Monitoring Splunk

Discussions

Thread Info

Heavy query

Hi, I have a problem with this query executed on 3 months index="app" host="sl0920*" source="/home/java/jboss-...

by New Member in

How can we audit Hunk's users?

We would like to audit the Hunk's users. Meaning, which users use the system, when, how much... we are on Hunk versio...

by Ultra Champion in

Using Splunk as a monitoring tool

Hello We currently run an on-prem application with the following tiers; Client - App servers - Database servers...

by New Member in

Splunk searches are becoming very slow

I'm running Splunk 6.2, with the setup of 1 Search Head and 3 Indexers. the users have been complaining for a while f...

by New Member in

How to monitor my script output file automatically every one hour

I have a script containing ip and value. Sh basic.sh>>sample.out Know to get the logs i need to add this sample.out f...

by Explorer in

Forwarding search head logs to indexer

Hi. I have been trying to forward my search head logs to the indexer as it is a best practice. In order to do so, I t...

by Path Finder in

ERROR StreamedSearch File name too long

Hello, We are running 4.2.5-113966. Scanning splunkd.log, I see we are getting LOTS of errors (~2600 yesterday)...

by Path Finder in

Quick and Dirty Keyword Search

I know that this can be done with a lookup, but I was wondering if there was a quick and dirty way to search through ...

by Path Finder in

Splunk Universal Forwarder monitoring

Hi Team, Is there anyway we can trigger the alert from Splunk, if any one of it's Universal forwarder is not in ru...

by Path Finder in

How to query Indexers for CPU/Mem/License information?

Hi, I am trying to build a glass table which would list each indexer and current parameters associated with it. e....

by Builder in

Why am I seeing repeated LMDirective warnings in the splunkd.log and how to troubleshoot this?

Noticing a number of warnings relating to LMDirective, not sure what these are related to and how to remedy. Here's s...

by Contributor in

After installing Splunk 6.4.1, splunkd is consuming high CPU and memory. How do I reduce this usage?

I am new to Splunk. A week back, we have installed Splunk 6.4.1. Now we see splunkd is consuming high CPU and memo...

by New Member in

Can you please recommend a Splunk friendly FIM monitoring solution for Windows?

All, Can you recommend a simple/cheap/Splunk friendly FIM for Windows systems? Ideally something with an app read...

by Builder in

How to integrate CA APM data to Splunk?

Hi Team, We have a CA APM plaform where all the servers performance metrics are stored. So now I have to pull this pe...

by New Member in

SSL Letsencrypt for Splunk on Ubuntu

Hi there, I have started my own Ubuntu 16.04 server and installed Splunk. This goes smoothly. Also I have added...

by Explorer in

whats does index=_audit contain?

Im trying to understand what does - all the field value pairs under _audit index refer to , but not able to find the ...

by Communicator in

Best practice to monitor an application

I have an application which consists of (all running on one server as a test) The app running as an exe webserver ...

by Path Finder in

Will asterisks in the value of a field be treated as wild cards and affect automatic lookup performance?

I have a field in one of my datasets labelled user. We perform automatic lookups globally based on the field user to ...

by Path Finder in

Can the btool command show local.meta files?

The btool command displays the conf files in Splunk's UI without having to go into the file system. Since the local.m...

by Builder in

What is the process "splunkd instrument-resource-usage -p 8089 --with-kvstore" doing?

Hi , Our splunk servers has high CPU usage problem after upgrading to Splunk v6.5 It could related to my previ...

by Path Finder in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Heavy query

How can we audit Hunk's users?

Using Splunk as a monitoring tool

Splunk searches are becoming very slow

How to monitor my script output file automatically every one hour

Forwarding search head logs to indexer

ERROR StreamedSearch File name too long

Quick and Dirty Keyword Search

Splunk Universal Forwarder monitoring

How to query Indexers for CPU/Mem/License information?

Why am I seeing repeated LMDirective warnings in the splunkd.log and how to troubleshoot this?

After installing Splunk 6.4.1, splunkd is consuming high CPU and memory. How do I reduce this usage?

Can you please recommend a Splunk friendly FIM monitoring solution for Windows?

How to integrate CA APM data to Splunk?

SSL Letsencrypt for Splunk on Ubuntu

whats does index=_audit contain?

Best practice to monitor an application

Will asterisks in the value of a field be treated as wild cards and affect automatic lookup performance?

Can the btool command show local.meta files?

What is the process "splunkd instrument-resource-usage -p 8089 --with-kvstore" doing?

Using Machine Learning for Hunting Security Threats

Observability Newsletter Highlights | March 2023

Security Newsletter Updates | March 2023

Splunk alert for multiple time?

What does it mean searchparsetmp in the StreamedSe...

TrackMe - insert hosts into trackme_host_monitorin...

Are there any sample logs for SalesForce and Cisco...

How important are the TCPOutAutoLB Health Warnings...