Monitoring Splunk

Community Activity

What are the possible causes for the marked sign? I am logged in an indexer and getting red marked sign along with Administrator tab at web panel(port:8000). What are... by vinitnitdgp Engager in Monitoring Splunk 10-10-2019 0 2	0	2
What is the splunk query to display disk space utilized by each app in splunk I tried to use this query - index=_internal metrics kb group=per_sourcetype_thruput \| eval sizeMB = round(kb/1024,2)\|... by monyathomas New Member in Monitoring Splunk 10-04-2019 0 1	0	1
How to monitor only new data from logfiles We are trying to monitor a logfile which behaves like a rolling logfile (?). Except, it doesn't create new file but i... by roelscholte New Member in Monitoring Splunk 10-04-2019 0 2	0	2
high usage of physical memory on indexers Hello, We are having high usage of memory usage on all of our indexers and most of it is cached memory. can we clear ... by sathwikr076 Communicator in Monitoring Splunk 10-03-2019 0 6	0	6
ERROR Archiver - Unable to write due to: No space left on device I am trying to troubleshoot an issue with a clustered search head restarting itself and came across an error message ... by michaelbang1 New Member in Monitoring Splunk 10-01-2019 0 7	0	7
Is there a better way to improve performance using tstats when I need two aggregations and first aggregation returns ~10 million events at high cardinality. We have a data model which has following fields - Source IpAddress FileName FileVersion Flag _timeS1 IP1 File1 FileVe... by ranurag Engager in Monitoring Splunk 09-30-2019 0 0	0	0
In Splunk Enterprise 7.2, Can you help me clear the Splunkd Health Report feature? I love this feature in 7.2. The icon up front helped me find and fix a serious ingest issue I was otherwise blissfull... by AzJimbo Path Finder in Monitoring Splunk 09-30-2019 2 4	2	4
How to detect webshell via splunk Hi, I would like to know how I can detect a webshell via Splunk. I hope there is a doc that can help me to write a... by ad761 New Member in Monitoring Splunk 09-29-2019 0 1	0	1
Splunk Indexers Physicial memory usage high Hi , I am currently experiencing high memory usage on my indexers when i saw the memory usage , i saw a high amount o... by ram254481493 Explorer in Monitoring Splunk 09-27-2019 0 1	0	1
Monitor the count of columns generated by solutionType=* \| splunk reports I would like to track count of the all the below splunk search query columns. if any "solutionType" is appended or de... by harkirat9712 Explorer in Monitoring Splunk 09-23-2019 0 1	0	1
Search killing _audit Our _audit file keeps growing and growing. We have identified what is filling it up but cannot figure out what is ca... by tsheets13 Communicator in Monitoring Splunk 09-18-2019 0 6	0	6
Problem running Splunk as service from Docker stack or compose file We are preparing a Docker-based Monitoring Stack and would like to include Splunk as the optional feature: https://ag... by aradosz79 New Member in Monitoring Splunk 09-17-2019 0 2	0	2
Ingesting data from a Riverbed stealhead WAN optimizer device for network monitoring Hi , I have a requirement to monitor the network slowness by monitoring the riverbed Stealhead WAN optimizer device.... by ashrafk Explorer in Monitoring Splunk 09-13-2019 0 0	0	0
Splunk Crashes on Startup Everything was running fine and then it started crashing. The crash log references the scheduler. Not sure what I can... by MHS Explorer in Monitoring Splunk 09-12-2019 0 3	0	3
How to monitor Application in OpenShift Cluster with Splunk? Hi, My application is running on OpenShift pods. The application accepts API calls on port 9443. In front of the pod... by noyog Engager in Monitoring Splunk 09-12-2019 0 1	0	1
Indexers Disk Space all of our indexers server disk space is almost 90% full and one of the indexer server disk is full(100%) so he get s... by riqbal47010 Path Finder in Monitoring Splunk 09-12-2019 0 5	0	5
Splunk causing Segfault on all indexers, causing them to crash Hi all, For the second time this week, on all three indexers in our Splunk cluster, Splunkd crashed. Syslog showed m... by dkoops Path Finder in Monitoring Splunk 09-11-2019 0 4	0	4
Detailed Reporting on License Costs per Event Guys, is it possible to break down licnse impact on the following: Per IndexPer SourceTypePer SourcePer Event in inde... by shocko Contributor in Monitoring Splunk 09-11-2019 0 2	0	2
How to troubleshoot why the search server processdown _ZN35DistributedBundleReplicationManager18triggerReplicationERKSt3mapI14SchemeHostPort3StrSt4lessIS1_ESaISt4pairIKS1_... by wcy7208 New Member in Monitoring Splunk 09-10-2019 0 1	0	1
CommonBaseEvent treatment Hello all, I receiving some event from our Monitoring Agent tool (from the editor Dassault Systemes) through Common ... by benji00 New Member in Monitoring Splunk 09-10-2019 0 0	0	0
How to increase 'Crash log' size? Splunk instance crashed with incomplete crash file (crash.log*) under $SPLUNK_HOME/splunk/var/log/splunk/. The crash... by jawaharas Motivator in Monitoring Splunk 09-09-2019 1 3	1	3
why do I keep getting "getaddrinfo EAI_AGAIN' for my splunk server. I am using node.Js server. so it's come under UncaughtException. Detailed error is given in description. Error: getaddrinfo EAI_AGAIN splunk-hec...com splunk-hec...com:8088\n at GetAddrInfoReqWrap.onlookup as oncomple... by mak1123 New Member in Monitoring Splunk 09-09-2019 0 1	0	1
What does "Events may not be returned in sub-second order due to memory pressure." mean? What does "Events may not be returned in sub-second order due to memory pressure." mean? by jtrucks Splunk Employee in Monitoring Splunk 09-09-2019 5 12	5	12
Treat certain response codes as OK, in "Website Monitoring" app? (New to Splunk - please forgive rookie questions.) The question is about Website Monitoring app's configuration. It... by alexeig Engager in Monitoring Splunk 09-09-2019 0 2	0	2
System failures Hello Everyone, I am trying to identify the system failure based on the below sample data :- ABCD AB1234 USERID... by rajatsinghbagga Explorer in Monitoring Splunk 09-05-2019 0 4	0	4