Monitoring Splunk

Thread Info

Monitor remote host logs?

I can't understand that. How to Splunk monitor log from remote linux log? Universal Forwarder have been installed in ...

by New Member in

Splunk Cloud Audit Login attempts

In splunk cloud we want to monitor failed login attempts against the Splunk cloud searchhead.This log is visible unde...

by Communicator in

License Pool Violation - After Search is disabled on a license pool due to 5 violations, and event generation issue is fixed, how long do I have to wait for Search re-enabling ?

Hello, I had an issue with one of our applications which generate too many events => I have been in 5 days of licens...

by New Member in

Duplicate logs.

Hi Splunker; Splunk monitoring logs from URL by reset API, but we noticed that there duplicate logs, I mean Splunk...

by Path Finder in

Time Graph question regarding license usage as the day goes on

I am new to my admin role and need to get a better handle on our usage as the day goes on. We're always close to our ...

by Path Finder in

Disk Space issue on Indexers Cluster

We have multisite Indexer cluster setup. one of the indexer server disk space get full and become offline whereas ot...

by Path Finder in

Splunk Universal Forwarder Only Sends data once on Monitor Input config followed by Restart

I have a UF installed(v7.3.1) on CentOS with ulimits configured for max open files etc. the file monitor input st...

by Splunk Employee in

Splunk Support team and Diag File - Migrate / reproduce a Splunk instance

Hi All.. we were wondering why Splunk Support team would require the "diag file" when we open a support ticket? is th...

by SplunkTrust in

| dbinspect corruptonly=true index=* VS ./splunk fsck scan –all-buckets-all-indexes

When it comes to looking for corrupt buckets I wonder if those two commands are morally the same - at least on some l...

by Path Finder in

Memory tuning guide?

All, I am receiving this error message in a relatgively small Splunk stack that is brand new. 3 errors occurred...

by Builder in

High CPU on my Splunk BOX

Hi How can i see what Splunk is doing when the CPU goes to ~90% for 30 minutes on my Splunk box and stays there.I ...

by Influencer in

How can we integrate emite or nxlog with splunk ?

I have build one POC . To integrate splunk with emite,nxlog and zenoss Please help me on the same Thanks in Ad...

by Path Finder in

Splunk btool vs literal search differ

We are trying to override a field in Splunk_TA_nix. Rather than working on Splunk_TA_nix (local), we have a separate...

by Super Champion in

Splunk and SAP RZ20 (CCMS) transaction log

Hello SAP has a module called CCMS which uses a transaction monitor (GUI) using RZ20. My question is - has anyone tak...

by New Member in

install splunk by user to monitor remote server logs windows os

I have data stored on one windows os server now I want to install splunk on another windows server by which I can rea...

by Builder in

Is there a way of determining your IOPS speed from Splunk?

Our virtualization team has been less than honest with us in the past and have told us we have "fast" storage. We've ...

by Builder in

How to disable monitoring console using command line.

Hi, We have enabled distributed mode monitoring console on one of the splunk servers, how can I disable monitoring...

by Path Finder in

Minimum Free Disk Space for Splunk Universal Forwarder

In Splunk Enterprise, the minimum free disk space (5000MB) is needed. For Splunk Universal Forwarder, what is the min...

by Communicator in

What does "./splunk stop" do?

My indexer takes a good 5+ minutes to stop, so I've been pkill -f'ing it for the last year and a half. What does ./sp...

by Motivator in

Stop splunk gracefully during system shutdown or reboot - RESOLVED

As the indexers and search heads are in cluster and on Unix OS, whenever there is a proper shutdown or reboot of serv...

by Path Finder in

Distributed Monitoring console unable to find indexers

I followed the instructions for setting up the monitoring console in distributed mode. I have added the cluster maste...

by Builder in

Trend analysis with joined input lookups

I have a joined input lookup as per the below | union [ inputlookup int_issue | search reporter=test1 status!=c...

by Communicator in

How to add new AD-groups to monitor in splunk?

Infra team has created a AD-groups to a folder path, we need to get events in the Splunk, so my questions are : 1) ho...

by New Member in

Fileintegrity-monitoring

Hello community I heard that Splunk does support fileintegrity-monitoring. Only on the host where Splunk is instal...

by Engager in

Splunk Linux Infra resource monitoring not using the monitoring console

Good morning I have been tasked with creating a Dashboard that will be visible by another team to show the Splunk Lin...

by Explorer in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

Monitor remote host logs?

Splunk Cloud Audit Login attempts

License Pool Violation - After Search is disabled on a license pool due to 5 violations, and event generation issue is fixed, how long do I have to wait for Search re-enabling ?

Duplicate logs.

Time Graph question regarding license usage as the day goes on

Disk Space issue on Indexers Cluster

Splunk Universal Forwarder Only Sends data once on Monitor Input config followed by Restart

Splunk Support team and Diag File - Migrate / reproduce a Splunk instance

| dbinspect corruptonly=true index=* VS ./splunk fsck scan –all-buckets-all-indexes

Memory tuning guide?

High CPU on my Splunk BOX

How can we integrate emite or nxlog with splunk ?

Splunk btool vs literal search differ

Splunk and SAP RZ20 (CCMS) transaction log

install splunk by user to monitor remote server logs windows os

Is there a way of determining your IOPS speed from Splunk?

How to disable monitoring console using command line.

Minimum Free Disk Space for Splunk Universal Forwarder

What does "./splunk stop" do?

Stop splunk gracefully during system shutdown or reboot - RESOLVED

Distributed Monitoring console unable to find indexers

Trend analysis with joined input lookups

How to add new AD-groups to monitor in splunk?

Fileintegrity-monitoring

Splunk Linux Infra resource monitoring not using the monitoring console

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

Updated Data Type Articles, Anniversary Celebrations, and More on Splunk Lantern

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions