Monitoring Splunk

Community Activity

In Metrics.log group=searchscheduler what is the meaning of the "eligible" metric? In Splunk Enterprise when looking at the metrics.log with the searchscheduler group there is a metric for "eligible" ... by fwump38 New Member in Monitoring Splunk 09-29-2020 0 1	0	1
Splunk UF monitoring Hello Splunkers,Is there any way to identify from which source the logs are not getting forwarded??For example: if we... by jonwick Path Finder in Monitoring Splunk 09-29-2020 0 7	0	7
Health Check for UF As a part of Health Check of UF, which information I need check as a part of scheduled search, apart from to verify w... by jonwick Path Finder in Monitoring Splunk 09-28-2020 0 1	0	1
Internal logs Suffice Deployment Monitor Console ? Hi Splunkers,I'm fetching only internal logs for UF in my single box of Splunk Enterprise which acts as search head ... by jonwick Path Finder in Monitoring Splunk 09-28-2020 0 1	0	1
Dropping events possible reasons? Can anyone enlist possible reasons when UF may drop events?There may be many situations, but some known reasons came ... by hectorvp Communicator in Monitoring Splunk 09-28-2020 0 3	0	3
Collect jemalloc heap data to troubleshoot high memory growth contributed by search process Splunk search process is consuming high memory causing splunkd to crash. How to collect jemalloc heap data for Splunk... by keio_splunk Splunk Employee in Monitoring Splunk 09-28-2020 0 1	0	1
UF queues when Indexer down. Incase indexer is down or has slow speed for writing events in a disk,I guess in these cases UFs parsing queue and ou... by hectorvp Communicator in Monitoring Splunk 09-28-2020 0 1	0	1
How to find events dropped Is there any way to find how many events were dropped by UF in a day?Need a daily report to find how may events were ... by hectorvp Communicator in Monitoring Splunk 09-27-2020 1 5	1	5
TrackMe: How to add sourcetypes programatically to AllowList/Block list? I would like the results of a search to populate the allow/block lists in TrackeMe. The lookup file requires a unique... by GOB_Bluth Explorer in Monitoring Splunk 09-26-2020 0 1	0	1
Universal forwarder and Deployment Server Hi,I've a scenario where our organisation is supposed to only send logs from servers to clients indexers.We have deci... by hectorvp Communicator in Monitoring Splunk 09-25-2020 0 6	0	6
Sending WinEventLog to different instances and different indexes Hi,I am almost there on this task but need some assitance please on how to target different indexes. I have a number ... by realtimetechnol Explorer in Monitoring Splunk 09-24-2020 0 0	0	0
How to write a query which shows a graph for used storage per month in Splunk Enterprise? Hi,We are having a Splunk Enterprise app and we would like to know that, is there any way we can write a query which ... by anujarosha Explorer in Monitoring Splunk 09-22-2020 1 5	1	5
Can you force Splunkd to initiate the RolloverSummary license_usage.log at a custom time instead of at midnight? We have a single-server Splunk deployment on a small unique network where all hosts are powered down at night, includ... by pv41 Engager in Monitoring Splunk 09-22-2020 1 0	1	0
Getting error "ERROR AdminManagerValidation" and "ERROR DataModelValidator" very frequently Hello, Very frequently we getting below two errors in _internal logs in our Splunk Cloud Managed environment: 04-30-2... by bishtk Communicator in Monitoring Splunk 09-22-2020 0 2	0	2
License Increase Calculation Hi,I have a question regarding license usage.I am trying to calculate the license usage increase related, to a few ne... by itzikshviro Explorer in Monitoring Splunk 09-20-2020 0 2	0	2
RSA Archer Splunk Integration I'm currently working as an archer engineer on an RSA Archer deployment at a government agency, and I am soliciting a... by azharuddin1 Engager in Monitoring Splunk 09-17-2020 0 2	0	2
The percentage of high priority searches delayed I see the below error message on my search head cluster can some one help me to fix this. The percentage of high prio... by btshivanand Path Finder in Monitoring Splunk 09-17-2020 0 13	0	13
Issue with alert running from DMC for memory overrun. Hello, We have an alert in place that uses the REST API to determine when a server is using to much memory and then t... by mookiie2005 Communicator in Monitoring Splunk 09-17-2020 0 0	0	0
Unable to start splunk in Indexer I am having indexer clusters & one of the indexer goes down due to some reason, I am unable to start splunk in that ... by BRG Engager in Monitoring Splunk 09-17-2020 0 11	0	11
Bamboo Monitoring Good day splunkers, Can anyone assist in letting me know if there is a way that i can use splunk to monitor my bamboo... by sphiwee Contributor in Monitoring Splunk 09-16-2020 0 0	0	0
LDAP Request Monitoring Hello,I'm a complete newbie to Splunk so correct me if I'm wrong somewhere.I'm trying to monitor LDAP request, I have... by Error401 Observer in Monitoring Splunk 09-14-2020 0 0	0	0
DBinspect vs rest call I am running 2 search: \| rest splunk_server=* /services/data/indexes-extended \| search title = _internal\| stats max(b... by kiamyash Engager in Monitoring Splunk 09-07-2020 0 1	0	1
How to export all email address from Splunk report/alert? I want to export a list of email address that configured on all report/alert email receiver, Is it possible to do tha... by michael_wong Path Finder in Monitoring Splunk 09-07-2020 0 1	0	1
Which sourcetype to use in order to track changes made to lookup tables? SITUATION I'd like to track the changes done to lookup tables.I observe this helpful post: "https://community.splunk.... by jsven7 Communicator in Monitoring Splunk 09-03-2020 0 1	0	1
Servers availability status Hi, Is there any way to get the availability of the Servers (UP/Down) status in real time in Splunk Cloud/Enterprise ... by vamshi04 Engager in Monitoring Splunk 08-31-2020 0 7	0	7