Monitoring Splunk

Discussions

Thread Info

Indexing Sharepoint mounted path in Splunk?

I am able to index my local C:/ drive local files in Splunk , but unable to index X:/ drive (Sharepoint path) folder ...

by Explorer in

data.elapsed duration for scheduled searches + multiple instances of search- How do i read the results?

I am investigating higher CPU usage on my indexers, and am finding that this is a hard topic to really pinpoint. I...

by Path Finder in

Splunk Stream Dashboard > no DB Source or DB Server- How to connect to external Postgres DB?

Could anyone please tell me how to connect to external Postgres DB so I could see data in this dashboard? I cannot fi...

by Loves-to-Learn Lots in

How to troubleshoot Splunk not running on web interface?

Hello,I've been running splunk on VMware since March this year, which is connected to a pfSense. I recently checked o...

by Explorer in

Anyone know if its possible to pull back the time from all the Splunk infrastructure?

Hello, Anyone know if its possible to pull back the time from all the Splunk infrastructure. I have over 200 IDX ...

by Engager in

How can I monitor status of "All Data is Searchable, Search Factor is Met, Replication Factor is Met" using CLI?

On my Splunk Master node, I can check the status if "All Data is Searchable, Search Factor is Met, Replication Factor...

by Engager in

Splunk DB Connect: Is Oracle 19c compatible?

I would like to onboard the data from Oracle 19c database to splunk. So, i would like to know if Oracle 19c is co...

by Observer in

Splunk Observability Trial- unable to integrate my AWS AKS cluster?

I am trying to explore the free trail edition of splunk Observability. However I am not able to integrate my AWS EKS ...

by New Member in

Is it possible to disable ticket integration and Mail notifcation integration temporary for all alerts?

Hi Team,Is it possible to disable ticket integration and Mail notifcation integration temporary for all alerts ? duri...

by Path Finder in

Health Check keeps loading Splunk Enterprise 8.2.7?

The Health check from my monitoring console keeps "loading". I pressed F12 and it shows a few errors: If I...

by Loves-to-Learn in

How to create a search to calculate top5 license consuming index for last 7 days?

Hi I wanted to get the details of the top 5 indexes consuming high license seperated by date for last 7 da...

by Path Finder in

Why does my Splunk process on my search head show not available abruptly?

I have noticed that Splunk process on my development search-head shows not available abruptly. And then it becomes av...

by Engager in

Why are _internal logs from heavy forwarder(HF) not getting to indexers after a Splunkd restart but _audit are?

All of a sudden, _internal logs from HF stopped coming to indexers after a Splunkd restart. But, i see _audit logs ma...

by Communicator in

How to edit search string for date?

Hello fellow Splunkers. I need a little help with an issue I am having with one of my dashboards. Im sure its a simp...

by Explorer in

Audit.log restart_splunkd- What produces these messages, and how can I tell if splunkd restarted?

I'm seeing many action=restart_splunkd messages from my "_audit" index. I can tell from my processor status that splu...

by Engager in

It is safe to change all "maxBackupIndex" keys directly in /etc/log.cfg or there is a better way to achieve that goal?

Hello folks, I am new to splunk. We need to change log indexing from 5 to 3 on Splunk Enterprise for Windows. ...

by Explorer in

How do you search users who were not logged in the past 30 days in azure AD?

Hi, I am trying to search for a list of users who have not logged into the azure ad past 30 daysCan you please he...

by Explorer in

How to configure universal forwarder props.conf for truncate?

Hi, I'm using Splunk universal Forwarder for sending UiPath Robot logs to Splunk Server. I noticed that some of o...

by Explorer in

What can be done when the parsing and aggregation queues are filled up?

One out of the eight indexer has the two queues filled up for a couple of hours - parsing and aggregation queues. Wha...

by Motivator in

Would there be any cost involved from Azure if we pull logs from Azure to Splunk?

Hi All,We are using the Microsoft Cloud Services Add-On for Splunk to integrate and ingest the logs from Azure Storag...

by Communicator in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Indexing Sharepoint mounted path in Splunk?

data.elapsed duration for scheduled searches + multiple instances of search- How do i read the results?

Splunk Stream Dashboard > no DB Source or DB Server- How to connect to external Postgres DB?

How to troubleshoot Splunk not running on web interface?

Anyone know if its possible to pull back the time from all the Splunk infrastructure?

How can I monitor status of "All Data is Searchable, Search Factor is Met, Replication Factor is Met" using CLI?

Splunk DB Connect: Is Oracle 19c compatible?

Splunk Observability Trial- unable to integrate my AWS AKS cluster?

Is it possible to disable ticket integration and Mail notifcation integration temporary for all alerts?

Health Check keeps loading Splunk Enterprise 8.2.7?

How to create a search to calculate top5 license consuming index for last 7 days?

Why does my Splunk process on my search head show not available abruptly?

Why are _internal logs from heavy forwarder(HF) not getting to indexers after a Splunkd restart but _audit are?

How to edit search string for date?

Audit.log restart_splunkd- What produces these messages, and how can I tell if splunkd restarted?

It is safe to change all "maxBackupIndex" keys directly in /etc/log.cfg or there is a better way to achieve that goal?

How do you search users who were not logged in the past 30 days in azure AD?

How to configure universal forwarder props.conf for truncate?

What can be done when the parsing and aggregation queues are filled up?

Would there be any cost involved from Azure if we pull logs from Azure to Splunk?

SplunkTrust | Where Are They Now - Michael Uschmann

Admin Your Splunk Cloud, Your Way

Cloud Platform | Discontinuing support for TLS version 1.0 and 1.1

Do we have splunk alert if ingest across indexes/s...

How to get total disk quota usage of a user OR rol...

How to send Envoy proxy access logs on Splunk serv...

Has anyone worked on "microsoft teams rooms pro ma...

Why is httpclientpollingthread dutycycle ratio alw...