Monitoring Splunk

Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
becksyboy

Perfmon stanza

Hi, we are trying to on board some windows perfmon counters. We can do LogicalDisk, Memory, Network Interface, Physi...
by becksyboy Contributor in Monitoring Splunk 05-13-2019
0 2
0
2
sivaranjiniG

Difference between Infra Monitoring Application and DMC/MC

Can someone tell me difference between having infra monitoring application and DMC/MC?
by sivaranjiniG Communicator in Monitoring Splunk 05-13-2019
0 1
0
1
sbgoldberg13

Can Splunk monitor for successful backup jobs

Is there a good way to monitor for successful backup job completions in the Splunk base package? Does the IT Service...
by sbgoldberg13 Explorer in Monitoring Splunk 05-13-2019
0 5
0
5
artrune

RAW Time series for a specific field

Right now I have a query or a search as follows: index=main earliest=" + earliestDate + " latest=" + latestDate + " ...
by artrune Path Finder in Monitoring Splunk 05-13-2019
0 5
0
5
mchang_splunk

map command returns main index even searching _internal only

I tried to test map command on Splunk 7.1.3 with following search: index=_internal earliest=-60m | map maxsearches=1...
by mchang_splunk Splunk Employee Splunk Employee in Monitoring Splunk 05-11-2019
0 1
0
1
clorne

modular input and ERROR AdminManagerDispatch cannot call handler

Hello, I am trying to install a modular input. On a standalone Splunk, there is no problem, the setup dashboard show...
by clorne Communicator in Monitoring Splunk 05-10-2019
0 3
0
3
gustavobrgyn

Rapid7 search error

Hello, I'm trying to use the search below but I only get 0 events. What Am I doing wrong? index=rapid7 sourcetype...
by gustavobrgyn New Member in Monitoring Splunk 05-10-2019
0 1
0
1
broccolino

How to assign ticket from Jira by splunk?

Hi everyone, I am creating a dashboard to consult data from Jira, I wish I could be able to assign tickets from Jira...
by broccolino New Member in Monitoring Splunk 05-10-2019
0 0
0
0
sravankaripe

How to know what kind of logs are indexing to each indexer

How to see what kind of logs are indexing to each indexer can please help with splunk basic query.
by sravankaripe Communicator in Monitoring Splunk 05-09-2019
0 2
0
2
pkd18

log file rotate and flush conundrum

Splunk forwarder monitors a file named AppLogs.txt. 3 times a day, a cron job copies the original file to a backup Ap...
by pkd18 Engager in Monitoring Splunk 05-09-2019
0 1
0
1
christianubeda

Duplication detection of IPs detected by DHCP server | Splunk alert

Hi team! I want to detect Duplication detection of IPs detected by DHCP server. I have no Idea what to check... Ha...
by christianubeda Path Finder in Monitoring Splunk 05-08-2019
0 3
0
3
rashid47010

reindex the log files into new index

i created new index and I want to load log files into that index. these files were previously indexed to another inde...
by rashid47010 Communicator in Monitoring Splunk 05-07-2019
0 3
0
3
Durbina00

Splunk Mobile Subscription Error,Splunk mobile / Server error Subscription

Hi everyone. A few days back I saw the new Splunk Mobile app available, and I couldn’t wait, I decided to install it...
by Durbina00 Explorer in Monitoring Splunk 05-06-2019
0 2
0
2
bullockw

Is there a way to expand the Centos-root directory on the Splunk server without harming the VM?

I am in need of assistance. The /dev/mapper/centos-root directory on my Splunk server is full. Is there a way that it...
by bullockw New Member in Monitoring Splunk 05-06-2019
0 11
0
11
mgiddens

Splunk daily license volume not resetting at midnight.

Good afternoon. I am having an issue with my daily license volume used not resetting at midnight. I have created an ...
by mgiddens Path Finder in Monitoring Splunk 05-05-2019
0 6
0
6
priyg96

Performance impact on using max_rawsize_perchunk in limits.conf

Hi everyone, I am indexing 3000 large JSON events at a time in Splunk, but when I hit the Splunk query, it gives me b...
by priyg96 New Member in Monitoring Splunk 05-04-2019
0 2
0
2
MousumiChowdhur

What's the best way to get the list of forwarders where splunkd service has stopped running?

Hi! I need to find out list of all the servers where splunkd service is not running which were running before. I hav...
by MousumiChowdhur Contributor in Monitoring Splunk 05-02-2019
4 3
4
3
sdubey_splunk

Why am I unable to parse offline windows event logs using Add data via Splunk Web?

OS version : Windows 10 We want upload a saved windows event logs file (.evtx) to Splunk. Splunk assigned "Preproce...
by sdubey_splunk Splunk Employee Splunk Employee in Monitoring Splunk 05-02-2019
0 3
0
3
pgadhari

Improving search performance of search powered by summary index, datamodel and using loadjob ?

I have a panel which loads data for last 3 months and it takes approx 120 secs to load the single panel value - showi...
by pgadhari Builder in Monitoring Splunk 04-30-2019
1 16
1
16
dkolekar_splunk

Why are there error messages in Splunkd: "ERROR ExecProcessor - message from "python...splunk_app_infrastructure\bin\em_entity_manager.py"?

The messages below appear in splunkd.log from splunk_app_infrastructure. The splunk_app_infrastructure is running fin...
by dkolekar_splunk Splunk Employee Splunk Employee in Monitoring Splunk 04-30-2019
1 1
1
1
rpquinlan

Looking at Queue Fill ratios in DMC - which aggregation?

What's the general consensus / best practice when looking in the DMC --> Indexing --> Indexing Performance: Instance,...
by rpquinlan Path Finder in Monitoring Splunk 04-30-2019
0 2
0
2
bwakely

Troubles with disk space / quotas / $SPLUNK_BASE/var/run/splunk/srtemp/

Greetings all, Issue: Space on server exhausted, primarily in folder $SPLUNK_HOME/var/run/splunk/srtemp Splunk vers...
by bwakely Explorer in Monitoring Splunk 04-29-2019
2 4
2
4
sdubey_splunk

Email Configuration Setting is not working for smtp.gmail.com

We have configured Email Settings referring https://www.splunk.com/blog/2014/06/27/splunk-alerts-using-gmail-twitter-...
by sdubey_splunk Splunk Employee Splunk Employee in Monitoring Splunk 04-26-2019
0 2
0
2
fsolercasanova

Can you hot add RAM to a splunk searchhead virtual machine without a restart of Splunkd

We are running our Splunk Enterprise Deployment inside of VSphere. We are wondering if the Splunkd service on the Sea...
by fsolercasanova Explorer in Monitoring Splunk 04-25-2019
1 2
1
2
shivakarnati

Splunk Universal Forwarder not monitoring WindowEvent Security logs suddenly

The Splunk Universal forwarder is stopped forwarding windows Event Security logs, After check the system logs we cam...
by shivakarnati New Member in Monitoring Splunk 04-24-2019
0 2
0
2
Get Updates on the Splunk Community!

Data Management Digest – December 2025

Welcome to the December edition of Data Management Digest! As we continue our journey of data innovation, the ...

Index This | What is broken 80% of the time by February?

December 2025 Edition   Hayyy Splunk Education Enthusiasts and the Eternally Curious!    We’re back with this ...

Unlock Faster Time-to-Value on Edge and Ingest Processor with New SPL2 Pipeline ...

Hello Splunk Community,   We're thrilled to share an exciting update that will help you manage your data more ...