Hello there,
I know its possible to set up monitoring / health checks on Splunk Enterprise, but is this a function that can be set up for Splunk Cloud? if so what would the process(s) be as all i can find is referrence to Splunk Enterprise.
Many Thanks.
Sting 663
Splunk monitors your cloud instances for you. You can do some of your own monitoring using the Cloud Monitoring Console app.
What, specifically, do you want to monitor/check?
Thanks Rich,
We had a challenge where we had a Heavy Forwarder down for x amount of days not forwarding logs but there no indication from our cloud service of this so looking at safeguards on how this can be prevented the next time around.
Cheers,
Sting 663
The CMC app can monitor forwarders similarly to how the MC does so in on-prem instances.
You also can do it yourself, by monitoring the number of messages in index=_internal from each forwarder (assuming they're forwarding their own logs).
CMC is enabled but monitors throughput and indexing performance – this is not for system availability.
Go to the Forwarders:Deployment dashboard in the CMC to see the status of your forwarders.