Monitoring Splunk

Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
ppanchal

Unable to monitor logs from windows machine.

Hi, I am struggling to monitor files from a windows machine. Below is my inputs.conf file [default] index=maspat [...
by ppanchal Path Finder in Monitoring Splunk 08-30-2018
0 2
0
2
damode

Index Detail: Instance page on the DMC not showing any data

As the title says, there is no data on the Index Detail page. The search results says" Search is waiting for input....
by damode Motivator in Monitoring Splunk 08-29-2018
0 1
0
1
godman

Remove the Splunk monitors from CLI

I am trying to remove some monitors and when i tried from CLI it's throwing me Error : Parameters must be in the form...
by godman Path Finder in Monitoring Splunk 08-28-2018
0 7
0
7
mctester

What does this splunkd.log event mean? 07-19-2013 04:19:02.641 -0400 INFO Archiver - Archiving large_file=/opt/splunk/etc/apps/MAXMIND.new/bin/city.dat of size_in_bytes=54745499 (exceeding concerning_threshold=52428800)

I'm seeing a repeated pattern of events in splunkd.log, relating to several .dat files in the MAXMIND app. What is t...
by mctester Communicator in Monitoring Splunk 08-22-2018
1 3
1
3
jgorman_THG

Inputs not working

Hi, I have the following input setup and it won't work. I cannot figure out what is wrong with it. Any ideas? Than...
by jgorman_THG Explorer in Monitoring Splunk 08-22-2018
0 3
0
3
halbeisendv

Tuning for performance

While the Splunk documentation serves us well, I am interested in finding a resource for studying about performance. ...
by halbeisendv Path Finder in Monitoring Splunk 08-21-2018
0 3
0
3
tkwaller_2

How can I re-index license-usage.log?

Hello Someone prior to me had set the license master to forward logs to the wrong hosts so when I fixed it I have no...
by tkwaller_2 Communicator in Monitoring Splunk 08-20-2018
0 2
0
2
satkan100

We have observed one error from one forwarder server to indexer.

We have observed one error from one forwarder server to indexer. Error Message:08-20-2018 13:34:39.963 +0200 ERROR Tc...
by satkan100 Path Finder in Monitoring Splunk 08-20-2018
0 5
0
5
Alesk_andr

Splunk directory monitor issues with aws s3 sync downloads (logs from Cisco Umbrella)

Hi, I have dns/proxy logs on Aws S3, which are originate from Cisco Umbrella platform. Each day, I download new log...
by Alesk_andr New Member in Monitoring Splunk 08-20-2018
0 14
0
14
gkumarashanmuga

While performing the searches getting the warning messages like "usage limit exceed 500 MB"

While performing the searches getting the "usage limit exceed 500 MB" warning messages , To overcome this error , We...
by gkumarashanmuga Explorer in Monitoring Splunk 08-16-2018
0 2
0
2
JuhiSaxena

Latency in Splunk index

I am seeing lag in one of the index of around 1600ms and couldn't see any WARN or ERROR in _internal logs. What could...
by JuhiSaxena Explorer in Monitoring Splunk 08-16-2018
0 1
0
1
JoshuaJohn

Lower Memory usage

I have a query that is being blocked from retrieving all relevant data due to policy to keep queries under 500mb, is ...
by JoshuaJohn Contributor in Monitoring Splunk 08-14-2018
0 4
0
4
vishalchaudhary

Can you truncate tsidx files and what is the impact of doing so when facing disk space issues?

Can I truncate tsidx files as we are facing disk space issue? If yes then what is the impact?
by vishalchaudhary New Member in Monitoring Splunk 08-14-2018
0 1
0
1
nasrinmulani

getting only half of logs in the splunk from monitoring path

Hi All, I have large XML file, i have indexed it using BREAK_ONLY_BEFORE and MUST_BREAK_AFT. But i am getting partia...
by nasrinmulani New Member in Monitoring Splunk 08-13-2018
0 3
0
3
sssignals

Best way to monitor for file transfer across multiple servers without indexing file contents

Hi Splunk community I need to monitor file transfers from servers to servers in different directories. I do not need...
by sssignals Path Finder in Monitoring Splunk 08-12-2018
0 3
0
3
augustnagro

Dashboard based on scheduled report loads slowly while scheduled report executes

I have a bunch of scheduled reports that run 15 minutes past the hour (with the window set to 'Auto'). The dashboar...
by augustnagro Engager in Monitoring Splunk 08-08-2018
3 4
3
4
ankith_nt

Splunk not storing time in milliseconds

I am extracting the timestamp from events in microseconds (%Y-%m-%d:%H:%M:%S.%6N). But when index event timestamp is...
by ankith_nt New Member in Monitoring Splunk 08-08-2018
0 1
0
1
moorvogi

Unknown Protocol and failed to establish connection with kvstore

mongod.log is being spammed with unknown protocol messages. this message rolls from server to server we have this is...
by moorvogi Path Finder in Monitoring Splunk 08-08-2018
0 0
0
0
bsantosh

How to calculate the top 5 license usage by indexes (Average value) for the last 30 days?

Hi, I would like to calculate the average of top 5 indexes by license usage for the last 30 days. Note: there is a s...
by bsantosh New Member in Monitoring Splunk 08-08-2018
0 2
0
2
tnguyen125

eval - Error in 'eval' command: The expression is malformed. Expected ).

index=abc123 | eval app=case(application==Application_1,"app_id_1",application==Application_2,"app_id_2") | stats cou...
by tnguyen125 New Member in Monitoring Splunk 08-07-2018
0 3
0
3
muralisushma7

How much CPU and RAM to allocate to SPLUNK VM which is indexing 25GB per day?

Hi, I need to index 25GB per day to the SPLUNK machine. I am not pretty sure as what exactly the size of CPU and RAM...
by muralisushma7 Explorer in Monitoring Splunk 08-06-2018
0 3
0
3
MiltonTheGreat

If I wanted to continuesly monitor HTTP get request to a particular web server, how would I go about doing this?

So from what I know, I would have to add data to splunk. I know where to go to do this, but I am not sure what to put...
by MiltonTheGreat New Member in Monitoring Splunk 08-04-2018
0 2
0
2
macadminrohit

Persisting the health of a server using the events fired from windows event logs or some other monitoring tool

Hi Experts, We have a search which checks for critical windows event logs on a windows box which decide the health o...
by macadminrohit Contributor in Monitoring Splunk 08-02-2018
0 1
0
1
buildandconfign

AWS ECS Logs in Splunk

Hello Folks, I am trying to send logs from ECS to Splunk and I have followed everything in this blog https://www.spl...
by buildandconfign New Member in Monitoring Splunk 08-02-2018
0 0
0
0
vngzs

Splunk Windows directory monitoring results in 30x "logfile size" to "data indexed" volume

Summary For monitoring Windows directories, Splunk is reporting roughly 30 times the index volume versus the actual ...
by vngzs Engager in Monitoring Splunk 08-01-2018
0 11
0
11
Get Updates on the Splunk Community!

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...