Monitoring Splunk

Thread Info

Get License Usage Through Custom Script

I'm trying to pull the license usage with a script on my Splunk server and send a notification to Teams (along with a...

by New Member in

How to capture remote Print Server Print Data?

Hi, I am trying to capture print events from the Print Servers on our network. I have enabled print logs on all print...

by Explorer in

How to re-read the same file again daily

Hi, trying to find the best solution (approach) to the following issue: We are monitoring ( via Splunk Universal f...

by Builder in

difference between splunkd and Splunkd service on Indexer

We noticed we have 2 different processes running: systemctl status splunksystemctl status Splunkd The docs expl...

by Path Finder in

Can any one provide me with a good search to monitor after hour employee login?

I need a good search to monitor after hour employee login, can anyone help please?

by New Member in

How to monitor Splunk changes?

Hello, Looking for a way to monitor certain operational changes in Splunk like: - A new sourcetype has been creat...

by Contributor in

Error: slave has more than 10 number of continous replication failures. Look at splunkd.log for details on why this is happening.

Hello, I have created a distributed search environment. On my masternode im getting the error: replication factor ...

by Explorer in

How to compare data for specific days

How can I find out what changed in my Splunk Windows environment or how can I compare daily ingested data between day...

by Path Finder in

What are the steps to install Monitoring Console on the License Master instance?

We are building the splunk clustered environment for dev environment. We have a License Master setup. We want the Mon...

by Communicator in

Can splunk perform CIS benchmark?

Hi team! I'm looking for a way to take a compliance check of my firewall and I wonder if I could do it with Splunk...

by Path Finder in

License exceeded message

My license has been exceeded for three days.Now I have this message on the "license usage dashboard".When I refresh t...

by Engager in

Linux Performance Data into Splunk

What is the best way of getting Linux performance data into Splunk? Do we have to install the *nix app?

by Loves-to-Learn Lots in

Is the max_searches_per_cpu setting based on CPU's of Index Cluster or just the searchead

We are receiving the message "This instance is approaching the max concurrency searches" on our search head. Usually ...

by Path Finder in

Monitoring console: Splunk Indexer Serves status

I can see the total number of servers against resource Usage: Deployment: It is showing me 10 out of 12 as two ser...

by Path Finder in

detect and the reason for the network flapping and reaons

Last week our one of our core network devices have flapping issue. As per my discussion with network team, there is f...

by Path Finder in

Can't query index=_internal

Hi We can't search log index=_internal _audit _introspectionWe setup role select indexes "All non-internal indexes...

by Loves-to-Learn Lots in

Is it possible to monitor the application logs with out agent using Splunk?

Hi All, Currently we have BMC-True site application monitoring the application logs using an agent, but we wanted...

by Motivator in

[Multiple Clusters] search not returning from new cluster

A standalone SH had 2 multiple indexer clusters configured as per the docs below, which has been working well a while...

by Splunk Employee in

Why is the Windows Event Log indexing slow?

I indexed about 1GB of Windows Event Logs for a forensic analysis. I added the data by monitoring the folder where th...

by New Member in

Weird Monitoring issue after AIX Universal Forwarder Upgrade

Hi, We have an issue with an AIX server that just doesn't seem to monitor a particular log file after it was upgra...

by Path Finder in

AWS Failed logins and coalesce command

Hi All, On tracking the failed logins for AWS console through Cloudtrail logs, errorCode for specific set of logs ...

by Explorer in

Linux input for process monitoring (similar to Windows Sysmon)

We're looking for a tool that does the same thing as Windows Sysmon (Sysinternals), but for Linux. The problem with p...

by Contributor in

Basic question about scheduled search

hello In my dashboard, I use a scheduled search with a filter token because i have a dropdown list which allow me ...

by Motivator in

Distributed management console

What is the DMC on splunk?Why should I have need to install it? How should be installed, It is an app?The monitoring ...

by Explorer in

Approaches to manage logging level of Splunk Universal Forwarder

With changes in Splunk pricing coming faster than our ability to increase funding sources, our team is stuck in a mai...

by Builder in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

Get License Usage Through Custom Script

How to capture remote Print Server Print Data?

How to re-read the same file again daily

difference between splunkd and Splunkd service on Indexer

Can any one provide me with a good search to monitor after hour employee login?

How to monitor Splunk changes?

Error: slave has more than 10 number of continous replication failures. Look at splunkd.log for details on why this is happening.

How to compare data for specific days

What are the steps to install Monitoring Console on the License Master instance?

Can splunk perform CIS benchmark?

License exceeded message

Linux Performance Data into Splunk

Is the max_searches_per_cpu setting based on CPU's of Index Cluster or just the searchead

Monitoring console: Splunk Indexer Serves status

detect and the reason for the network flapping and reaons

Can't query index=_internal

Is it possible to monitor the application logs with out agent using Splunk?

[Multiple Clusters] search not returning from new cluster

Why is the Windows Event Log indexing slow?

Weird Monitoring issue after AIX Universal Forwarder Upgrade

AWS Failed logins and coalesce command

Linux input for process monitoring (similar to Windows Sysmon)

Basic question about scheduled search

Distributed management console

Approaches to manage logging level of Splunk Universal Forwarder

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

Your summer travels continue with new course releases

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions