Monitoring Splunk

Ask a Question

Discussions

Thread Info

Can no longer run searches, error messages occurring

I am unable to search, I had a few error messages come up: Dispatch command: the minimum free disk space 8000M...

by New Member in

Why is the memory usage on the SearchHead/Forwarder really high?

Hi, I have two Standalone Search Heads that also act as Heavy Forwarders running Splunk 6.5.1 on RHEL 6.9. The pas...

by New Member in

To monitor files stuck more than 4hrs

Dears, I need to monitor files in a directory which stuck more than 4hrs without any update. We need alert if file...

by Path Finder in

Why is the dispatch.finalizeRemoteTimeline causing searches to take extremely long to finish?

In a given 7 day search, I can get results back in aproximately 10 seconds but the search finalization takes over a m...

by Contributor in

Are the DMC Critical System Physical Memory Usage alerts inherently slow?

We see the following - The elapsed time for each one of them is high. Is it the expected behavior?

by Ultra Champion in

What is the best way to track a specific IP address for traffic flow and when traffic fails over to another location?

We are looking to track a specific IP for traffic to let us know when traffic stops flowing and diverts to another lo...

by New Member in

Searching internal logs for heavy forwarder

I am forwarding the logs from the heavy forwarder using the outputs.conf and as a result all the internal logs have b...

by Builder in

new indexer not showing in Monitoring console

I have added a new indexer to the indexer cluster and I can see it in the Indexer clustering dashboard but I can't se...

by Builder in

splunk 500 internal server error

Hi! Recently changed the type of license in splunk, after which he began to show error 500 Previously, the splunk ...

by New Member in

How can I use Splunk to monitor network ports on servers?

I need to be able to generate an email alert when a new port is opened on a server. what is the best way to do thi...

by Path Finder in

Synchronization and repair works in SPLUNK

Hello dear friends, I wanted to know how the theme of synchronization and repair works in SPLUNK, Receiving data and ...

by New Member in

Splunk Index filesystem recommendations

Hello all! Happy new year. I have my splunk indexes going to a filesystem that is XFS with the following mount option...

by Builder in

How to resolve messages about 'File Integrity checks' for Splunk files

Getting this message "File Integrity checks found files that did not match the system-provided manifest. See splunkd....

by Splunk Employee in

File Integrity Check

Search peer has the following message: File Integrity checks found 1 files that did not match the system-provided man...

by Explorer in

where can I find when I added or deleted license?

I have some license，and maybe I added and deleted one of them some months ago。Now,I forget when I deleted it.How can ...

by New Member in

Performance implication of automatic lookups

We need to group our hosts by customer and environment. I've created a lookup for this and it's working without any p...

by Path Finder in

cpu and memory usage consumed by a splunk dashboard?

My splunk infrastructure is in Linux. Suddenly One of my Splunk dashboard consumes almost 20 mins. Earlier it used...

by Builder in

Splunk v6 client.py - suds error in binding.py

I installed Bigfix App for Splunk and all was working with Splunk v5.x, now after upgrading to Splunk v6.0.4, the cli...

by Builder in

*nix addon doesn't index CPU number

Hi, I've installed the Splunk_TA_nix addon on my indexer. It brings in the cpu statistics but only as a dump. The...

by Explorer in

How to Start or Stop splunk service using SPlunk SDK

Does someone know show to START and/or STOP splunk using Splunk SDK? Using CLI, we can do splunk stop splunk start bu...

by New Member in

piping in splunk

Hello All, Does anyone know how piping in splunk is performed. I tried to search for information on this subject ...

by Path Finder in

How do you estimate the storage sizing?

I was following the guidelines from this page on how to estimate the storage sizing as a learning excercise, but I do...

by Builder in

Using windows batch file to run search on CLI

Hi, I was trying to use window batch file to run CLI search command. The command is something like this: splu...

by Path Finder in

Daily license usage by index on Splunk Cloud

We just migrated over to Splunk Cloud and I'm trying to figure out how to view our daily license usage by index. I wa...

by Path Finder in

ログファイルを再配置した場合の挙動について

「Monitor files and directories」を使って特定のディレクトリに配置したログファイルをインデキシングしているのですが、インデキシング対象のログファイルが破損した場合の対応方法についてお聞きしたいです。 ...

by New Member in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Can no longer run searches, error messages occurring

Why is the memory usage on the SearchHead/Forwarder really high?

To monitor files stuck more than 4hrs

Why is the dispatch.finalizeRemoteTimeline causing searches to take extremely long to finish?

Are the DMC Critical System Physical Memory Usage alerts inherently slow?

What is the best way to track a specific IP address for traffic flow and when traffic fails over to another location?

Searching internal logs for heavy forwarder

new indexer not showing in Monitoring console

splunk 500 internal server error

How can I use Splunk to monitor network ports on servers?

Synchronization and repair works in SPLUNK

Splunk Index filesystem recommendations

How to resolve messages about 'File Integrity checks' for Splunk files

File Integrity Check

where can I find when I added or deleted license?

Performance implication of automatic lookups

cpu and memory usage consumed by a splunk dashboard?

Splunk v6 client.py - suds error in binding.py

*nix addon doesn't index CPU number

How to Start or Stop splunk service using SPlunk SDK

piping in splunk

How do you estimate the storage sizing?

Using windows batch file to run search on CLI

Daily license usage by index on Splunk Cloud

ログファイルを再配置した場合の挙動について

Can’t make it to .conf25? Join us online!

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions

Can’t make it to .conf25? Join us online!