Monitoring Splunk

Community Activity

What are different between searching with index, sourcetype and host? Hi Experts,Can someone explain to me what are different between searching with index, sourcetype and host? Which one ... by thinhdinh Path Finder in Monitoring Splunk 07-03-2020 0 2	0	2
Abruptly missing old data We have been collecting syslog data on our hosts for the past 5 years or so. Syslog is in our 'main' index, along wit... by bloizides Observer in Monitoring Splunk 07-01-2020 0 0	0	0
High disk space utilization on indexer Hi. I have disk space issue with indexer. where there is 92% utilization in opt/splunkdata dir. and most space consu... by Reethika Path Finder in Monitoring Splunk 07-01-2020 0 10	0	10
Determining what data is in use/ accessed vs what's ingested Hello,We are trying to trim the fat In our log ingestion and need to determine what's actually in use vs what's inges... by Jarohnimo Builder in Monitoring Splunk 07-01-2020 0 0	0	0
how to find time difference between UF and HF Hi All,our environment topology is UF>HF>Indexer.UF is installed on server with different location timings so i want ... by DataOrg Builder in Monitoring Splunk 06-26-2020 0 1	0	1
The Java Bridge server is not running HI,When we open the Splunk DB connect , the message "The Java Bridge server is not running" How can I troubleshoot t... by pratapa Explorer in Monitoring Splunk 06-25-2020 0 4	0	4
index=_internal is disabled and i am not sure how to get it back on? HiI came in today and about 5 indexes are disabled.I am getting the following messages, but i am unsure what to do? E... by robertlynch2020 Influencer in Monitoring Splunk 06-24-2020 0 2	0	2
Date latency I am receiving the logs from the forwarders and can see latency between index time and event time. We have difference... by uagraw01 Motivator in Monitoring Splunk 06-23-2020 0 5	0	5
Splunk Commands Hanging I have installed a Splunk Forwarder version 8.0.4 on a rhel machine. After a successful install, which I am getting l... by P47R14RCH Explorer in Monitoring Splunk 06-22-2020 0 8	0	8
what is connection between forwarder and DS We noticed that a host "1234" is not longer connecting with the DS. What does this mean? What would be the impact?Ho... by Reethika Path Finder in Monitoring Splunk 06-22-2020 0 1	0	1
Storage issues on indexer Is it normal to have colddb > db?4.0K thaweddb20M summary4.2G datamodel_summary9.8G db59G colddb[ro... by Reethika Path Finder in Monitoring Splunk 06-22-2020 0 1	0	1
Universal Forwarder audit logs not going to Splunk Cloud Hi, I'm having an issue where my Splunk audit.log from the UF is not being forwarded to my Splunk Cloud instance. My... by apiprek2 Explorer in Monitoring Splunk 06-21-2020 0 1	0	1
フォワーダー管理のクライアントの追加方法についてお世話になります。標題について質問させてください。デプロイサーバ(Splunk Enterprize7.3.3 windows64bit)からデプロイクライアント(Universal Forwarder7.3.3 window... by satoishi New Member in Monitoring Splunk 06-18-2020 0 4	0	4
Can we be alerted when a field extraction fails because of depth_limit ? Hello everyone,We have configured some automatic field extractions using regular expressions on some logs that can ge... by performancemoni Path Finder in Monitoring Splunk 06-18-2020 0 0	0	0
Splunk server crush We had our Splunk server stopping by itself two days in a row.I am trying to find the reason but I cannot find anythi... by sbarinov Path Finder in Monitoring Splunk 06-18-2020 0 1	0	1
F5 analytics not in splunk Hi All,I have setup F5 iApp to push analytics data to Splunk and could see splunk accepting data from tcp dumps on F5... by panduu New Member in Monitoring Splunk 06-13-2020 0 1	0	1
KVStore Process Terminated Splunk installed on windows server, getting the following errors in web UI: KV Store process terminated abnormally (... by splunkuser145 New Member in Monitoring Splunk 06-12-2020 0 0	0	0
How to free space on /opt/splunkcolddata ? Hi,Please suggest me,Methods for freeing some space on /opt/splunkcolddata on indexer. how to reduce the retention da... by Reethika Path Finder in Monitoring Splunk 06-12-2020 0 1	0	1
How to make my computer (with splunk) receive data from another computer on the same network in real time? I'm trying to receive all the behaviour from a computer in real time, and receive the data in my other computer that ... by Alepy Explorer in Monitoring Splunk 06-12-2020 0 7	0	7
Add sourcetype to DNS and Netflow License We have a license for only DNS and Netflow data sources. Is their a way to edit the license to allow additional sourc... by ajinaqvi New Member in Monitoring Splunk 06-12-2020 0 1	0	1
AWS Missing feeds Hi All,I am in the process of creating an app for AWS sources and one of the objectives is to alert when an account s... by realtimetechnol Explorer in Monitoring Splunk 06-11-2020 0 1	0	1
How to setup DMC through CLI? Is it possible to setup the DMC to distrubuted mode through the CLI? How could this be achieved? by roukepouw Explorer in Monitoring Splunk 06-04-2020 3 4	3	4
How to resolve error when Splunkd intermittently crashes while streaming telemetry data on Universal Forwarder: "ProcessRunner: No such file or directory"? Hello! I’m working on streaming telemetry data to Splunk. I use Splunk Universal Forwarder v7 x86_64 to capture and s... by prajnaamey Engager in Monitoring Splunk 06-03-2020 0 2	0	2
Authentication error when trying to configure Splunk with Azure AD for SAML: "Your network connection may have been lost or Splunk may be down.” Hi Team, We are trying to integrate Splunk with Azure AD for SAML authentication. However, whenever we try to uploa... by jaracan Communicator in Monitoring Splunk 06-02-2020 0 1	0	1
how can we get Splunk license % usage data over long period of time? (>60 days) how can we get Splunk license % usage data over long period of time? The following query only gives us last 2 months ... by sdintino_splunk Splunk Employee in Monitoring Splunk 06-02-2020 0 3	0	3