Monitoring Splunk

Community Activity

Dataset used for getting search performance numbers I want to evaluate the search performance of my Splunk setup similar to what Splunk has published here: https://docs.... by swatishs Explorer in Monitoring Splunk 04-03-2019 0 1	0	1
Monitoring EVTX file on different partition provides garbled data I've moved the Windows Event log Forwarded Events log to another partition because I expect it to out grow the C part... by bobmc859 New Member in Monitoring Splunk 04-03-2019 0 0	0	0
Monitoring Console continues to display old SH Cluster member. Is there a way to do a cleanup? Hi, We have a Search Head Cluster with 3 members. Originally when the cluster was setup there was a 4th member that ... by att35 Builder in Monitoring Splunk 04-03-2019 0 0	0	0
Issues with Saved searches not running I have multiple saved searches running at different times and strangely none of them are running in the weekend . Whe... by vrmandadi Builder in Monitoring Splunk 04-02-2019 0 6	0	6
tfidf+anomalydetection Hello, I would like to evaluate my logs searching anomalies. Let us say I would like to evaluate a new software kern... by damucka Builder in Monitoring Splunk 04-02-2019 0 10	0	10
Can you help me resolve this failed to reap viewstate error? Hi , I am getting the below error in splunkd.log, due to which, the data is not getting ingested. Requesting help to... by shahid285 Path Finder in Monitoring Splunk 04-01-2019 0 0	0	0
Splunk Security Finding Hi, Please update us if the HTTP OPTIONS can be disabled? What are the affected ports? Vulnerability Name: HTTP O... by khusain_splunk Splunk Employee in Monitoring Splunk 03-31-2019 0 2	0	2
How to search Splunk's internal audit events to see which users are logging in and logging out? Hi folks, Been doing a bit of digging within Splunk to see who is logging in and out. I don't see a clear event in t... by jravida Communicator in Monitoring Splunk 03-26-2019 0 20	0	20
monitor performance counter for a specific process Hi, Is there a way to do the subj. , i.e. to monitor performance counter of a specific process on Windows? Let's say ... by barsuk1 New Member in Monitoring Splunk 03-26-2019 0 4	0	4
Splunkd Service is in a restart loop I am trying to start the Plunkd service but when i do it starts and stops with the below error C:\Users\Administra... by Yorkiedortmund New Member in Monitoring Splunk 03-26-2019 0 2	0	2
Monitor statement for syslog server Trying to figure out the correct monitor statement for my inputs.conf for logs being sent to my syslog server. /var/... by basketballah21 Engager in Monitoring Splunk 03-25-2019 0 1	0	1
Why receiving resource usage errors in splunkd.log "Failure getting value for disk reads" Every minute log this message. I want to know cause of error message and know workaround. 02-27-2017 17:55:04.455 +0... by kksol007 Engager in Monitoring Splunk 03-21-2019 1 3	1	3
What is the best way to measure current license usage? While trying to root cause a huge influx of logs into my instance I noticed that querying my current license usage th... by fhlbcsplunkbase Explorer in Monitoring Splunk 03-20-2019 0 4	0	4
_audit index assistance Does anyone know how to setup a stats table for the _audit with all data in that index? Mainly listing all the data i... by reneedeleon Engager in Monitoring Splunk 03-18-2019 0 1	0	1
help on coalesce command with bad performances Hi I use the function coalesce but she has very bad performances because I have to query a huge number of host (5000... by jip31 Motivator in Monitoring Splunk 03-18-2019 0 1	0	1
Monitoring a text file Issue I am trying to extract some information from a text file. This is how my inputs.conf looks like, [monitor://C:\Temp\... by Channu New Member in Monitoring Splunk 03-14-2019 0 4	0	4
Using python external lookup An error occurs when requesting an HTTPS website I have a simple external lookup python script that implements a simple post request and returns the result to the sp... by bestSplunker Contributor in Monitoring Splunk 03-13-2019 0 5	0	5
Getting "top 3" (Windows) processes, sorted by CPU usage, when CPU usage goes over xx% Hello everyone, Pretty new to Splunk and, to be honest, I'm going under in work so I don't have time to work myself ... by so_edv1 New Member in Monitoring Splunk 03-10-2019 0 2	0	2
O365 Audit log Data Store sizing I am looking for a sizing calculator for dumping O365 audit logs into Splunk Siem. Such as average log size per email... by ryanbradshaw New Member in Monitoring Splunk 03-07-2019 0 0	0	0
Configuration to achieve better performance of Splunk I want to carry out performance monitoring of Splunk. I came across this benchmark while browsing https://docs.splunk... by swatishs Explorer in Monitoring Splunk 03-07-2019 0 1	0	1
monitoring log truncated We have a service where logs are truncated. Example, we have hola.log that fridays copy all content to new file hola2... by rjfv8205 Path Finder in Monitoring Splunk 03-06-2019 0 1	0	1
How can we measure two removed monitored files? A customer asked to remove two monitored files, which I did today. They asked - -- Is there a way we can get the ex... by ddrillic Ultra Champion in Monitoring Splunk 03-05-2019 0 5	0	5
Change splunkd management port on Universal forwarder I would like to change the splunk management port from 8089 to some higher port say 9089. What is the best way to do ... by skrish91 Path Finder in Monitoring Splunk 03-04-2019 0 3	0	3
How to Produce a Log for "Splunk Forwarder Removal" Hello Splunkers, I would like to keep track of my machines that contain a Splunk forwarder by producing a log of the... by zekiramhi Path Finder in Monitoring Splunk 03-04-2019 0 3	0	3
In Splunk, why am I getting the following error: "contains invalid UTF-8 encoding". In the Splunk search head, while checking the Splunk status in the search head, I found the following messages contin... by dkolekar_splunk Splunk Employee in Monitoring Splunk 03-03-2019 0 1	0	1