Monitoring Splunk

Discussions

Thread Info

How to check and change the sourcetype in the query?

Hey folks, I have one set of application where there is version upgrade.Due to that version upgrade they changed the ...

by Explorer in

Why is Windows 2019-FWD (client) missing inputs/sourcetypes on front end?

Hey all,I have a 2019 windows client - sending some default data , but there are a handful of inputs that are visible...

by Communicator in

Why is _audit index not capturing all hosts?

With little to no Splunk experience, I inherited a 7.2.3 windows deployment (We're closed network and I'm not cleared...

by Explorer in

Is there any way to equally distribute the storage load on all of the 4 indexers? Does data rebalancing option help here

HI Experts, we have 4 physical indexers in cluster and since few days /splunk file system storage has reached...

by Path Finder in

Why does search to list all missing /non reporting agents instead lists all hosts?

the below search is for an alert, it is supposed to list all missing / non reporting agents. when I run it it lists a...

by Loves-to-Learn in

Splunk Add-on for 0365: Why am I receiving Invalid Token?

Hi , Why are we receiving this kind of issue on "o365:cas:api"while the others listed below are working as expected. ...

by Builder in

How to configure bulletin messages correctly to avoid distribution of messages

Hi, we are running a distributed Splunk environment and do monitor the messages which appearing when there are issu...

by Explorer in

How do I Ellobrate this event?

Hi splunk experts, Can anyone elaborate this below event and tell me why this event is getting triggered? the user...

by Engager in

What is this splunk buckets error?

by Loves-to-Learn Lots in

Why does splunk list monitor not show directories?

$/opt/splunkforwarder/bin/splunk list monitorMonitored Directories:[No directories monitored.]Monitored Files:/var/lo...

by Explorer in

Splunk alerts logs: Where to see the logs generated by the Python Scrypt app?

Hi all, good morning, my first question on the community, as I have just started learning. So please be gentle if...

by Engager in

Why does the tstats search "where index=_internal" returns no results?

I am trying to run the following tstats search on indexer cluster, recently updated to splunk 8.2.1: ...

by Communicator in

Can you please guide how to configure Otel-agent so it reports istio App traces to SPLUNK APM ?

Hello Team, I have deployed Istio based Application on Kubernetes. And I want to monitor the same in Splunk APM. T...

by New Member in

Why are Win event logs are not being forwarded to Splunk?

I am seeing x509 certificate error on splunkd.log, I will like to know if I can turn off the SSL certificate feature ...

by New Member in

Why does Splunk Enterprise 7.1.2 crashes sporadically every few days?

HI My Splunk Enterprise 7.1.2 keeps crashing sporadically, every few days. See crash log below. [build a0c72a66db6...

by Contributor in

Is there another way to delete expired jobs in other status than "done"

Hello, We had a case recently, where following some issues with the apache certificate, the scheduled jobs got stu...

by Builder in

Monitoring own certificates- Is there is a reasonable built-in way to get details of certificates in environment?

Hello. I'm wondering if there is a reasonable built-in way to get details of certificates used across the splunk e...

by Ultra Champion in

Ask Questions, Get Help about Cloud Admin Experience

Hello Splunk Admins, We are excited to announce the preview of Cloud Admin Experience(CAE). CAE is a cloud-based ap...

by Splunk Employee in

How to get the Monitoring Console to correctly identify the knowledge bundle replication policy as "cascading"?

We are trying to test out the new "cascading" option for the knowledge bundle replication policy. We have sat the rep...

by Builder in

What is the difference between RollOverSummary and Usage types of in license_usage.log?

Hi, I get different results when I run the following searches: index=_internal source=*license_usage.log type="...

by Influencer in

*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:
SOAR (f.k.a. Phantom) >>
Enterprise Security >>
Splunk Enterprise or Cloud for Security >>
Observability >>

Or Learn More in Our Blog >>

Monitoring Splunk

Discussions

How to check and change the sourcetype in the query?

Why is Windows 2019-FWD (client) missing inputs/sourcetypes on front end?

Why is _audit index not capturing all hosts?

Is there any way to equally distribute the storage load on all of the 4 indexers? Does data rebalancing option help here

Why does search to list all missing /non reporting agents instead lists all hosts?

Splunk Add-on for 0365: Why am I receiving Invalid Token?

How to configure bulletin messages correctly to avoid distribution of messages

How do I Ellobrate this event?

What is this splunk buckets error?

Why does splunk list monitor not show directories?

Splunk alerts logs: Where to see the logs generated by the Python Scrypt app?

Why does the tstats search "where index=_internal" returns no results?

Can you please guide how to configure Otel-agent so it reports istio App traces to SPLUNK APM ?

Why are Win event logs are not being forwarded to Splunk?

Why does Splunk Enterprise 7.1.2 crashes sporadically every few days?

Is there another way to delete expired jobs in other status than "done"

Monitoring own certificates- Is there is a reasonable built-in way to get details of certificates in environment?

Ask Questions, Get Help about Cloud Admin Experience

How to get the Monitoring Console to correctly identify the knowledge bundle replication policy as "cascading"?

What is the difference between RollOverSummary and Usage types of in license_usage.log?

Log showing when Diags were generated?

Why is Windows 2019-FWD (client) missing inputs/so...

How to configure bulletin messages correctly to av...

What is this splunk buckets error?

Can you please guide how to configure Otel-agent s...