Monitoring Splunk

Start a Conversation

Discussions

Start a Conversation

Thread Info

Splunk Load Balancer Forwarder Performance Problem

Hey Splunkers, Anyone who knows about setting up splunk forwarder as a load balancer to aggregate lower forwarder?...

by Communicator in

about splunk improve performance

Hi Specifically Is there a way to improve performance? Two of the indexer and search my splunk configuration...

by Communicator in

Disk IO requirements

Hi, I am planning to install a Splunk indexer on a VM machine and get data from forwarders which are installed on App...

by Engager in

Deployment Monitor not displaying all forwarders

We recently made a copy of our production environment. We are running in AWS. An individual made copies of each prod ...

by Path Finder in

Expected performance?

Is there any way to predetermine what performance to expect from Splunk? We have just installed Splunk, distributed o...

by Communicator in

btool returns partial information (permissions issue?)

Hi. Recently I ran btool to see just what stanzas were being honored in various inputs.conf files. My command was:...

by Path Finder in

Synchronize between 2 sourcetypes over a time

There is one query that I am trying to execute, which gives the CPU and Memory Usage. But there is no sync in the tim...

by Communicator in

cpu utilization

Hi while seeing CPU utilization of my server in spunk, i am getting following fields, can you please explain s...

by Path Finder in

Perform minimum disk space checks manually

Hello, is there a possibility to run minimum disk space checks manually? Or, somehow, is there a possibility to disab...

by Explorer in

Windows 2008 event filtering

Trying to throw away events not wanted from a server - not working. props.conf [WinEventLog:Security] TRANSFORMS-n...

by New Member in

Performance Data health not getting updated in Splunk app for Websphere

I see the websphere index getting updated in my splunk admin window. The logs and sources are there in the WAS app fo...

by Explorer in

splunkd down, why ?

hi in splunkd.log and crash.log this log are full then splunkd down... What does this mean? crash.log...

by Communicator in

splunk consuming more disk space- compress indexed data

Hello, Couple of months back we deployed a new splunk server 4.2.3 on RHEL 5 server and our old splunk version is ...

by Explorer in

did something change with the audit file keys between 4.2 and 4.3

I tried copying over the audit keys from a 4.2 box to a 4.3 box and I am getting Last few lines of stderr (may co...

by Path Finder in

Log File Monitoring

Hi, I am running the following saved search every 10 minutes which will send an email if *xception is found in th...

by Path Finder in

3 monitor stanzas of the same folder but only one sourcetype getting indexed. Why?

It seems that Splunk is only indexing the sourcetype defined last (in this example, it's WebSphere:SystemOutErrLog) w...

by Splunk Employee in

internal splunk sockets stuck in CLOSE_WAIT

Why does splunkd close internal sockets before the receive queue has been emptied? This appears to leave them laying ...

by Engager in

daily on-disk rate for a given index?

I know how to get my indexing volume per index. Here's what I use. index="_internal" source="*metrics.log" per_ind...

by Communicator in

Out of disk space - Move to NAS

Hello, I am currently running a trial of Splunk which finishes at the end of the week. This morning there is a mes...

by Communicator in

Forwarding Search Heads Crash Often Since 4.3 -- Anyone else?

Anyone else getting dead splunkds? Unfortunately, the splunkd log isn't giving any useful info. Tips on where else to...

by Influencer in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Splunk Load Balancer Forwarder Performance Problem

about splunk improve performance

Disk IO requirements

Deployment Monitor not displaying all forwarders

Expected performance?

btool returns partial information (permissions issue?)

Synchronize between 2 sourcetypes over a time

cpu utilization

Perform minimum disk space checks manually

Windows 2008 event filtering

Performance Data health not getting updated in Splunk app for Websphere

splunkd down, why ?

splunk consuming more disk space- compress indexed data

did something change with the audit file keys between 4.2 and 4.3

Log File Monitoring

3 monitor stanzas of the same folder but only one sourcetype getting indexed. Why?

internal splunk sockets stuck in CLOSE_WAIT

daily on-disk rate for a given index?

Out of disk space - Move to NAS

Forwarding Search Heads Crash Often Since 4.3 -- Anyone else?

Using Machine Learning for Hunting Security Threats

Observability Newsletter Highlights | March 2023

Security Newsletter Updates | March 2023

Splunk alert for multiple time?

What does it mean searchparsetmp in the StreamedSe...

TrackMe - insert hosts into trackme_host_monitorin...

Are there any sample logs for SalesForce and Cisco...

How important are the TCPOutAutoLB Health Warnings...