Monitoring Splunk

Discussions

Thread Info

Are there any Splunk apps we can use to audit Oracle behavior like failed logons?

I would like to know if there are any Splunk apps which we can use use to audit Oracle behavior e.g failed logons. Sp...

by Path Finder in

My join command is not extracting data from 2 indexes

The below query is the original one, it was working fine in the lower environments, once moved to the production with...

by Explorer in

Index Fidelity for Audit Purposes, proof.

I've looked through the Splunk documentation for something that says "Once data is indexed, it cannot be edited". I c...

by Builder in

NOT a question: There is a small bug in the health checks for 6.5.0 Monitoring Console and this is how to resolve it.

There appears to be a bug in splunk_monitoring_console\default\checklist.conf. After running the Health Checks, th...

by Motivator in

What does splunkd do?

I see splunkd.service taking up a lot of CPU time. It runs as high as 50% most of the time.

by Path Finder in

What is the best storage solution for optimal Splunk performance?

When planning my Splunk deployment, I've been told that the storage volume is probably the most important aspect. Why...

by Communicator in

splunkd service does not start when the server is rebooted

Hi, I have a problem where splunkd services does not start at reboot of the server. The startup type is set to aut...

by Explorer in

Splunk doesn't launch

I was just trying to get splunk to run on port 443. I ran the following and then I get the error below. $SPLUNK_HO...

by Explorer in

Timed out waiting for splunkd to shutdown

I can't restart splunk. Neither CLI or web manager works. It just times out waiting for splunkd to shut down. Thing i...

by New Member in

Unable to locate an inputs stanza sending a data to a particular index using btool ?

Hi All, we are removing the unwanted indexes from prod environment as they are deprecated, while performing this acti...

by Motivator in

how to make my splunk work fast ??

Hi , Actually my splunk has 6 yrs of data , i think this is the reason for the slowness . Now i need to make this ...

by Path Finder in

Why the Splunk down and how should I fix it?

Hi, When many users access the Splunk at the same time or even I test by open several dashboards at a time, the Splu...

by Explorer in

My Splunk is not working and cannot restart

My Splunk is not working. It shows "This page can't be displayed" Then I tried to restart Splunk but it's not working...

by Explorer in

Performance of Splunk instance

Hi community, we plan to encrypt our splunk installation because of some security mesaures. Encryption self works ...

by Engager in

Add moitor changes are not reflecting to my search

I have some data with 4 lines in my.txt file. I uploaded this file into splunk, Successfully getting this data as a e...

by Explorer in

How to resolve "The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch" errors?

Hello we are seeing errors "The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch" ...

by Builder in

splunkd is at 100% cpu, lag in indexing

Hello, Yesterday I noticed that there's a substantial lag in event indexing to the default index (main). When ins...

by Explorer in

Will Splunk work on machine using GPU in place of CPU ?

Hi guys, I want to know, if I have a machine in which I am using GPU(Graphical Processoring Unit) instead of stan...

by Path Finder in

How to combine results from different pairs of indexes/sourcetypes in one search?

The following search executed over a seven day timeframe (referenced at https://answers.splunk.com/answers/344834/how...

by New Member in

Why did my Splunkforwarder stop with the error "WatchedFile - About to assert due to: destroying state while still cached..." in the splunkd.log?

Splunkforwarder stops with the below error in the splunkd.log: 0500 ERROR WatchedFile - About to assert due to: de...

by New Member in

Monitoring Splunk

Discussions

Are there any Splunk apps we can use to audit Oracle behavior like failed logons?

My join command is not extracting data from 2 indexes

Index Fidelity for Audit Purposes, proof.

NOT a question: There is a small bug in the health checks for 6.5.0 Monitoring Console and this is how to resolve it.

What does splunkd do?

What is the best storage solution for optimal Splunk performance?

splunkd service does not start when the server is rebooted

Splunk doesn't launch

Timed out waiting for splunkd to shutdown

Unable to locate an inputs stanza sending a data to a particular index using btool ?

how to make my splunk work fast ??

Why the Splunk down and how should I fix it?

My Splunk is not working and cannot restart

Performance of Splunk instance

Add moitor changes are not reflecting to my search

How to resolve "The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch" errors?

splunkd is at 100% cpu, lag in indexing

Will Splunk work on machine using GPU in place of CPU ?

How to combine results from different pairs of indexes/sourcetypes in one search?

Why did my Splunkforwarder stop with the error "WatchedFile - About to assert due to: destroying state while still cached..." in the splunkd.log?

Cisco hardware monitoring

Splunk Addon for Service Now - Filter Parameters

Sending WinEventLog to different instances and dif...

License Usage Reporting

Issue with alert running from DMC for memory overr...