Monitoring Splunk

Community Activity

All eventtypes in eventtypes.conf not found in btool search This is my local/eventtypes.conf file [juniper_sslvpn_auth] search = sourcetype=juniper_sslvpn_mag "authentication s... by jwhughes58 Contributor in Monitoring Splunk 11-04-2017 1 3	1	3
Forwarder: File monitoring, log rotation, atomicity, order and race conditions I'm trying to nail down the corner cases I need to worry about as a Splunk forwarder installation newbie. I want to f... by declanw New Member in Monitoring Splunk 11-02-2017 0 1	0	1
CPUおよびメモリの使用率が低い状態でもsplunkがクラッシュした Splunk 6.5.3をLinux上で使っていますが、頻繁にsplunkdやサーチプロセスがクラッシュするようになりました。クラッシュ前のsplunkdのCPUおよびメモリの使用率は高いとは言えないが、それでもクラッシュしています... by cwl Contributor in Monitoring Splunk 10-31-2017 0 1	0	1
Has anyone monitored couchbase logs using Splunk? Has anyone monitored couchbase logs using Splunk? http://docs.couchbase.com/couchbase-manual-2.2/#logs-and-logging ... by lpolo Motivator in Monitoring Splunk 10-31-2017 0 4	0	4
DMC - Show Health Check results for more than 100 instances Our current Splunk deployment is around 300 servers. We have all of those systems in our DMC and our able to get dat... by burras Communicator in Monitoring Splunk 10-23-2017 0 4	0	4
Error message when creating new Splunk instance: The splunk daemon (splunkd) is already running. [FAILED] Hi, I am running a splunk instance on a server under /apps/splunk-1/ at port 8980. I would like to run another insta... by jackiewkc Path Finder in Monitoring Splunk 10-23-2017 0 4	0	4
Create Splunk Storage (Disk Space) Capacity Alarm (Alert) The OS I am currently using is Redhat, i need help with the query that sends an alert if the DiskSpace goes over 70 ... by shakeel253 Explorer in Monitoring Splunk 10-18-2017 1 3	1	3
Why are the queues being filled up on one indexer? In the last day or two all the queues of one indexer got filled up. We bounced it and now on another indexer all the ... by ddrillic Ultra Champion in Monitoring Splunk 10-18-2017 1 10	1	10
How can I calculate per host CPU utilization in a report? host=test01 index="perfmon" collection="CPU" counter="% Processor Time" \| bucket _time span=15m \| stats avg(Value) as... by JyotiP Path Finder in Monitoring Splunk 10-18-2017 0 1	0	1
How do I Save Raw Log Data for Audit Purposes? If I have a regulatory requirement to store raw data for audit purposes as well as allowing the possibility of other ... by yellek Engager in Monitoring Splunk 10-13-2017 2 7	2	7
May I know how Splunk calculate license usage for Packet collections Hi All I want to know how Splunk will calculate license usages for packets collection? Currently what we are doing i... by nelson_ye New Member in Monitoring Splunk 10-13-2017 0 2	0	2
Can I limit the disk size of a Splunk instance to 300 GB within config files? I'm looking to set up a stand-alone test Splunk instance and want to limit the disk size of the instance to 300GB. ... by natalienguyen Explorer in Monitoring Splunk 10-11-2017 0 3	0	3
How to I add an indexer to the MC? We added recently indexers and all of them show up as being members of the indexer cluster. How do I add them to the ... by ddrillic Ultra Champion in Monitoring Splunk 10-11-2017 0 8	0	8
Why do we get kernel:BUG: soft lockup on the Search Head? We get the following - $ ./splunk status Message from syslogd@<host> at Oct 11 06:02:24 ... kernel:BUG: soft locku... by ddrillic Ultra Champion in Monitoring Splunk 10-11-2017 0 3	0	3
can we use semicolon instead of comma in MVZIP is it possible to use semicolon instead of comma in MVZIP?? by smolcj Builder in Monitoring Splunk 10-06-2017 0 2	0	2
Why did Crash log occur? [build 249101] 2017-08-12 20:00:03 Received fatal signal 11 (Segmentation fault). Cause: Unknown signal origin (s... by khyoung7410 Communicator in Monitoring Splunk 10-03-2017 0 2	0	2
How to turn off splunkd during certain hours I have a customer who wants to have the splunk forwarder turned off during certain critical processing time. by rholm01 Explorer in Monitoring Splunk 10-03-2017 0 4	0	4
how do I generate a diag (Splunk diagnostics file)? How do I generate a diag (Splunk diagnostic) file for splunk support? by benstraw Splunk Employee in Monitoring Splunk 10-02-2017 3 6	3	6
Why is the CPU usage showing 80-100% (falsely)? -- Search help I am trying to get CPU usage for a specific process in windows. My search looks like this: host=host1 AND sourcetype... by lbalaur Explorer in Monitoring Splunk 10-01-2017 0 6	0	6
"HttpListener - Socket error from 127.0.0.1 ... Broken pipe" splunkd.log messages since upgrading to Splunk 6.1.5 The full message is: WARN HttpListener - Socket error from 127.0.0.1 while accessing /servicesNS/-/search/admin/sum... by wrangler2x Motivator in Monitoring Splunk 09-29-2017 1 2	1	2
How to resolve error "The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch"? I have this problem: The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch. So I ca... by Federica_92 Communicator in Monitoring Splunk 09-29-2017 0 7	0	7
New Errors that did not exist last week Say I did a bunch of changes over the weekend and wanted to see a list of any new errors. Is there a way I can show... by subtrakt Contributor in Monitoring Splunk 09-25-2017 1 5	1	5
Where can I find the internal logs in the Splunk 5.0.1 file directory? Hi, I'm trying to find the var/log/splunk/ folder logs to check the errors and warning but in the older versions spl... by skuma30 New Member in Monitoring Splunk 09-18-2017 0 3	0	3
Query to setup alert if the diskspace goes over 70%? Below are the Host and Source type, I am trying to setup an alert if the diskspace goes over 70%. can some help? hos... by shakeel253 Explorer in Monitoring Splunk 09-12-2017 0 18	0	18
Measuring Splunkd Uptime Looking for a way to measure splunkd service uptime, and alert on when it's down. Not so much worried about system up... by rgilliam01 New Member in Monitoring Splunk 09-11-2017 0 2	0	2