Monitoring Splunk

Discussions

Thread Info

How to fsck scan thaweddb folder?

According to official Troubleshooting documentation fscan command has "--thawed" switch in splunk 6.5.1 version also....

by Explorer in

SplunkWeb and Splunkd monitoring

We have an APM called AppDynamics for applicatino peromance monitoring. In 6.3 Splunk I found Splunkd and SplunkWe...

by Path Finder in

How can I monitor workstation Event Viewer logs?

Is it possible to ingest individual workstation Event Viewer logs to Splunk? Is installing a UF on each workstation t...

by Path Finder in

Splunk Technical Support 6.4.1

Hi Any idea about Splunk Technical support team to guide us on technical issue apart from Splunk answer forum? ...

by Explorer in

Why is the frozenTimePeriodInSecs setting only executed once after restart?

I am testing the frozenTimePeriodInSecs setting, so I have edited my /opt/splunk/etc/system/local/indexes.conf and ad...

by Explorer in

AMD vs Intel

So, we're looking at building out our Splunk infrastructure. We can choose between Intel 8 Core 2.7 Ghz Xeons (20 MB ...

by Builder in

(Troubleshooting) Indexer became unresponsive today; rebooting server fixed it. A number of splunkd processes are dying and starting back up, is this normal behavior?

One of the six indexers we have were unresponsive today. I couldn't login through the web interface and ssh'ing to th...

by Communicator in

Splunkd daemon is not responding: ('The read operation timed out',)

So I'm trying to search something and I keep getting the "Splunkd daemon is not responding: ('The read operation time...

by Path Finder in

I need to monitor 5 Servers and 3 of them have same log path, can any one please help me how can i frame the inputs.conf for these 5 servers

I was trying to create an inputs.conf for an application which has 5 servers , what way can be followed to construct ...

by New Member in

Why am I unable to retrieve data prior to the date our archive directory disk was filled?

I am running searches on a Splunk server and am unable to retrieve data prior to the date our disk filled. I correcte...

by Explorer in

Is there a performance impact by using Dedup command in SPL Queries?

Hi, I'm using dedup command in almost all my search queries. Does it have any impact on performance? If yes, what'...

by Explorer in

Why is my Splunkd connection refused after logging in?

I can start Splunk without any errors: Checking http port [MY_IP_ADDRESS:8000]: open Checking mgmt port [MY_IP_ADD...

by Engager in

How to import CPU load from Check Point logs?

Hi all, we're trying to import archive logs from checkpoint (gaia). In one archive it includes many hardware params. ...

by Engager in

How to monitor CPU utilization using splunk

Hi, I want to get information about CPU utilization by splunk server.Is there any query for this or i need to writ...

by Communicator in

Is it possible to configure HTTP Event Collector for faster response time per request?

I wrote a simple test to push logs to Splunk through the Http Event Collector, directly using .NET webclient. The cod...

by Path Finder in

Why is a REST call so slow

Just saw an environment where it was taking 15 seconds to run | rest /services/search/jobs splunk_server=local while ...

by Splunk Employee in

Query Mountpoint monitoring via splunk

Hi All Can you please let me know if we can monitor mount point via splunk , if yes please let me know what change...

by Path Finder in

waterfall saved search

Hi all! I've got problem. It's a bit complex to explain, but I hope I'll be as clear as possible. First I want to...

by Path Finder in

Real time file on linux that we can monitor for Splunk

Can anyone tell me in which file we can monitor real time data for Splunk on Linux?

by Explorer in

Does Splunk create events when the audit logs are stopped or paused?

I am currently in the middle of a PCI audit and 10.2.6 a is asking to verify if the logs report when they have stoppe...

by New Member in

In SPL, which one has better performance when used in search queries: "case" or "if"?

Hello In SPL which one has better performance when used in search queries: "case" or "if" ?

by Motivator in

Why am I receiving "Login Failed" message on the Splunk Mobile App after upgrading to Splunk 6.5.0?

We are using a Reverse Proxy, with 2.3 Splunk Add-on for Mobile Access After upgrading Splunk to 6.5.0, when we tr...

by Splunk Employee in

Is it possible to monitor file system /opt disk space and trigger an alert when it reached above 75 % of the total size of the file system.

Hi All, We have an requirement to monitor the disk space of the file system /opt and /splogs in all the splunk server...

by Motivator in

Why wildcard search is much slower than "where like(field, value)"?

I have two searches return the same result in my single Splunk instance environment, but there is huge performance di...

by Splunk Employee in

what is limit of cronjob schedule ?

I have one requirement where I have to schedule more than 1000 cronjobs on different time period and system will exec...

by New Member in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

How to fsck scan thaweddb folder?

SplunkWeb and Splunkd monitoring

How can I monitor workstation Event Viewer logs?

Splunk Technical Support 6.4.1

Why is the frozenTimePeriodInSecs setting only executed once after restart?

AMD vs Intel

(Troubleshooting) Indexer became unresponsive today; rebooting server fixed it. A number of splunkd processes are dying and starting back up, is this normal behavior?

Splunkd daemon is not responding: ('The read operation timed out',)

I need to monitor 5 Servers and 3 of them have same log path, can any one please help me how can i frame the inputs.conf for these 5 servers

Why am I unable to retrieve data prior to the date our archive directory disk was filled?

Is there a performance impact by using Dedup command in SPL Queries?

Why is my Splunkd connection refused after logging in?

How to import CPU load from Check Point logs?

How to monitor CPU utilization using splunk

Is it possible to configure HTTP Event Collector for faster response time per request?

Why is a REST call so slow

Query Mountpoint monitoring via splunk

waterfall saved search

Real time file on linux that we can monitor for Splunk

Does Splunk create events when the audit logs are stopped or paused?

In SPL, which one has better performance when used in search queries: "case" or "if"?

Why am I receiving "Login Failed" message on the Splunk Mobile App after upgrading to Splunk 6.5.0?

Is it possible to monitor file system /opt disk space and trigger an alert when it reached above 75 % of the total size of the file system.

Why wildcard search is much slower than "where like(field, value)"?

what is limit of cronjob schedule ?

Developer Spotlight with Paul Stout

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

Data-Driven Success: Splunk & Financial Services

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Logging of Restart Trigger