the splunk docs site and see quite a bit of information and manuals there but I'm looking for a bit more of a detailed overview than what I see here:

http://www.splunk.com/view/SP-CAAABF9

and here:

http://docs.splunk.com/Documentation/Splunk/latest/installation/Splunksarchitectureandwhatgetsinstal...

Specifically, I'm looking for a deeper dive into ports, inter-communication and what to look for in truss/struss/strace, etc to determine how healthy the environment, and ultimately splunk service, is.

Any help would be greatly appreciated.

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎08-06-2012 02:50 PM

There is not an overall architecture topic like the one you describe. It sounds as if you are looking for troubleshooting information. There is a What Splunk logs about itself topic in the Troubleshooting Manual that you might want to look at.

There is some port information in the Admin Manual topic, "Change default values."

If you're having a specific issue with Splunk crashing, you might want to contact Splunk Support.

0 Karma
Reply

jonathon
Path Finder
‎08-06-2012 02:53 PM

Thanks Chris,

I've glanced at the "What Splunk logs about itself" topic once before. I'll go through it again. I looked it over before installing Splunk on Splunk. I'll also check out the admin guide topic.

Thank you very much!

Jonathon

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...