Monitoring Splunk

Ask a Question

Discussions

Thread Info

Disk Space issue on Indexers Cluster

We have multisite Indexer cluster setup. one of the indexer server disk space get full and become offline whereas ot...

by Path Finder in

Splunk Universal Forwarder Only Sends data once on Monitor Input config followed by Restart

I have a UF installed(v7.3.1) on CentOS with ulimits configured for max open files etc. the file monitor input st...

by Splunk Employee in

Splunk Support team and Diag File - Migrate / reproduce a Splunk instance

Hi All.. we were wondering why Splunk Support team would require the "diag file" when we open a support ticket? is th...

by SplunkTrust in

| dbinspect corruptonly=true index=* VS ./splunk fsck scan –all-buckets-all-indexes

When it comes to looking for corrupt buckets I wonder if those two commands are morally the same - at least on some l...

by Path Finder in

Memory tuning guide?

All, I am receiving this error message in a relatgively small Splunk stack that is brand new. 3 errors occurred...

by Builder in

High CPU on my Splunk BOX

Hi How can i see what Splunk is doing when the CPU goes to ~90% for 30 minutes on my Splunk box and stays there.I ...

by Influencer in

How can we integrate emite or nxlog with splunk ?

I have build one POC . To integrate splunk with emite,nxlog and zenoss Please help me on the same Thanks in Ad...

by Path Finder in

Splunk btool vs literal search differ

We are trying to override a field in Splunk_TA_nix. Rather than working on Splunk_TA_nix (local), we have a separate...

by Super Champion in

Splunk and SAP RZ20 (CCMS) transaction log

Hello SAP has a module called CCMS which uses a transaction monitor (GUI) using RZ20. My question is - has anyone tak...

by New Member in

install splunk by user to monitor remote server logs windows os

I have data stored on one windows os server now I want to install splunk on another windows server by which I can rea...

by Builder in

Is there a way of determining your IOPS speed from Splunk?

Our virtualization team has been less than honest with us in the past and have told us we have "fast" storage. We've ...

by Builder in

How to disable monitoring console using command line.

Hi, We have enabled distributed mode monitoring console on one of the splunk servers, how can I disable monitoring...

by Path Finder in

Minimum Free Disk Space for Splunk Universal Forwarder

In Splunk Enterprise, the minimum free disk space (5000MB) is needed. For Splunk Universal Forwarder, what is the min...

by Communicator in

What does "./splunk stop" do?

My indexer takes a good 5+ minutes to stop, so I've been pkill -f'ing it for the last year and a half. What does ./sp...

by Motivator in

Stop splunk gracefully during system shutdown or reboot - RESOLVED

As the indexers and search heads are in cluster and on Unix OS, whenever there is a proper shutdown or reboot of serv...

by Path Finder in

Distributed Monitoring console unable to find indexers

I followed the instructions for setting up the monitoring console in distributed mode. I have added the cluster maste...

by Builder in

Trend analysis with joined input lookups

I have a joined input lookup as per the below | union [ inputlookup int_issue | search reporter=test1 status!=c...

by Communicator in

How to add new AD-groups to monitor in splunk?

Infra team has created a AD-groups to a folder path, we need to get events in the Splunk, so my questions are : 1) ho...

by New Member in

Fileintegrity-monitoring

Hello community I heard that Splunk does support fileintegrity-monitoring. Only on the host where Splunk is instal...

by Engager in

Splunk Linux Infra resource monitoring not using the monitoring console

Good morning I have been tasked with creating a Dashboard that will be visible by another team to show the Splunk Lin...

by Explorer in

Why am I gettin the warning "Restricting results of the "rest" operator to the local instance because you do not have the "dispatch_rest_to_indexers" capability."

Since we upgraded from Splunk 6.5.3 to 7.0.3 we are getting the following warning: REST Processor: Restricting res...

by Splunk Employee in

Is there a way to automate the monitoring console health check?

all, Is there a way to automate the monitoring console health check and get the results emailed to me? weekly ?

by Builder in

Disabling CBC mode ciphers

Hi Team, SSLv3.0/TLSv1.0 Protocol Weak CBC Mode vulnerability have been identified on Splunk during internal scan....

by Explorer in

What does the number of files means in Files & Directories Monitor and where does it come from?

Hi, I am monitoring zip files from folders with below inputs.conf: What does the number of files denote shown in the ...

by Builder in

monitor universal forwarder agent license expiry date

Dear splunkers , I want to monitor my universal forwarder agent license expiry date . I am able to monitor it f...

by Communicator in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Disk Space issue on Indexers Cluster

Splunk Universal Forwarder Only Sends data once on Monitor Input config followed by Restart

Splunk Support team and Diag File - Migrate / reproduce a Splunk instance

| dbinspect corruptonly=true index=* VS ./splunk fsck scan –all-buckets-all-indexes

Memory tuning guide?

High CPU on my Splunk BOX

How can we integrate emite or nxlog with splunk ?

Splunk btool vs literal search differ

Splunk and SAP RZ20 (CCMS) transaction log

install splunk by user to monitor remote server logs windows os

Is there a way of determining your IOPS speed from Splunk?

How to disable monitoring console using command line.

Minimum Free Disk Space for Splunk Universal Forwarder

What does "./splunk stop" do?

Stop splunk gracefully during system shutdown or reboot - RESOLVED

Distributed Monitoring console unable to find indexers

Trend analysis with joined input lookups

How to add new AD-groups to monitor in splunk?

Fileintegrity-monitoring

Splunk Linux Infra resource monitoring not using the monitoring console

Why am I gettin the warning "Restricting results of the "rest" operator to the local instance because you do not have the "dispatch_rest_to_indexers" capability."

Is there a way to automate the monitoring console health check?

Disabling CBC mode ciphers

What does the number of files means in Files & Directories Monitor and where does it come from?

monitor universal forwarder agent license expiry date

Dashboards: Hiding charts while search is being executed and other uses for tokens

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

Brains, Bytes, and Boston: Learn from the Best at .conf25

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions