Monitoring Splunk

Community Activity

Search Peer unreachable How do I resolve authentication or pass4SymmKey mismatch between search head and peer?Also getting a situation where ... by gitau_gm Explorer in Monitoring Splunk 07-11-2025 0 1	0	1
Iowait: Sum of 3 highest per-cpu iowaits reached x threshold of n Hello community, I have a question which has been floating around here for quite some time and though I've seen quite... by fatsug Builder in Monitoring Splunk 07-11-2025 0 5	0	5
Deployment server reporting Has anyone figured out how to successfully join the three new _DS indexes into a meaningful report?I would like to cr... by rk60422 Explorer in Monitoring Splunk 07-08-2025 0 3	0	3
Why is the License manager reporting ingest based issues after switch to resource based license? We recently switched over from an ingest based license to a resource based (vCPU) license model in our deployment.The... by fatsug Builder in Monitoring Splunk 07-04-2025 0 2	0	2
What are the fields in _audit that specify the interval for each search? We would like to produce statistics about the usage of Splunk and we would like to categorize the searches by ranges,... by danielbb Motivator in Monitoring Splunk 06-26-2025 0 3	0	3
Splunk shc member abnormal I use metadata to monitor the activity status of member nodes in my cluster, but recently I discovered an exception. ... by meng New Member in Monitoring Splunk 06-25-2025 0 2	0	2
Help me understand the error logs. I am newbie to this env and I'm trying to understand some logs regrading a linux server troubleshoot. A server stoppe... by KishoreSrini Explorer in Monitoring Splunk 06-19-2025 0 4	0	4
How do I tell Splunk to use more CPU cores? I have Splunk 6 Enterprise installed on a system with 2x 10-core 3GHz Xeons, 128GB RAM and a 6x SSD RAID-10. When I ... by kamermans Path Finder in Monitoring Splunk 06-09-2025 2 14	2	14
Detecting Unused Index and Reducing Splunk Log Size Is there a way to detect unused indexes in Splunk via a query? Also, how can we control the growth of log sizes effec... by megha_04 New Member in Monitoring Splunk 06-05-2025 0 3	0	3
How to fetch the date passed in the input token to the search. Hi Team Can you please let me know why i am not able fetch the base_date in the dashoard using the below logic. Pleas... by Real_captain Path Finder in Monitoring Splunk 06-05-2025 0 3	0	3
Monitor for delete attempts Hello,Our company has gone through an audit and one of the auditors has asked us to monitor attempts to delete record... by BB2 Explorer in Monitoring Splunk 05-29-2025 0 11	0	11
How do i create diag file on Splunk edge processor Need assistance to create diag file on splunk edge processor by Mahendra_Penuma New Member in Monitoring Splunk 05-20-2025 0 2	0	2
KVStorageProvider max_size_per_result_mb limit Hello Splunkers,Good Day! I'm getting this error consistent. Out of confusion, those this mean it's the estimated KVS... by whitefang1726 Path Finder in Monitoring Splunk 05-20-2025 0 2	0	2
Does Linux universal forwarder use kernel hook technology? Such as eBPF? Does Linux universal forwarder use kernel hook technology? Such as eBPF?The forwarder version is 8.2.1. by xiyangyang Path Finder in Monitoring Splunk 05-19-2025 0 4	0	4
MSSP reporting Hi all,I’ve recently encountered several challenges since migrating to Splunk Mission Control (MS) and would apprecia... by 666Meow Explorer in Monitoring Splunk 05-15-2025 0 0	0	0
Splunk SOAR dashboard for monitoring Hey Everyone,I would like to build a dashboard or use any pre-defined one in order to collect all the details of the ... by spluser1 Loves-to-Learn in Monitoring Splunk 05-11-2025 0 2	0	2
How parsing log increase size of raw log? Is the size of log after being stored in buckets compared to its raw size a metric I should monitor?This question cam... by Na_Kang_Lim Path Finder in Monitoring Splunk 05-09-2025 0 1	0	1
Is there a way to dynamically control the severity of an alert? We would like to dynamically populate the severity field, is it possible? by danielbb Motivator in Monitoring Splunk 04-29-2025 0 3	0	3
How to avoid sending an empty report? Is there a way to avoid sending an empty report? I'm thinking about converting the report to an alert but the custome... by danielbb Motivator in Monitoring Splunk 04-29-2025 0 2	0	2
Late indexed Hello Splunkers!!Issue DescriptionWe are experiencing a significant delay in data ingestion (>10 hours) for one index... by uagraw01 Motivator in Monitoring Splunk 04-24-2025 0 8	0	8
windows events id's gap We have noticed that some Windows Domain Controller server event logs are not appearing in the Splunk search.For exam... by mshakeb Loves-to-Learn Everything in Monitoring Splunk 04-14-2025 0 2	0	2
How can we find the missing events in splunk Hi,Splunk hasn't captured the 4743 events, indicating computer account deletions that occurred yesterday at 2 pm. Whe... by AL3Z Builder in Monitoring Splunk 04-14-2025 0 11	0	11
Splunk supported S2S protocols and enableOldS2SProtocol (oldest protocol) explained Are you recommending enableOldS2SProtocol=true?Are you implementing enableOldS2SProtocol=true?If yes, read below.Spl... by hrawat Splunk Employee in Monitoring Splunk 04-11-2025 4 3	4	3
Any idea what is causing high memory usage in indexers? We have distributed environment with 4 Splunk Indexers which are consuming high memory . It reaches to 100% and remai... by Ashwini008 Builder in Monitoring Splunk 04-10-2025 0 6	0	6
How to fetch the events with the time greater than the time of the 1st event in the dashboard ? Hi Team Can you please let me know how it is possible to fetch the events with the time greater than the time of the ... by Real_captain Path Finder in Monitoring Splunk 04-07-2025 0 14	0	14