Monitoring Splunk

Community Activity

Is there a way to create an alert if splunkd on any Splunk instance is started by any user except "splunk user"? Hi Guys, In my project environment, every splunkd is installed using splunk user. So I need to create an alert if any... by bishtk Communicator in Monitoring Splunk 12-01-2020 0 4	0	4
how to change graph color to Red, Green and Yellow based on some condition index=osnixscript sourcetype=cpu host=* \| multikv fields pctIdle \| eval Percent_CPU_Load = 100 - pctIdle \| timechart ... by yagnaprasad New Member in Monitoring Splunk 11-30-2020 0 1	0	1
Url click was intentional or not. Hello everyone, currently I am investigating a scenario where a user have opened porn sites on several time. but the ... by Rbsplunk95 New Member in Monitoring Splunk 11-30-2020 0 0	0	0
A forwarder is sending only some of the data, we don't know why? Hi We have a forwarder that is sending partial data. We can identify the files that it is not sending (Image below).H... by robertlynch2020 Influencer in Monitoring Splunk 11-30-2020 1 1	1	1
_introspection shows wrong memory usage for the deployment server Hi,_introspection reports a higher value for existing memory than the real memory of the machine and also the memory ... by afx Contributor in Monitoring Splunk 11-30-2020 0 0	0	0
Splunk doesn't launch I was just trying to get splunk to run on port 443. I ran the following and then I get the error below. $SPLUNK_HOME... by njansons Explorer in Monitoring Splunk 11-28-2020 1 6	1	6
App to Navigate Retention and projected Retention by source? All, Anyone have an app or search that can help a non-technical user review retention of data by source? They'd like ... by dpwtheitguy Loves-to-Learn Lots in Monitoring Splunk 11-25-2020 0 0	0	0
Passing the variable \| mstats avg(_value) as current where data.consumerName IN("XXXXXXX") AND NOT (data.consumerName="OH")AND host="*" ... by bmkreddy234 Engager in Monitoring Splunk 11-25-2020 0 3	0	3
Log Firewall Type Traffic in creating a dashboard that processes firewall log data with traffic types.What information should be visualized?wha... by wahluf Explorer in Monitoring Splunk 11-23-2020 0 0	0	0
tcpin_cooked_pqueue blocking I've recently made a career change, so I have a new Splunk environment where they leverage intermediary forwarders. ... by triest Communicator in Monitoring Splunk 11-23-2020 0 5	0	5
Add email notification to correlation search in Enterprise Security Hello,I'm trying to add an email alert as an Adaptive Response Action to a built-in correlation search in Enterprise ... by SplunkSanc Observer in Monitoring Splunk 11-21-2020 0 2	0	2
How to know if Splunk is using the Hyperthreading Hi Team,We asked our Linux Team and they said that the hyperthreading is enabled across all Clustered Indexers. This ... by jaracan Communicator in Monitoring Splunk 11-20-2020 0 1	0	1
Troubleshooting disk usage peak on the Search Head server Hello,This is my architecture :dedicated indexers (multiple servers on main site)dedicated search head (1 serveron ma... by kvnpichon Path Finder in Monitoring Splunk 11-18-2020 0 4	0	4
j’aimerai utiliser SPLUNK au sein d'un réseau virtuel avec VMWARE. Comment faire ? Salut tout le monde. j’aimerai utiliser SPLUNK au sein d'un réseau virtuel avec VMWARE. Mais je ne trouve pas assez ... by Mtapha_Diouf01 New Member in Monitoring Splunk 11-16-2020 0 2	0	2
problem with hyphen in field values I am trying to create an alert to track failed login events on windows machinese.g.index=fa_servers EventCode=4625 OR... by paulw10 Explorer in Monitoring Splunk 11-16-2020 0 2	0	2
Monitoring API Calls Hello,Does anyone know if there's a way to monitor/track API calls to a Splunk Cloud instance? Looking particularly... by dloszews Explorer in Monitoring Splunk 11-13-2020 0 2	0	2
How to log new file every day Hi, ive got a task to do but im complete newbie in splunk. So could you guys help me?I have to send to splunk logs wh... by Glace Explorer in Monitoring Splunk 11-11-2020 1 3	1	3
Splunk Indexer Error We received the below error in splunkd.log on our indexer server. We are using cluster env with 6 indexers. The index... by abhijitnath89ax Loves-to-Learn in Monitoring Splunk 11-10-2020 0 1	0	1
Capability needed to list forwarder deployment Hi!I haven't gotten to the bottom of what permissions are needed for different actions. We would like to give someone... by mart10 Path Finder in Monitoring Splunk 11-10-2020 0 2	0	2
Splunk Indexer error We received the below error in splunkd.log on our indexer server. We are using cluster env with 6 indexers. The index... by abhijitnath89ax Loves-to-Learn in Monitoring Splunk 11-09-2020 0 1	0	1
Splunk Indexer Error We received the below error in splunkd.log on our indexer server. We are using cluster env with 6 indexers. The index... by abhijitnath89ax Loves-to-Learn in Monitoring Splunk 11-05-2020 0 1	0	1
Filtering logs at HF to get a single event of each source Hello Splunkers,I need to filter logs at HF to send only single log from each source from every host once in a day ... by hectorvp Communicator in Monitoring Splunk 11-04-2020 1 7	1	7
Data is not pushed to indexer from endpoint server Hello,i have a windows machine(Windows Version 10) which is configured to send data to a indexer. but data is not sen... by sivaranjiniG Communicator in Monitoring Splunk 11-03-2020 0 2	0	2
Events Source Validation Hello Splunkers,I've been in some weird requirement/situation, which is,we need to validate if events of particular ... by hectorvp Communicator in Monitoring Splunk 11-03-2020 0 4	0	4
Why am I getting Invalid key in stanza errors when running ./splunk btool check --debug ? Checking: /opt/splunk/etc/apps/splunk_httpinput/default/inputs.conf Invalid key in stanza [http] in /... by rajesh_pidikiti New Member in Monitoring Splunk 11-02-2020 0 5	0	5