Monitoring Splunk

Thread Info

TrackMe: How to add sourcetypes programatically to AllowList/Block list?

I would like the results of a search to populate the allow/block lists in TrackeMe. The lookup file requires a unique...

by Explorer in

Universal forwarder and Deployment Server

Hi, I've a scenario where our organisation is supposed to only send logs from servers to clients indexers. We hav...

by Communicator in

Sending WinEventLog to different instances and different indexes

Hi, I am almost there on this task but need some assitance please on how to target different indexes. I have a numb...

by Explorer in

How to write a query which shows a graph for used storage per month in Splunk Enterprise?

Hi,We are having a Splunk Enterprise app and we would like to know that, is there any way we can write a query which ...

by Explorer in

Can you force Splunkd to initiate the RolloverSummary license_usage.log at a custom time instead of at midnight?

We have a single-server Splunk deployment on a small unique network where all hosts are powered down at night, includ...

by Engager in

Getting error "ERROR AdminManagerValidation" and "ERROR DataModelValidator" very frequently

Hello, Very frequently we getting below two errors in _internal logs in our Splunk Cloud Managed environment: 0...

by Communicator in

License Increase Calculation

Hi, I have a question regarding license usage. I am trying to calculate the license usage increase related, to a ...

by Explorer in

RSA Archer Splunk Integration

I'm currently working as an archer engineer on an RSA Archer deployment at a government agency, and I am soliciting a...

by Engager in

The percentage of high priority searches delayed

I see the below error message on my search head cluster can some one help me to fix this. The percentage of hig...

by Path Finder in

Issue with alert running from DMC for memory overrun.

Hello, We have an alert in place that uses the REST API to determine when a server is using to much memory and the...

by Communicator in

Unable to start splunk in Indexer

I am having indexer clusters & one of the indexer goes down due to some reason, I am unable to start splunk in that ...

by Engager in

Bamboo Monitoring

Good day splunkers, Can anyone assist in letting me know if there is a way that i can use splunk to monitor my ...

by Contributor in

LDAP Request Monitoring

Hello, I'm a complete newbie to Splunk so correct me if I'm wrong somewhere. I'm trying to monitor LDAP request, ...

by Observer in

DBinspect vs rest call

I am running 2 search: | rest splunk_server=* /services/data/indexes-extended | search title = _internal| stats...

by Engager in

How to export all email address from Splunk report/alert?

I want to export a list of email address that configured on all report/alert email receiver, Is it possible to do tha...

by Path Finder in

Which sourcetype to use in order to track changes made to lookup tables?

SITUATION I'd like to track the changes done to lookup tables.I observe this helpful post: "https://community.splu...

by Communicator in

Servers availability status

Hi, Is there any way to get the availability of the Servers (UP/Down) status in real time in Splunk Cloud/Enterprise ...

by Engager in

How to audit changes in Splunk objects (Git or else)?

Hi Splunkers, we need to monitor who, when, where and what was changed in macros, searches and so on. Internal in...

by Contributor in

Troubleshoot a MonitorNoHandle input

I have a UF (7.3.1) configured with the Splunk TA for Windows Inf. 6.0. It is a Domain Controller and has about 16 di...

by Communicator in

How to put client servers in Splunk Monitoring from console?

Hi Team, I wants to put my few Client servers in Splunk Monitoring from Console. Please assist.

by New Member in

Query for Checking GPO Changes

Hi All, I've been looking for help on a query for a dashboard that can show me when changes are made for my enviro...

by New Member in

Why is splunk list inputstatus command showing files that have been deleted as still being monitored?

We are using the UF to monitor multiple files which are to be considered transient. All we want to do is get them fo...

by New Member in

High CPU Usage of one indexer cluster peer node

Hi community, one of our indexer cluster peer nodes has a very high cpu consumption by splunkd process see attached...

by Path Finder in

TailReader error 8.0.2 splunkd's processing queues are full

Getting the following error on my Splunk Enterprise Server and I'm not able to get usage.log info. Can anyone point ...

by Observer in

Backendcalls tracking query

Hi All, Am hitting a API service which has 7 to 8 backend calls, now i get all the backend call response times as w...

by Loves-to-Learn Lots in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

TrackMe: How to add sourcetypes programatically to AllowList/Block list?

Universal forwarder and Deployment Server

Sending WinEventLog to different instances and different indexes

How to write a query which shows a graph for used storage per month in Splunk Enterprise?

Can you force Splunkd to initiate the RolloverSummary license_usage.log at a custom time instead of at midnight?

Getting error "ERROR AdminManagerValidation" and "ERROR DataModelValidator" very frequently

License Increase Calculation

RSA Archer Splunk Integration

The percentage of high priority searches delayed

Issue with alert running from DMC for memory overrun.

Unable to start splunk in Indexer

Bamboo Monitoring

LDAP Request Monitoring

DBinspect vs rest call

How to export all email address from Splunk report/alert?

Which sourcetype to use in order to track changes made to lookup tables?

Servers availability status

How to audit changes in Splunk objects (Git or else)?

Troubleshoot a MonitorNoHandle input

How to put client servers in Splunk Monitoring from console?

Query for Checking GPO Changes

Why is splunk list inputstatus command showing files that have been deleted as still being monitored?

High CPU Usage of one indexer cluster peer node

TailReader error 8.0.2 splunkd's processing queues are full

Backendcalls tracking query

See your relevant APM services, dashboards, and alerts in one place with the updated ...

Cultivate Your Career Growth with Fresh Splunk Training

Introducing a Smarter Way to Discover Apps on Splunkbase

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Logging of Restart Trigger

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions