Monitoring Splunk

Thread Info

warning msg with the msg "See search.log for more details." (should be searches.log)

Dear Splunk Dev team, One more simple typo issue: Splunk fresh install 9.4.0 (last week's version 9.3.2 also ha...

by SplunkTrust in

Alert

Hello, I just wanted to know more detailed information so I opened the case. About Alert settings. I set Thres...

by New Member in

How do we detect fluctuations in data ingestion?

We fail again and again these days when we have major spikes in ingestion, primarily with HEC. What would be a good a...

by Motivator in

During updating Splunk OTEL we are getting an error

Hello, We attempted to upgrade Splunk OTEL on the cluster using the helm3 upgrade command, but encountered the foll...

by Engager in

broken links on splunk web pages

Dear Splunkers... As i was checking about the fishbuckets at the splexicon https://docs.splunk.com/Splexicon:Fis...

by SplunkTrust in

Info from index=_internal does not match CMC ingest volume

Hello, dear Splunk Community. I am trying to extract the ingest volume from our client's search head, but I noticed...

by Engager in

Indexer saturation

[UPDATE] Hello everyone, and thanks in advance for your help. I'm very new to this subject so if anything is unclea...

by Path Finder in

Can I give commands to the agent?

hi index=idx_myindex source="/var/log/mylog.log" host="myhost-*" "memoryError" I know that if I give the conditio...

by Engager in

How splunk calls coldToFrozen.py script automatically

How splunk calls coldToFrozen.py script automatically once the script is setup in /opt/splunk/bin and indexes.conf fi...

by Engager in

How to find app by using a log source in search query?

Hi, I have a log source (/logs/abc/def). I want to know what are the apps using this log source in their inputs.co...

by Engager in

Monitoring Splunk Cluster with ITSI

Just curious to find out if anyone has ever integrated Splunk Cluster with ITSI. Seems to me that SC certainly qual...

by New Member in

Missing Internal Logs from Server

Hello, I have a server configured with three roles: Deployment Server, Console Monitoring, and License Master. Howe...

by Communicator in

How to combine two different outputs of single field ?

I have a splunk query that does some comparisons and the output is as follows. If any of the row below for the give...

by Path Finder in

How do i validate Heavy Forwarder is forwarding logs to Indexer- On Heavy Forwarder

I have a heavy forwarder, where all security devices logs have been pointed to HF, and from HF logs have been forward...

by Loves-to-Learn Everything in

Not getting splunk logs

After Splunk forwarder version got upgrade from 9.0.5.0 to 9.3.1.0 windows server are having issue in forwarding the...

by Communicator in

Splunk TcpInputProc Error causing possible outage

We are currently getting the below errors on our splunk Indexers and are every few hours the splunk indexer cluster i...

by New Member in

Migrating data from old server to new server while upgrading Splunk 9.3

Please can anyone what are steps to migrate the old data to new server while upgrading the splunk to 9.3 version i ha...

by Explorer in

monitoring file

hello, trying to monitor below path from the host gas UF installed: C:\Program Files (x86)\dir1\log\name_CRT_[D...

by Path Finder in

Splunk UBA

What is the reason that Splunk UBA Kafka give me this error, how can i fix this Kafka topics are not receiving event...

by Explorer in

How we can create a line chart with the area between max and min value filled with color ?

HI I want to know if it is possible to have a line chart with the area between max and min value filled with color. ...

by Path Finder in

how to check data ingestion trend for today?

How we can check the data coming to Splunk creating problem to CM making it unstable leading the peers to reach more ...

by Communicator in

How to use the output of the base query in the Input panel as dropdown ?

Hi Team Is it possible to use the output value of the base query as the drop down values in the input panel. Examp...

by Path Finder in

Talos Cisco IoCs Splunk ES

Hello colleagues! Have any of you integrated Cisco Talos as an intelligence source for Splunk Enterprise Security? ...

by Explorer in

Can't collect data from file on windows host

My Splunk installation can't read files from windows host from a specific folder on the C:// drive. Logs are collecte...

by Loves-to-Learn Lots in

How we can create a multi line chart to display the trend over a period of time.

Hi Can you please help me to create multi line chart with the below data. Data in the below format is fetched in S...

by Path Finder in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

warning msg with the msg "See search.log for more details." (should be searches.log)

Alert

How do we detect fluctuations in data ingestion?

During updating Splunk OTEL we are getting an error

broken links on splunk web pages

Info from index=_internal does not match CMC ingest volume

Indexer saturation

Can I give commands to the agent?

How splunk calls coldToFrozen.py script automatically

How to find app by using a log source in search query?

Monitoring Splunk Cluster with ITSI

Missing Internal Logs from Server

How to combine two different outputs of single field ?

How do i validate Heavy Forwarder is forwarding logs to Indexer- On Heavy Forwarder

Not getting splunk logs

Splunk TcpInputProc Error causing possible outage

Migrating data from old server to new server while upgrading Splunk 9.3

monitoring file

Splunk UBA

How we can create a line chart with the area between max and min value filled with color ?

how to check data ingestion trend for today?

How to use the output of the base query in the Input panel as dropdown ?

Talos Cisco IoCs Splunk ES

Can't collect data from file on windows host

How we can create a multi line chart to display the trend over a period of time.

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

Splunk Answers Content Calendar, July Edition I

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions