Monitoring Splunk

Ask a Question

Discussions

Thread Info

j’aimerai utiliser SPLUNK au sein d'un réseau virtuel avec VMWARE. Comment faire ?

Salut tout le monde. j’aimerai utiliser SPLUNK au sein d'un réseau virtuel avec VMWARE. Mais je ne trouve pas assez ...

by New Member in

problem with hyphen in field values

I am trying to create an alert to track failed login events on windows machines e.g. index=fa_servers EventCode=4...

by Explorer in

Monitoring API Calls

Hello, Does anyone know if there's a way to monitor/track API calls to a Splunk Cloud instance? Looking particula...

by Explorer in

How to log new file every day

Hi, ive got a task to do but im complete newbie in splunk. So could you guys help me?I have to send to splunk logs wh...

by Explorer in

Splunk Indexer Error

We received the below error in splunkd.log on our indexer server. We are using cluster env with 6 indexers. The index...

by Loves-to-Learn in

Capability needed to list forwarder deployment

Hi! I haven't gotten to the bottom of what permissions are needed for different actions. We would like to give some...

by Path Finder in

Splunk Indexer error

We received the below error in splunkd.log on our indexer server. We are using cluster env with 6 indexers. The index...

by Loves-to-Learn in

Splunk Indexer Error

We received the below error in splunkd.log on our indexer server. We are using cluster env with 6 indexers. The index...

by Loves-to-Learn in

Filtering logs at HF to get a single event of each source

Hello Splunkers, I need to filter logs at HF to send only single log from each source from every host once in a da...

by Communicator in

Data is not pushed to indexer from endpoint server

Hello, i have a windows machine(Windows Version 10) which is configured to send data to a indexer. but data is not ...

by Path Finder in

Events Source Validation

Hello Splunkers, I've been in some weird requirement/situation, which is, we need to validate if events of parti...

by Communicator in

Why am I getting Invalid key in stanza errors when running ./splunk btool check --debug ?

Checking: /opt/splunk/etc/apps/splunk_httpinput/default/inputs.conf Invalid key in stanza [http] in /...

by New Member in

Sizing for Splunk4Rookies-style Workshop with 20-40 participants

I'm trying to figure out the sizing of a Splunk environment that will only be used for a very short time but by a sub...

by Path Finder in

Trouble-shooting events forwarded from a heavy forwarder.

Hello, Are there searches or any log files that will tell me what is being forwarded from my heavy forwarder? I have ...

by Communicator in

How to set an alert when splunk's disk/volume is at 80%

Hello, I have Splunk 8.0.2. My splunk instance is hosted in AWS and has 2 volumes (1 is root volume). What would ...

by Path Finder in

The tcp output processor has paused the dataflow and input.conf config problems

I have a couple of questions. - I have my searchhead and indexer on the same server. I know that my domain co...

by Loves-to-Learn Lots in

Why do some local.meta files have \x00 errors in splunkd.log on my heavy forwarder?

I find these messages in splunkd.log: 02-15-2017 13:34:04.437 -0500 WARN IniFile - C:\Splunk\var\run\searchpeers\...

by Motivator in

splunk monitoring

Hi everyone can someone please help me out , how to monitor the following things in Jenkins with SPLUNK : - Load of...

by Loves-to-Learn Everything in

Auditing who disabled/enabled alerts on a Search Head

I am trying to figure out how I can audit who disabled alerts on one of our search heads. I was thinking it is in the...

by Path Finder in

applyPendingMetadata bug: Issue while configuring iis log monitoring

We have the official iis app from splunkbase and i have been unable to get data from this location for a long time. i...

by Path Finder in

Saturated Event-Processing Queues

I am getting this error frequently and I can see the index queue is 99% for many indexers in the cluster. I am not ab...

by Path Finder in

High swap space observed in HF ?

We are getting alert from our LInux team stating high swap space observed for splunkd process on the Heavy forwarder ...

by Loves-to-Learn Everything in

HHow to restore the corrupted buckets

I have a issue with one index in which the bucket is corrupted and I lost logs from this index for a period of time....

by Path Finder in

splunk: Invalid key in stanza

Hi guys, when I restart my splunkd on the HF I see this error in the logs message: splunk: Invalid key in stanza [...

by Explorer in

mgmt port is not working

Hi, when I try to access the mgmt port on the browser it's not accessible. I have enabled SSL , so i removed ...

by Observer in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

j’aimerai utiliser SPLUNK au sein d'un réseau virtuel avec VMWARE. Comment faire ?

problem with hyphen in field values

Monitoring API Calls

How to log new file every day

Splunk Indexer Error

Capability needed to list forwarder deployment

Splunk Indexer error

Splunk Indexer Error

Filtering logs at HF to get a single event of each source

Data is not pushed to indexer from endpoint server

Events Source Validation

Why am I getting Invalid key in stanza errors when running ./splunk btool check --debug ?

Sizing for Splunk4Rookies-style Workshop with 20-40 participants

Trouble-shooting events forwarded from a heavy forwarder.

How to set an alert when splunk's disk/volume is at 80%

The tcp output processor has paused the dataflow and input.conf config problems

Why do some local.meta files have \x00 errors in splunkd.log on my heavy forwarder?

splunk monitoring

Auditing who disabled/enabled alerts on a Search Head

applyPendingMetadata bug: Issue while configuring iis log monitoring

Saturated Event-Processing Queues

High swap space observed in HF ?

HHow to restore the corrupted buckets

splunk: Invalid key in stanza

mgmt port is not working

.conf25 Community Recap

Splunk App Developers | .conf25 Recap & What’s Next

Congratulations to the 2025-2026 SplunkTrust!

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions