Monitoring Splunk

Community Activity

Why does our Monitoring Console (Resource Usage: Instance) disk capacity does not match reality? One of the Splunk partitions had its volume disk capacity increased, but in the monitoring console, it keeps showing ... by alonsocaio Contributor in Monitoring Splunk 01-10-2019 1 1	1	1
Parameters and variables in dbxlookup DB Connect (v3.1.3) Hi, I have a problem how to pass parameters (variables) to dbxlookup (v3.1.3). I need pass variable VAR from Splunk ... by dgelo Explorer in Monitoring Splunk 01-10-2019 1 3	1	3
inputlookup searches How to use a inputlook to run several different indexes depending on which option the user selects on the drop down a... by Eshaac Engager in Monitoring Splunk 01-08-2019 0 2	0	2
Splunkからsyslogサーバへの転送設定について SplunkからSyslogサーバへのログの転送を検討しています。 Forwarderから受け取ったデータをIndexに格納しつつ、特定ソースタイプのみIndexerからSyslogサーバへ転送したいです。有効な設定方法を教えてく... by TAMURA1990 Explorer in Monitoring Splunk 01-07-2019 0 4	0	4
Are ad-hoc Splunk searches multi threaded? In simple words, if I execute an ad-hoc search on a Splunk environment that has multiple CPU cores across indexer clu... by ppuru Path Finder in Monitoring Splunk 01-07-2019 0 2	0	2
jquery context menu in dashboard Hi, I am trying to use a jquery plugin ( https://github.com/swisnl/jQuery-contextMenu ) to create a custom context m... by josephkverghese Engager in Monitoring Splunk 01-07-2019 0 2	0	2
How do you create a correlation rule for intrusion prevention sytem deviations? I currently have two different IDS/IPS systems that are sending data to Splunk. These sensors are spread out across m... by ericl42 Path Finder in Monitoring Splunk 01-07-2019 0 3	0	3
Feature request: fsck repair indexes performance Hi, I think more than me experience repairing corrupted indexes take long time. At least in my environment with a si... by ToreEnger Explorer in Monitoring Splunk 01-02-2019 4 9	4	9
monitored drafted mail We are using Zimbra as our private mail server. We are monitoring the logs of this server. How can I see if someone h... by praneshjan Explorer in Monitoring Splunk 01-01-2019 0 1	0	1
Unable to get the perfmon logs from Windows Universal Forwarder I am using universal forwarder and unable to get the metrics to the Splunk dashboard. we need some help in fixing t... by khusain_splunk Splunk Employee in Monitoring Splunk 12-28-2018 0 1	0	1
What could be the reason for a spike in CPU Usage in some indexers in a clustered environment? Hi, I have a clustered environment and it runs smoothly, but sometimes, I see a spike in CPU Usage in some of the in... by nawazns5038 Builder in Monitoring Splunk 12-28-2018 0 2	0	2
Can you help us with a Splunk Root user Issue? Hi Splunkers, Last week, one of our search head went down and we tried to restart the server. We have done some tro... by rohitvjoshi Path Finder in Monitoring Splunk 12-28-2018 0 1	0	1
How do you parse the following JSON data? Hi, I want to parse below json data .Below is one sample event- Objabco.codecnullavro.schema�{"type":"record","n... by ips_mandar Builder in Monitoring Splunk 12-25-2018 0 3	0	3
Can you help me remove some unnecessary values in a field? Hello Folks, I'm struck with removing result fields unnecessary values: ex: src domain (1)www(2)google(3)co... by leninkp3005 Explorer in Monitoring Splunk 12-20-2018 0 2	0	2
Can you help us find web GUI log in attempts from index=_audit? Hi, We're looking for web GUI log in attempts from index=_audit. Note that for event like following: Audit:[timest... by stwong Communicator in Monitoring Splunk 12-20-2018 0 6	0	6
Monitoring Remote log via file share but have \x00\ usually the first few line have issue, i suspect the application still writing the log file but splunk already try to... by kennethyeung New Member in Monitoring Splunk 12-19-2018 0 0	0	0
How do I search results that depend on the subsearch being empty? Hello, I have following search: index=mlbso sourcetype=BWP_hanatraces earliest=1543313122.531 latest=1543313122.537... by damucka Builder in Monitoring Splunk 12-19-2018 0 1	0	1
How can we handle under spec search heads? Most of our Search Heads are of 252 GBs of RAM but there are some old VMs with 48 GBs of RAM. These ones have been un... by ddrillic Ultra Champion in Monitoring Splunk 12-17-2018 1 6	1	6
Has anyone brought Prometheus data into Splunk? Hey there, our private cloud team currently uses Prometheus to monitor system level data. I was wondering if anyone ... by paimonsoror Builder in Monitoring Splunk 12-14-2018 2 2	2	2
How can I calculate the average duration between changes of two fields / events? Hi  My base search looks like this: I used \| dedup RobotSubState for this screenshot. In reality, every 1 second,... by j_r Path Finder in Monitoring Splunk 12-13-2018 0 12	0	12
Should our two multisite clusters have distinct site numbers? We have our original multisite cluster with site1 and site2. It will be decommissioned in 6 months when all of its i... by lycollicott Motivator in Monitoring Splunk 12-13-2018 1 7	1	7
Can you help me with the following error that showed up after restarting the server: "Could not create path D:\Splunk\cisco\db appearing in indexes.conf: 3" I restarted my server, and the Splunk web GUI didn't load up. My other servers and search heads load up, just not thi... by willsy Communicator in Monitoring Splunk 12-11-2018 0 5	0	5
Login Attempts And Lockout Status Hello Community, I'm new to splunk and couldn't seem to find an answer to my question. I'm currently running a Splu... by thijsvl Engager in Monitoring Splunk 12-11-2018 0 3	0	3
Is it normal for Splunkd to attempt to terminate the McAfee Processes? Hello, I'm using McAfee VirusScan Enterprise and Host Intrusion Prevention (HIPS), and HIPS is reporting that Splunk... by foxmccloud Explorer in Monitoring Splunk 12-07-2018 0 10	0	10
How to restrict time range picker to specific period for search? Hello Team, Here, I want some way to restrict events to search more than a specific period. eg. user can only selec... by kamlesh_vaghela SplunkTrust in Monitoring Splunk 12-06-2018 0 3	0	3