Monitoring Splunk

Thread Info

After installing Splunk 6.4.1, splunkd is consuming high CPU and memory. How do I reduce this usage?

I am new to Splunk. A week back, we have installed Splunk 6.4.1. Now we see splunkd is consuming high CPU and memo...

by New Member in

Can you please recommend a Splunk friendly FIM monitoring solution for Windows?

All, Can you recommend a simple/cheap/Splunk friendly FIM for Windows systems? Ideally something with an app read...

by Builder in

How to integrate CA APM data to Splunk?

Hi Team, We have a CA APM plaform where all the servers performance metrics are stored. So now I have to pull this pe...

by New Member in

SSL Letsencrypt for Splunk on Ubuntu

Hi there, I have started my own Ubuntu 16.04 server and installed Splunk. This goes smoothly. Also I have added...

by Explorer in

whats does index=_audit contain?

Im trying to understand what does - all the field value pairs under _audit index refer to , but not able to find the ...

by Communicator in

Best practice to monitor an application

I have an application which consists of (all running on one server as a test) The app running as an exe webserver ...

by Path Finder in

Will asterisks in the value of a field be treated as wild cards and affect automatic lookup performance?

I have a field in one of my datasets labelled user. We perform automatic lookups globally based on the field user to ...

by Path Finder in

Can the btool command show local.meta files?

The btool command displays the conf files in Splunk's UI without having to go into the file system. Since the local.m...

by Builder in

What is the process "splunkd instrument-resource-usage -p 8089 --with-kvstore" doing?

Hi , Our splunk servers has high CPU usage problem after upgrading to Splunk v6.5 It could related to my previ...

by Path Finder in

How to properly setup splunkforwarder in CentOS 6.8

Hi, I'm trying to setup splunkforwarder in a new Linux server (CentOS 6.8), but every time I try to run splunkd, I ge...

by New Member in

need a little help converting tcp_KBps to tcp_GB/day

I am searching the _internal index to find out how much data a universal forward is sending per day. Here is my co...

by Contributor in

Dropdown/multiselect input: maximum number of choice items (performance)

We are populating Simple XML input elements of types dropdown and multiselect from searches. In some cases the number...

by Builder in

What UNIX OS and which filesystem do you recommend?

Hi, Both XFS and EXT4 filesystems are supported, the most of Linux distributtions are supported.. but I wonder if ...

by Communicator in

Splunk Performance Problems in Dashboard

Hi everyone, I'm new to Splunk and I developed a Dashboard which has 19 panels, the Dashboard it's done using post-pr...

by New Member in

Would I be able to learn Splunk architecture by looking at various _internal log files?

Hi, I have been given a fully built Splunk (Enterprise) environment. I was not given the architecture/any docs rel...

by Path Finder in

ERROR TcpOutputProc - LightWeightForwarder/UniversalForwarder not configured. Please configure outputs.conf.

Hello my splunkd.log shows the the following error ERROR TcpOutputProc - LightWeightForwarder/UniversalForwarder ...

by Path Finder in

How to resolve error: Instance name used by peer is already in use on Splunk Indexer+Search Head

Hi, I am trying a Splunk POC on my personal machine with the following setup, ARCHITECTURE DIAGRAM attached ...

by Path Finder in

Splunk for monitoring the CA Siteminder.

Was any using the splunk for the ca siteminder log monitoring. can anyone give some idea on developing the dashboards...

by Path Finder in

cmd splunkd clean-dispatch error

Hi guys, on our job server we have a crontab that move search from dispatch directory to another directory. Source di...

by Communicator in

Splunk management console renamed to splunk monitoring console in 6.5.2 causing issues

Hi, So I did an upgrade on my Splunk environment from version 6.3.1 to 6.5.2. Everything went smoothly except one...

by New Member in

How do I tell Splunk to use more CPU cores?

I have Splunk 6 Enterprise installed on a system with 2x 10-core 3GHz Xeons, 128GB RAM and a 6x SSD RAID-10. When I r...

by Path Finder in

How to resolve the socket error I am getting when I try to start Splunk from Bash(Linux Virtual Machine running on Windows 10)

Hi, Server/VM Used: Linux VM ver3.4.0+ (via Bash utility running on windows 10) I am installing a universal for...

by Path Finder in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

After installing Splunk 6.4.1, splunkd is consuming high CPU and memory. How do I reduce this usage?

Can you please recommend a Splunk friendly FIM monitoring solution for Windows?

How to integrate CA APM data to Splunk?

SSL Letsencrypt for Splunk on Ubuntu

whats does index=_audit contain?

Best practice to monitor an application

Will asterisks in the value of a field be treated as wild cards and affect automatic lookup performance?

Can the btool command show local.meta files?

What is the process "splunkd instrument-resource-usage -p 8089 --with-kvstore" doing?

How to properly setup splunkforwarder in CentOS 6.8

need a little help converting tcp_KBps to tcp_GB/day

Dropdown/multiselect input: maximum number of choice items (performance)

What UNIX OS and which filesystem do you recommend?

Splunk Performance Problems in Dashboard

Would I be able to learn Splunk architecture by looking at various _internal log files?

ERROR TcpOutputProc - LightWeightForwarder/UniversalForwarder not configured. Please configure outputs.conf.

How to resolve error: Instance name used by peer is already in use on Splunk Indexer+Search Head

Splunk for monitoring the CA Siteminder.

cmd splunkd clean-dispatch error

Splunk management console renamed to splunk monitoring console in 6.5.2 causing issues

How do I tell Splunk to use more CPU cores?

How to resolve the socket error I am getting when I try to start Splunk from Bash(Linux Virtual Machine running on Windows 10)

Can I change the path of the dispatch directory?

Is there a better way to audit data from vSphere tasks and events?

Duplicate events at the same time

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

Get Schooled with Splunk Education: Explore Our Latest Courses

Splunk AI Assistant for SPL | Key Use Cases to Unlock the Power of SPL

'System health and performance' and 'UEBA' in Splu...

S2S protocols, enableOldS2SProtocol (oldest protoc...

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra