Monitoring Splunk

Discussions

Thread Info

Why is DMC showing servers "unknown" on overview page?

Hello Splunkers we recently upgraded our splunk distributed deployment from 8.2.9 to 9.0.5.1. After upgrade our sp...

by Path Finder in

Splunk Rest Commands Invalid

I have a HF that was recently expanded in terms of its RAM capacity. Ever since, there has been an issue with REST co...

by Path Finder in

Issue with UF not uploading files from a specific folder

Hi, I have an issue where my UF installed on a linux server is not uploading data to Splunk from a specific folder....

by Explorer in

Why frozenTimePeriodInSecs does not take effect?

Hi everyone I got a question on the frozenTimePeriodInSecs parameter. Here are my settings inside the indexes.conf...

by Path Finder in

how to get the total each indexer volume size utilization in the indexer cluster of 10

how to get the total each indexer volume size utilization in the indexer cluster of 10.i have the cluster manager wit...

by Explorer in

Why is there Splunk Cloud Monitoring Console Inaccuracy?

Hi There, I have just checked the Cloud Monitoring Console after receiving an email that noted some apps were read...

by Path Finder in

Can I invoke Monitoring console custom_group in REST API Query?

I am trying to define various functions for each component level. However I am having multiple Splunk environments an...

by Engager in

Why is disabled report showing results in Monitoring Console "Aggregate Scheduled Search Runtime" chart?

Hi, I inherited a Splunk Enterprise environment. It is composed of 10 machines, divided into development and pr...

by New Member in

How to determine squash_threshold setting to adjust when having squashed license data reported?

Hello, support didn't provide way to have current state of squash_threshold in our clustered environment. They su...

by Motivator in

KV store: Why is KV Store initialization failing?

I have an issue with KV store "KV Store initialization failed" and to overcome with this issue. I have followed below...

by Builder in

How do we fix the blocked queue in the splunk environment ?

Hi aLL, I'm trying to find the solution for the blocked queue. Thanks...

by Contributor in

Any Advice on Monitoring Universal Forwarder performance?

So we have roughly a dozen UF hosts across on-prem and cloud. All are uploading data directly to SplunkCloud. I have ...

by Path Finder in

Rebuild forwarder assets does not actually rebuild the assets table

Hello Splunkers, To remove the old decommissioned UFs and stop the annoying missing alert "DMC Alert - Missing forw...

by Explorer in

Need to index Jenkins Build Log file through inputs.conf in deployment server !

Need to monitor highlighted log file without extension in the mentioned folder. Adminportal_* and 584 will vary acc...

by Observer in

What is causing Splunk Universalforwarders errors?

Hi Team, I am getting this error on the universal forwarder. 07-10-2023 14:18:24.639 +0200 WARN TailReader [161...

by Path Finder in

How can I monitor a filepath effectively?

I have been attempting to add a file path in data inputs as well as in the inputs.conf file as a "monitor". Each tim...

by Explorer in

Can we restore data from one single host?

Hi Is it possible to restore archive data from one single host consider we have an index=windows ,we want to r...

by Explorer in

Monitor Console for SmartStore not clear

From Monitoring Console > Indexing > SmartStore > SmartStore Cache Performance: Deployment, we can see Max Cache Size...

by Path Finder in

FortiGate Firewall is consuming the license

Dears, After the forward of the logs from FortiGate toward SPLUNK we noticed that the license is being consumed rec...

by Path Finder in

Processing queues blocking when thruput/event volume decreases

Hi guys, I am currently seeing that processing queues on one of my heavy forwarders appear to be blocking during a ...

by Explorer in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Why is DMC showing servers "unknown" on overview page?

Splunk Rest Commands Invalid

Issue with UF not uploading files from a specific folder

Why frozenTimePeriodInSecs does not take effect?

how to get the total each indexer volume size utilization in the indexer cluster of 10

Why is there Splunk Cloud Monitoring Console Inaccuracy?

Can I invoke Monitoring console custom_group in REST API Query?

Why is disabled report showing results in Monitoring Console "Aggregate Scheduled Search Runtime" chart?

How to determine squash_threshold setting to adjust when having squashed license data reported?

KV store: Why is KV Store initialization failing?

How do we fix the blocked queue in the splunk environment ?

Any Advice on Monitoring Universal Forwarder performance?

Rebuild forwarder assets does not actually rebuild the assets table

Need to index Jenkins Build Log file through inputs.conf in deployment server !

What is causing Splunk Universalforwarders errors?

How can I monitor a filepath effectively?

Can we restore data from one single host?

Monitor Console for SmartStore not clear

FortiGate Firewall is consuming the license

Processing queues blocking when thruput/event volume decreases

There's No Place Like Chrome and the Splunk Platform

The Great Resilience Quest: 5th Leaderboard Update

Devesh Logendran, Splunk, and the Singapore Cyber Conquest

Persistent Queue logging

How o audit Dashboard Inputs?

ERROR HTTPClient - Should have gotten at least 3 t...

Indexer Error: "ERROR SearchProcessRunner [45132 P...

Why is disabled report showing results in Monitori...