Monitoring Splunk

Discussions

Thread Info

Add sourcetype to DNS and Netflow License

We have a license for only DNS and Netflow data sources. Is their a way to edit the license to allow additional sourc...

by New Member in

AWS Missing feeds

Hi All, I am in the process of creating an app for AWS sources and one of the objectives is to alert when an accoun...

by Explorer in

How to setup DMC through CLI?

Is it possible to setup the DMC to distrubuted mode through the CLI? How could this be achieved?

by Explorer in

How to resolve error when Splunkd intermittently crashes while streaming telemetry data on Universal Forwarder: "ProcessRunner: No such file or directory"?

Hello! I’m working on streaming telemetry data to Splunk. I use Splunk Universal Forwarder v7 x86_64 to capture an...

by Engager in

Authentication error when trying to configure Splunk with Azure AD for SAML: "Your network connection may have been lost or Splunk may be down.”

Hi Team, We are trying to integrate Splunk with Azure AD for SAML authentication. However, whenever we try to u...

by Communicator in

how can we get Splunk license % usage data over long period of time? (>60 days)

how can we get Splunk license % usage data over long period of time? The following query only gives us last 2 months ...

by Splunk Employee in

Has anyone seen this Error message: Monotonic time source didn't increase; is it stuck?

Since we've upgraded to 7.0 we're seeing this particular error show up in the logs: 10-17-2017 11:30:30.772 -0600 ...

by Explorer in

UF restarts due to TcpOutputProc issue

Hi - having issues with a Windows UF we are having to restart circa weekly to clear the issue below which happens at ...

by New Member in

Splunk Crashing with ExceptionCode: c0000005 (Access violation)

I'm seeing Splunk Enterprise Version 8.0.2 Build a7f645ddaf91 running Windows Server 2019, build 17763.1217.Individua...

by New Member in

How to expand disk space on indexer in Azure

Hi guys , I want to expand disk space for indexer hosted on Azure as VM and its an indexer cluster which completel...

by Loves-to-Learn Lots in

How to get to know peer down time with SPL?

Hi Guru! (I edited) I have indexer cluster and one search head. I do not use monitoring console. One of peer nodes...

by Path Finder in

Is AutoCAD device can be monitored via Splunk ?

Hi All, Today I had a question from my customer, that he wants to monitor the bunch of software running in his env...

by Motivator in

How can I generate a search which uses lots of memory?

We are about to enable the enable_memory_tracker feature. We'll use - enable_memory_tracker = true search_proc...

by Motivator in

tstats command consumes a lot of IO and runs for 20 minutes

I'm running this query to get average event counts per day by index. When I run this, each site does an aggregate 2.5...

by Explorer in

Incorrect Path to Script, but Path doesn't exist

I'm trying to bring in new data to my Splunk standalone and getting this error in the _internal logs Incorrect path t...

by Path Finder in

How do I find Splunk Cloud configuration change events?

With multiple admins in our Splunk Cloud, we'd like to see any changes made that have a global or app wide impact. ...

by Explorer in

How to configure DMC for heavy forwarder monitoring?

hi, we have few heavy forwarders which are used for intermediate forwarding to Indexers. In DMC (Distributed manageme...

by Super Champion in

Find the max and min cpu per host

I have four hosts. H1, H2, H3, H4 each host have cpu_load I want to find min cpu_load and max cpu_load. Find the m...

by New Member in

HEC Collector Cluster: Measuring Performance

I've been looking around how to measure and scale a Splunk HEC Collector cluster, but I cant seem to find direct answ...

by Explorer in

Monitoring Console often shows multiple hosts as unknown

Since upgrading Splunk Enterprise to version 7.x (presently at 7.2.1), I notice often the Monitoring Console shows mu...

by New Member in

health check item drill-down

Hi everyone,Does anyone know how the drill-downs in MC health check items are supposed to work?I am creating some cus...

by Path Finder in

No data found in Monitoring console of my standalone splunk enterprise after upgrading from 6.4.1 to 7.0.0

Hi Team, I have upgraded my splunk standalone enterprise (indexer) from 6.4.1 to 7.0.0. i am not able to see data ...

by New Member in

Frequent service outages

We identified there are frequent outages on the Enterprise security server and which causes the Splunk Services down....

by Splunk Employee in

How can I monitor a servers CPU/RAM/apps running by user?

Hello, I was wondering if it would be possible to see what apps are being used, amount of ram and cpu per user? What ...

by Communicator in

How to calculate disk space for Data Model Acceleration?

How to calculate disk space by all indexers used by the data model acceleration?

by Path Finder in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Add sourcetype to DNS and Netflow License

AWS Missing feeds

How to setup DMC through CLI?

How to resolve error when Splunkd intermittently crashes while streaming telemetry data on Universal Forwarder: "ProcessRunner: No such file or directory"?

Authentication error when trying to configure Splunk with Azure AD for SAML: "Your network connection may have been lost or Splunk may be down.”

how can we get Splunk license % usage data over long period of time? (>60 days)

Has anyone seen this Error message: Monotonic time source didn't increase; is it stuck?

UF restarts due to TcpOutputProc issue

Splunk Crashing with ExceptionCode: c0000005 (Access violation)

How to expand disk space on indexer in Azure

How to get to know peer down time with SPL?

Is AutoCAD device can be monitored via Splunk ?

How can I generate a search which uses lots of memory?

tstats command consumes a lot of IO and runs for 20 minutes

Incorrect Path to Script, but Path doesn't exist

How do I find Splunk Cloud configuration change events?

How to configure DMC for heavy forwarder monitoring?

Find the max and min cpu per host

HEC Collector Cluster: Measuring Performance

Monitoring Console often shows multiple hosts as unknown

health check item drill-down

No data found in Monitoring console of my standalone splunk enterprise after upgrading from 6.4.1 to 7.0.0

Frequent service outages

How can I monitor a servers CPU/RAM/apps running by user?

How to calculate disk space for Data Model Acceleration?

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

Alerting Best Practices: How to Create Good Detectors

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

During updating Splunk OTEL we are getting an erro...