Monitoring Splunk

Community Activity

What does it mean searchparsetmp in the StreamedSearch in _internal events? Splunk Enterprise OnPrem 9.0.1.We are troubleshooting an issue where some alerts are beign triggered incorrectly, and... by joshiro Communicator in Monitoring Splunk 01-18-2023 0 0	0	0
Why is indexer receiving high small bucket creation warning? I am running a single instance Splunk Enterprise deployment (v. 8.1.3). On the main GUI dashboard, I am getting a Red... by mike_k Path Finder in Monitoring Splunk 01-18-2023 0 2	0	2
How to verify whether the soft deleted data purged from Buckets? Hi Team,I have deleted few old data using "delete" command in Splunk. But i like to know whether any way to check if ... by jeyakumar8 Loves-to-Learn Everything in Monitoring Splunk 01-17-2023 0 1	0	1
How to use multiple AND & OR condition? Hello, I'm looking to create a query that helps to search the following conditions.For example, get the address for1.... by fivesevenfeeeet Engager in Monitoring Splunk 01-13-2023 0 2	0	2
What does historical mode mean in the Scheduled Activity dashboard in DMC? We are trying to troubleshoot some memory consumption issues with one of the SH cluster nodes.We found that this inst... by joshiro Communicator in Monitoring Splunk 01-13-2023 0 4	0	4
The monitor input cannot produce data because splunkd's processing queues are full, what do I do to solve this? I have and issues with red status : The monitor input cannot produce data because splunkd's processing queues are f... by abazgwa21cz Explorer in Monitoring Splunk 01-12-2023 0 3	0	3
How to remove source on data summary? Hi, I have the following problem: Is there any way to remove these garbage sources, after one wrong log push, I had... by quangtran Explorer in Monitoring Splunk 01-11-2023 0 2	0	2
Is there an app/addon that summarizes index of log volumes - by host/by sourcetype? HI I was about to create a summary index for log sizes/counts by host and by sourcetype. I require this for alerting ... by bevan_broun_sit Loves-to-Learn Lots in Monitoring Splunk 01-10-2023 0 4	0	4
How can I count No. of times splunk has been restarted? I'm trying to create a dashboard that displays the data for splunk restart the current search I'm using is index="_au... by sjaitly Engager in Monitoring Splunk 01-10-2023 0 1	0	1
How to achieve event logs report if threshold match? Hi Team,I am looking for the help for the Event logs report if threshold match.I tried both way with creating a repor... by cbiraris Path Finder in Monitoring Splunk 01-05-2023 0 3	0	3
How to find difference of date in same table as another column? I have 1 table having current date when in maintenance and another is last date when it started and looking new value... by nikhil29 Loves-to-Learn Everything in Monitoring Splunk 01-05-2023 0 7	0	7
Splunk Indexer server crashes and keep going down Hello, I have a server indexer that crashes from time to time, what is the best way to investigate what caused the pr... by Zarack Engager in Monitoring Splunk 12-29-2022 0 1	0	1
How to clear orphan scheduled searches that you cannot find, anywhere? Hi,I have an annoying alert that is firing whenever 2 orphaned searches run on their cron schedule.I have reassigned ... by Glasses2 Communicator in Monitoring Splunk 12-21-2022 0 1	0	1
How can I disable this error: The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch. Hi, Is there any current instructions on how to disable this error message that I keep receiving. Where can I edit th... by OgoSplunk Path Finder in Monitoring Splunk 12-20-2022 0 1	0	1
TrackMe - insert hosts into trackme_host_monitoring? Can anyone offer any guidance on what fields would be considered 'required' for inserting a record into the TrackMe '... by jbuxton Explorer in Monitoring Splunk 12-20-2022 0 0	0	0
Why is my indexer randomly crashing? Hello everyone, currently our Indexers keep crashing randomly. We're only running Linux OS, within Splunk 9.0.2. Any... by brennson90 Path Finder in Monitoring Splunk 12-20-2022 0 4	0	4
What is counted to user's disk usage quota Hi all, trying to understand what contributes to this quota: 1. If a user share an adhoc search result through the Sh... by Motoko89 Path Finder in Monitoring Splunk 12-16-2022 2 1	2	1
Could not load lookup=LOOKUP-itsi_kpi_attributes? so it says Could not load lookup=LOOKUP-itsi_kpi_attributes looking around find there are pointers i think. but ... by domino30 Path Finder in Monitoring Splunk 12-15-2022 0 1	0	1
How can I see why our license usage went up? Hello!Last week (12/8/2022) my license usage went through the roof, for one source type that used 24 GB. On the other... by ichesla1111 Path Finder in Monitoring Splunk 12-15-2022 0 3	0	3
Indexers BatchAdding problem Hi Splunkers.I have an indexer cluster and all of sudden all of them goes up and down and stuck in BatchAdding status... by m_zandinia Path Finder in Monitoring Splunk 12-15-2022 0 2	0	2
Are there any sample logs for SalesForce and Cisco Secure Email? Good day, I am working on a Splunk project, end to end from log ingestion to creating searcheads and dashboards. I ne... by kambizzle09 Observer in Monitoring Splunk 12-14-2022 0 0	0	0
How to do loop on array? How to loop the array values after split with delimiter \| eval json="{"key1":"key1value","key2":"key2value","key3":"... by bhanusaketi Loves-to-Learn in Monitoring Splunk 12-13-2022 0 1	0	1
How important are the TCPOutAutoLB Health Warnings? Hi,I have seen yellow and red health warnings for TCPOutAutoLB-0 for sometime. We identified a few issues like a HF ... by Glasses2 Communicator in Monitoring Splunk 12-13-2022 0 0	0	0
How to calculate size of index via REST API? I need to calculate the size of a clustered index, and I used this API for it:/services/cluster/manager/indexes (http... by Commvault Observer in Monitoring Splunk 12-12-2022 0 0	0	0
How to find how much storage is used from logs? I have a index which would return logs. I would like to know how much storage is used for logs in a specific time ran... by xwang333 Engager in Monitoring Splunk 12-01-2022 0 1	0	1