Monitoring Splunk

Community Activity

Indexing logs as event Hello all, I would like to monitor a file that is being changed every 15 minutes (unique file in the directory) and ... by danillopavan Communicator in Monitoring Splunk 12-03-2017 0 1	0	1
Is it possible to restrict certain Palo Alto traffic logs i noticed pan:traffic logs is consuming 100% of our daily allowance. I need help restricting some the logs that come... by hdenny New Member in Monitoring Splunk 11-28-2017 0 1	0	1
enabling HTTP Event Collector for docker container on splunk clustered setup We tested HTTP Event Collector for a docker container by starting the container with below, --log-driver=splunk --lo... by sim_tcr Communicator in Monitoring Splunk 11-26-2017 0 5	0	5
Not able to read windows registry using SPLUNK on local windows system I am trying to read registry on my local windows system. I have setup registry monitoring index and launch the search... by nandkumar90 New Member in Monitoring Splunk 11-21-2017 0 1	0	1
Why do we see a discrepancy between the daily licensing page and the Usage report for the past 30 days? The daily licensing page shows that we are within the 2 TB license. However, the Usage report from the Licensing page... by ddrillic Ultra Champion in Monitoring Splunk 11-20-2017 0 4	0	4
continuously monitor any local event Log windows 10 I am a data analyst interested in Security that have been reccently introduced to Splunk that I am learning on my o... by YANN84 New Member in Monitoring Splunk 11-19-2017 0 1	0	1
Is the Monitoring Console (MC) tool really worth the effort of implementing? Hello Splunk Admins, I am seeking your opinion on the worth of implementing the MC tool as a way to help monitor my ... by damonmanni Path Finder in Monitoring Splunk 11-15-2017 1 5	1	5
How to see last time index was written to. I am trying to see the last time an index was written to so we can monitor it and make sure logs are still being rece... by osmusem New Member in Monitoring Splunk 11-14-2017 0 5	0	5
In DMC, how is the Instance page populated? What is the query/rest call to create the list? by lycollicott Motivator in Monitoring Splunk 11-10-2017 0 2	0	2
Does the license master have disk usage info from all slaves (all indexes, sourcetypes, sources) to report on? I have a distributed Splunk setup. I have License Master that has around 10 slaves. All the ten are using the same li... by bkumarm Contributor in Monitoring Splunk 11-08-2017 0 9	0	9
SplunkD Causing Linux OOM Condition I have a search head running splunk 6.2.3, in a non-clustered distributed environment, which is sporadically having t... by tccooper Explorer in Monitoring Splunk 11-07-2017 3 6	3	6
How can I resolve this message: search not executed -- the minimum free disk space (2000mb) reached? search not executed the minimum free disk space (2000mb) reached? In /opt/splunk/var/run/splunk/distach --In this p... by karthi2809 Builder in Monitoring Splunk 11-06-2017 0 2	0	2
How can we get total number of users accessing the search head clusters from one instance? We have created a search head cluster where we have 3 instance which are in cluster we are looking to get the number ... by santosh12 New Member in Monitoring Splunk 11-06-2017 0 4	0	4
All eventtypes in eventtypes.conf not found in btool search This is my local/eventtypes.conf file [juniper_sslvpn_auth] search = sourcetype=juniper_sslvpn_mag "authentication s... by jwhughes58 Contributor in Monitoring Splunk 11-04-2017 1 3	1	3
Forwarder: File monitoring, log rotation, atomicity, order and race conditions I'm trying to nail down the corner cases I need to worry about as a Splunk forwarder installation newbie. I want to f... by declanw New Member in Monitoring Splunk 11-02-2017 0 1	0	1
CPUおよびメモリの使用率が低い状態でもsplunkがクラッシュした Splunk 6.5.3をLinux上で使っていますが、頻繁にsplunkdやサーチプロセスがクラッシュするようになりました。クラッシュ前のsplunkdのCPUおよびメモリの使用率は高いとは言えないが、それでもクラッシュしています... by cwl Contributor in Monitoring Splunk 10-31-2017 0 1	0	1
Has anyone monitored couchbase logs using Splunk? Has anyone monitored couchbase logs using Splunk? http://docs.couchbase.com/couchbase-manual-2.2/#logs-and-logging ... by lpolo Motivator in Monitoring Splunk 10-31-2017 0 4	0	4
DMC - Show Health Check results for more than 100 instances Our current Splunk deployment is around 300 servers. We have all of those systems in our DMC and our able to get dat... by burras Communicator in Monitoring Splunk 10-23-2017 0 4	0	4
Error message when creating new Splunk instance: The splunk daemon (splunkd) is already running. [FAILED] Hi, I am running a splunk instance on a server under /apps/splunk-1/ at port 8980. I would like to run another insta... by jackiewkc Path Finder in Monitoring Splunk 10-23-2017 0 4	0	4
Create Splunk Storage (Disk Space) Capacity Alarm (Alert) The OS I am currently using is Redhat, i need help with the query that sends an alert if the DiskSpace goes over 70 ... by shakeel253 Explorer in Monitoring Splunk 10-18-2017 1 3	1	3
Why are the queues being filled up on one indexer? In the last day or two all the queues of one indexer got filled up. We bounced it and now on another indexer all the ... by ddrillic Ultra Champion in Monitoring Splunk 10-18-2017 1 10	1	10
How can I calculate per host CPU utilization in a report? host=test01 index="perfmon" collection="CPU" counter="% Processor Time" \| bucket _time span=15m \| stats avg(Value) as... by JyotiP Path Finder in Monitoring Splunk 10-18-2017 0 1	0	1
How do I Save Raw Log Data for Audit Purposes? If I have a regulatory requirement to store raw data for audit purposes as well as allowing the possibility of other ... by yellek Engager in Monitoring Splunk 10-13-2017 2 7	2	7
May I know how Splunk calculate license usage for Packet collections Hi All I want to know how Splunk will calculate license usages for packets collection? Currently what we are doing i... by nelson_ye New Member in Monitoring Splunk 10-13-2017 0 2	0	2
Can I limit the disk size of a Splunk instance to 300 GB within config files? I'm looking to set up a stand-alone test Splunk instance and want to limit the disk size of the instance to 300GB. ... by natalienguyen Explorer in Monitoring Splunk 10-11-2017 0 3	0	3