Monitoring Splunk

Community Activity

Why is Splunk is crashing on my AIX system and getting "bad allocation" errors in the splunkd.log? I just installed splunk on my AIX system and am seeing lots of crashes in the main tailing thread. Additionally I se... by kserra_splunk Splunk Employee in Monitoring Splunk 04-06-2016 3 2	3	2
Splunk 6.2 Deployment Monitor repeatedly sends "forwarder missing" alert emails Immediately after upgrading from 6.0 to 6.2 Indexer, we get "missing forwarder" alerts from Deployment Monitor with ... by droth333 Explorer in Monitoring Splunk 04-01-2016 1 2	1	2
Choropleth: Failed to memory map index files Hi splunkers! While trying to add KMZ file to use awesome choropleth map with my country I got this error: Failed to ... by iKate Builder in Monitoring Splunk 03-30-2016 1 2	1	2
What does "removed from queue file" mean? In splunkd.log I see a few lines like: BatchReader - Removed from queue file=... It's not a warning or an error, b... by suhprano Path Finder in Monitoring Splunk 03-28-2016 2 2	2	2
Difference between splunkd -p 8089 restart or splunkd -p 8089 start When I do top -c1 on the indexers/Heavy Forwarders, splunkd process is running as follows splunkd -p 8089 restart ... by rcreddy06 Path Finder in Monitoring Splunk 03-21-2016 1 1	1	1
How do I tell if an indexer is in maintenance mode? On the CLI of a clustered indexer, what a command I can run (or perhaps a search, if REST needs to be hit) that will ... by Jason Motivator in Monitoring Splunk 03-20-2016 0 3	0	3
Monitor Concurrent Searches Every once in a while, we will get this message, and I understand it. I would like to run a periodic search, add i... by aferone Builder in Monitoring Splunk 03-18-2016 0 1	0	1
How to Monitor CPU usage I want to see my cpu usage statistics, i tried using search "host="CARDS_QA_" (sourcetype=cpu OR source=WMI:CPUTime)"... by vamsi92 Explorer in Monitoring Splunk 03-17-2016 0 5	0	5
Monitor That Windows 7 is listening on a specified port I need to monitor that an application is active on a Windows 7 machine. The application listens on port 80. If the... by scamarda New Member in Monitoring Splunk 03-14-2016 0 1	0	1
Why am I not getting introspection data for these indexers? I have several indexers in my cluster that are not producing introspection data, despite being identically configured... by dwaddle SplunkTrust in Monitoring Splunk 03-14-2016 4 1	4	1
Advantage of Splunk DBConnect over general database monitoring tools I am using Splunk for the last few months, Recently have installed the DBConnect App and also able to connect Oracle ... by pradiptam Explorer in Monitoring Splunk 03-14-2016 1 2	1	2
How can we monitor DHCP scope usage through Splunk It is possible to monitor DHCP scopes usage by Splunk Enterprise. Can we try DHCP scopes usage monitoring with splunk... by drivesmart New Member in Monitoring Splunk 03-13-2016 0 1	0	1
how can i get the line count(records) of a file without reading the complete file I need to get the records count only from a file , so is there a way without reading/indexing the complete file ? by prakashbhanu407 New Member in Monitoring Splunk 03-11-2016 0 2	0	2
What is the performance impact of reducing maxTotalDataSizeMB? Hi, I plan to reduce the maxTotalDataSizeMB of several indices and would like to know the impact on performance of ... by emontano New Member in Monitoring Splunk 03-11-2016 0 2	0	2
UTF8Processor warning message Hi there, I have CHARSET = UTF-16LE enforced in props.conf for all universal forwarders. For UniForwarder -> Index... by ollie920049 Path Finder in Monitoring Splunk 03-11-2016 1 1	1	1
Splunkd - which language? All, In the 'Splunk Infrastructure Overview' course, it shows that Splunkd is written in C/C++. Is it right? Rega... by ddrillic Ultra Champion in Monitoring Splunk 03-07-2016 0 2	0	2
What is a simple way to clear some space if I'm running out of disk space allocated for indexes? The indexes almost consumed the entire terabyte of space allocated for them. What would be a simple way to clear some... by ddrillic Ultra Champion in Monitoring Splunk 03-03-2016 0 4	0	4
Optiv Threat Intel: How to troubleshoot why there is no data populating in the app in a search head cluster? I installed the Optiv Threat Intel app on a search head cluster, but data is not populating. Additionally, I added t... by jroark New Member in Monitoring Splunk 03-01-2016 0 8	0	8
What is the max value I can set for max_mem_usage_mb based on our system configuration? We have Splunk 6.1.5 search head systems with large amount of memory (128 GB) and 20 cores. The expected daily log v... by paramagurukarth Builder in Monitoring Splunk 02-29-2016 0 2	0	2
Is there an alternative to fieldsummary to show field names for an index? Hi, My search looks like: mysearch....[ index=adc\| fieldsummary \| fields field] Is there a command to display th... by dkeck Influencer in Monitoring Splunk 02-19-2016 2 6	2	6
DMC Alert - Critical System Physical Memory Usage Hi, I am getting physical memory usage alert from my main Splunk server for the server itself where it is installed ... by sunnyparmar Communicator in Monitoring Splunk 02-19-2016 0 7	0	7
High performance extensible logging (HPEL) Does Splunk support reading HPEL files. And if not, what is the time frame to do so. Thanks, CAM by cam2100 Engager in Monitoring Splunk 02-17-2016 1 1	1	1
What is the best practice performance-wise to get data in using C#? Hi, My application is written in C#. I see there are a few ways for getting data in: C# SDK (as per submit example)... by paulwrussell Explorer in Monitoring Splunk 02-15-2016 0 7	0	7
Monitoring 15% drop in logins with delta Hi bit of background, I am trying to monitor a 15% drop in logins using the delta command at the moment over Last 15m... by hornettj New Member in Monitoring Splunk 02-14-2016 0 2	0	2
Forwarder and indexer communication through port 8089 ? Hi All, Whether port 8089 should be opened bi-directional or uni-directional between forwarder and indexer ? In our ... by pgadhari Builder in Monitoring Splunk 02-12-2016 0 2	0	2