Monitoring Splunk

Ask a Question

Discussions

Thread Info

In SPL, which one has better performance when used in search queries: "case" or "if"?

Hello In SPL which one has better performance when used in search queries: "case" or "if" ?

by Motivator in

Why am I receiving "Login Failed" message on the Splunk Mobile App after upgrading to Splunk 6.5.0?

We are using a Reverse Proxy, with 2.3 Splunk Add-on for Mobile Access After upgrading Splunk to 6.5.0, when we tr...

by Splunk Employee in

Is it possible to monitor file system /opt disk space and trigger an alert when it reached above 75 % of the total size of the file system.

Hi All, We have an requirement to monitor the disk space of the file system /opt and /splogs in all the splunk server...

by Motivator in

Why wildcard search is much slower than "where like(field, value)"?

I have two searches return the same result in my single Splunk instance environment, but there is huge performance di...

by Splunk Employee in

what is limit of cronjob schedule ?

I have one requirement where I have to schedule more than 1000 cronjobs on different time period and system will exec...

by New Member in

Health check compaitability

We are working with cloud environment with 6.4 version. Is it compatible to work with health check app? as it was men...

by Path Finder in

How to force Files & Directories Monitor to read everything?

We want Spunk to index some csv data that we put folder on the search head, and set up the Files & Directories Monito...

by Communicator in

Splunk license warnings are based on type=Usage or type=RollOverSummary?

Hi, The Splunk warnings that we see in license master - is it based on license_usage log's type=Usage or type=Roll...

by Influencer in

Performance Monitoring

Hi, I would like to know what are the queries genereally we use to pull the Performance Report which has Response ...

by Explorer in

how to monitor the services and restart the services ,we also need an alert when the service goes down

we have services going down on our splunk server instances , we just want to set up an alert when the service failure...

by Explorer in

ossec-analysisd: ERROR: read error

Hello guys, I get this error every time, someone knows how to fix it? ossec-analysisd: ERROR: read error on /queue...

by Path Finder in

Why is splunkd crashing with error "STMgr out of memory failure" at the same time every day since upgrading to Splunk 6.3.1?

Since i upgraded our Splunk to 6.3.1 we got the error "ERROR STMgr - dir='......' out of memory failure". Th...

by New Member in

Splunk index roll-out information?

Hi All, I have to build dashboard for Splunk index roll-out information From hot to Warm Warm to Cold and Cold to ...

by Contributor in

Why I get "error code 1" ?

I created a custom search command called my_formula.py. When I run the script in my command prompt, everything works ...

by Path Finder in

Splunkd crashing because of Segmentation fault

Hello, we have running Splunk Version 4.1.6 build 89596 on AIX 6.1. From time to time splunkd is crashing with Seg...

by Explorer in

What are the Database Monitoring features available in Splunk

Hello Good Day ! We have recently installed splunk and we are monitoring the DB related health after installing...

by Path Finder in

Fastest Delete Method on Large Dataset

After importing several TB of logs, we have discovered that logs were repeated in 8 days worth of our dataset. The da...

by Explorer in

Why is data duplication occuring inspite of two independent deployments for splunk?

Upon migrating the same logs to a different location and forwarding seperately from those two locations to two indepe...

by New Member in

How to combine three different source types(CPU,Memory, Network Utilization as perecentage) from same index type and get one report

Hi, I have a problem here, we have three source types named as "CPUtime", "Memory" , "Localnetwork" CPUtime source...

by New Member in

best approach to speed access to Linux performance data such as iostat vmstat and so on

We have a vast amount of performance data and I want to make better use of the data by speeding up access to make it ...

by Communicator in

how to blacklist the file which is being monitored in two different stanza for the same log

Can any one help how to blacklist a file , the file is monitored and linked in two stanzas

by Explorer in

Using volume management on _cluster indexes

I have an index cluster and am setting up volume management. I have modified SPLUNK_DB env variable to point to /data...

by Builder in

Why is the data not being filtered to another index?

I have the following configuration for filtering the data coming from X udp port data input to an index that's being ...

by Communicator in

Distributed Management Console not visible at all.

Greetings, I am currently in the Splunk 6.4 Administration class and we are working with the DMC quite a bit. I di...

by Builder in

How to list out unwanted software installed on user machine

Dear team, What is the search condition to list out, which are the software installed on user workstation. Rega...

by New Member in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

In SPL, which one has better performance when used in search queries: "case" or "if"?

Why am I receiving "Login Failed" message on the Splunk Mobile App after upgrading to Splunk 6.5.0?

Is it possible to monitor file system /opt disk space and trigger an alert when it reached above 75 % of the total size of the file system.

Why wildcard search is much slower than "where like(field, value)"?

what is limit of cronjob schedule ?

Health check compaitability

How to force Files & Directories Monitor to read everything?

Splunk license warnings are based on type=Usage or type=RollOverSummary?

Performance Monitoring

how to monitor the services and restart the services ,we also need an alert when the service goes down

ossec-analysisd: ERROR: read error

Why is splunkd crashing with error "STMgr out of memory failure" at the same time every day since upgrading to Splunk 6.3.1?

Splunk index roll-out information?

Why I get "error code 1" ?

Splunkd crashing because of Segmentation fault

What are the Database Monitoring features available in Splunk

Fastest Delete Method on Large Dataset

Why is data duplication occuring inspite of two independent deployments for splunk?

How to combine three different source types(CPU,Memory, Network Utilization as perecentage) from same index type and get one report

best approach to speed access to Linux performance data such as iostat vmstat and so on

how to blacklist the file which is being monitored in two different stanza for the same log

Using volume management on _cluster indexes

Why is the data not being filtered to another index?

Distributed Management Console not visible at all.

How to list out unwanted software installed on user machine

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

During updating Splunk OTEL we are getting an erro...