Monitoring Splunk

Thread Info

Monitoring Console (MC) not recognizing Search Head Cluster (SHC) Label

I'm guessing I'm overlooking something obvious here, so reaching out to the community for an extra set of eyes. I ...

by Splunk Employee in

How to get started Monitoring Certificates in Splunk?

Hi Splunk world I am new to splunk Could you please help me get started on how to monitor the certificates on t...

by New Member in

Splunk universal forwarder active status suddenly changed to disappear and active again?

Hi all, we are having a little trouble finding the cause of the active universal forwarder status changing to disa...

by Engager in

Splunk Syslog- Does anyone know of a way that I can check if a system is reporting into my log server?

Does anyone know of a way that I can check if a system is reporting into my log server

by New Member in

Splunk alert for multiple time?

Thanks in advance. We have scenario that we need to send alerts multiple times . 1. Lagging E.g Lets pu...

by Builder in

Not all metrics not being captured using Splunk Add-On for Unix & Linux?

Hi, We deployed the Splunk Add-On for Unix & Linux on a few AIX & Netezza servers as noticed a few issues with mis...

by Path Finder in

How do I verify the forwarder is sending data to the indexer?

How do i verify the forwarder is sending data to the Indexer? What search do i need to perform other then Forwarder M...

by Explorer in

Why am I getting this error?

02-10-2022 09:00:35.120 -0500 INFO TailingProcessor [5728 MainTailingThread] - Adding watch on path: C:\.

by Communicator in

How do i check Splunk Compliance and how do i better manage licensing?

Hello, I'm a new Splunk Compliance Manager and I need some assistance. How do i check Splunk Compliance and how do i ...

by Explorer in

Clarity on Splunk CM, LM, MC?

HiI'm Splunk newbie. I'm confused about MC, CM, and LM, so I'm asking a question. 1. Is it true that the monito...

by Path Finder in

Indexing or forwarding rate- How to fix errors that occurred when uploading directory from ubuntu to monitor?

Hi Team, I 'm new to Splunk and need little guidance with fixing errors that occurred when I uploaded a directory...

by Loves-to-Learn in

Why is difficult getting cluster to work?

Yes indexer clustering. I set up 3 win 10 machines with Splunk Enterprise on them and got them to initially connect t...

by Path Finder in

How do I export all alerts to csv or pdf?

Hi All,My Splunk cloud is version 9.0.2208.4.My account role is sc_admin already. I have around 200 alerts on the al...

by Explorer in

How can I monitor if someone is using wireless keyboard or mouse ?

Hi, Is there any way to control if users are using wireless keyboard or mouse ?

by New Member in

Why does Universal Forwarders complain about missing stanza [distributedSearch] in distsearch.conf?

Running the Customer Success Toolkit's error report I noticed a warning on lots of Universal Forwarders that doesn't ...

by Path Finder in

What does it mean searchparsetmp in the StreamedSearch in _internal events?

Splunk Enterprise OnPrem 9.0.1.We are troubleshooting an issue where some alerts are beign triggered incorrectly, and...

by Communicator in

Why is indexer receiving high small bucket creation warning?

I am running a single instance Splunk Enterprise deployment (v. 8.1.3). On the main GUI dashboard, I am getting a ...

by Path Finder in

How to verify whether the soft deleted data purged from Buckets?

Hi Team,I have deleted few old data using "delete" command in Splunk. But i like to know whether any way to check if ...

by Loves-to-Learn Everything in

How to use multiple AND & OR condition?

Hello, I'm looking to create a query that helps to search the following conditions. For example, get the address fo...

by Engager in

What does historical mode mean in the Scheduled Activity dashboard in DMC?

We are trying to troubleshoot some memory consumption issues with one of the SH cluster nodes.We found that this inst...

by Communicator in

The monitor input cannot produce data because splunkd's processing queues are full, what do I do to solve this?

I have and issues with red status : The monitor input cannot produce data because splunkd's processing queues are f...

by Explorer in

How to remove source on data summary?

Hi, I have the following problem: Is there any way to remove these garbage sources, after one wrong log p...

by Explorer in

Is there an app/addon that summarizes index of log volumes - by host/by sourcetype?

HI I was about to create a summary index for log sizes/counts by host and by sourcetype. I require this for alerti...

by Loves-to-Learn Lots in

How can I count No. of times splunk has been restarted?

I'm trying to create a dashboard that displays the data for splunk restart the current search I'm using is index="_au...

by Engager in

How to achieve event logs report if threshold match?

Hi Team,I am looking for the help for the Event logs report if threshold match.I tried both way with creating a repor...

by Path Finder in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

Monitoring Console (MC) not recognizing Search Head Cluster (SHC) Label

How to get started Monitoring Certificates in Splunk?

Splunk universal forwarder active status suddenly changed to disappear and active again?

Splunk Syslog- Does anyone know of a way that I can check if a system is reporting into my log server?

Splunk alert for multiple time?

Not all metrics not being captured using Splunk Add-On for Unix & Linux?

How do I verify the forwarder is sending data to the indexer?

Why am I getting this error?

How do i check Splunk Compliance and how do i better manage licensing?

Clarity on Splunk CM, LM, MC?

Indexing or forwarding rate- How to fix errors that occurred when uploading directory from ubuntu to monitor?

Why is difficult getting cluster to work?

How do I export all alerts to csv or pdf?

How can I monitor if someone is using wireless keyboard or mouse ?

Why does Universal Forwarders complain about missing stanza [distributedSearch] in distsearch.conf?

What does it mean searchparsetmp in the StreamedSearch in _internal events?

Why is indexer receiving high small bucket creation warning?

How to verify whether the soft deleted data purged from Buckets?

How to use multiple AND & OR condition?

What does historical mode mean in the Scheduled Activity dashboard in DMC?

The monitor input cannot produce data because splunkd's processing queues are full, what do I do to solve this?

How to remove source on data summary?

Is there an app/addon that summarizes index of log volumes - by host/by sourcetype?

How can I count No. of times splunk has been restarted?

How to achieve event logs report if threshold match?

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

Splunk Answers Content Calendar, July Edition I

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions