Monitoring Splunk

Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Community Activity
drivesmart

How can we monitor DHCP scope usage through Splunk

It is possible to monitor DHCP scopes usage by Splunk Enterprise. Can we try DHCP scopes usage monitoring with splunk...
by drivesmart New Member in Monitoring Splunk 03-13-2016
0 1
0
1
prakashbhanu407

how can i get the line count(records) of a file without reading the complete file

I need to get the records count only from a file , so is there a way without reading/indexing the complete file ?
by prakashbhanu407 New Member in Monitoring Splunk 03-11-2016
0 2
0
2
emontano

What is the performance impact of reducing maxTotalDataSizeMB?

Hi, I plan to reduce the maxTotalDataSizeMB of several indices and would like to know the impact on performance of ...
by emontano New Member in Monitoring Splunk 03-11-2016
0 2
0
2
ollie920049

UTF8Processor warning message

Hi there, I have CHARSET = UTF-16LE enforced in props.conf for all universal forwarders. For UniForwarder -> Index...
by ollie920049 Path Finder in Monitoring Splunk 03-11-2016
1 1
1
1
ddrillic

Splunkd - which language?

All, In the 'Splunk Infrastructure Overview' course, it shows that Splunkd is written in C/C++. Is it right? Rega...
by ddrillic Ultra Champion in Monitoring Splunk 03-07-2016
0 2
0
2
ddrillic

What is a simple way to clear some space if I'm running out of disk space allocated for indexes?

The indexes almost consumed the entire terabyte of space allocated for them. What would be a simple way to clear some...
by ddrillic Ultra Champion in Monitoring Splunk 03-03-2016
0 4
0
4
jroark

Optiv Threat Intel: How to troubleshoot why there is no data populating in the app in a search head cluster?

I installed the Optiv Threat Intel app on a search head cluster, but data is not populating. Additionally, I added t...
by jroark New Member in Monitoring Splunk 03-01-2016
0 8
0
8
paramagurukarth

What is the max value I can set for max_mem_usage_mb based on our system configuration?

We have Splunk 6.1.5 search head systems with large amount of memory (128 GB) and 20 cores. The expected daily log v...
by paramagurukarth Builder in Monitoring Splunk 02-29-2016
0 2
0
2
dkeck

Is there an alternative to fieldsummary to show field names for an index?

Hi, My search looks like: mysearch....[ index=adc| fieldsummary | fields field] Is there a command to display th...
by dkeck Influencer in Monitoring Splunk 02-19-2016
2 6
2
6
sunnyparmar

DMC Alert - Critical System Physical Memory Usage

Hi, I am getting physical memory usage alert from my main Splunk server for the server itself where it is installed ...
by sunnyparmar Communicator in Monitoring Splunk 02-19-2016
0 7
0
7
cam2100

High performance extensible logging (HPEL)

Does Splunk support reading HPEL files. And if not, what is the time frame to do so. Thanks, CAM
by cam2100 Engager in Monitoring Splunk 02-17-2016
1 1
1
1
paulwrussell

What is the best practice performance-wise to get data in using C#?

Hi, My application is written in C#. I see there are a few ways for getting data in: C# SDK (as per submit example)...
by paulwrussell Explorer in Monitoring Splunk 02-15-2016
0 7
0
7
hornettj

Monitoring 15% drop in logins with delta

Hi bit of background, I am trying to monitor a 15% drop in logins using the delta command at the moment over Last 15m...
by hornettj New Member in Monitoring Splunk 02-14-2016
0 2
0
2
pgadhari

Forwarder and indexer communication through port 8089 ?

Hi All, Whether port 8089 should be opened bi-directional or uni-directional between forwarder and indexer ? In our ...
by pgadhari Builder in Monitoring Splunk 02-12-2016
0 2
0
2
hkaiser

HTTP Client Timeout

Hello, during evaluation of Splunk I created a new data model, called NG_Events. A report has been scheduled every 1...
by hkaiser Path Finder in Monitoring Splunk 02-01-2016
0 3
0
3
coleman07

How to increase the number of internal logs retained on local server

I want to keep more than 5 copies of eventgen.log. The log file is located in /opt/splunk/var/log/splunk, but is not ...
by coleman07 Path Finder in Monitoring Splunk 01-30-2016
0 1
0
1
rck

How do I compare last week's and the current week's data for page loaded time to see Splunk Web performance?

How can I compare the t_done event in Splunk Web performance for last week's data and current data?
by rck New Member in Monitoring Splunk 01-27-2016
0 2
0
2
chris

Are older indexer servers slowing down overall search performance?

Hi, we recently installed new indexer servers to help the existing indexer servers that were under heavy load. The n...
by chris Motivator in Monitoring Splunk 01-27-2016
0 5
0
5
preben12

splunkd crash

Splunkd has crashed a couple of times now. The only thing I see in splunkd.log is some log WARNS eg. 12-09-2013 07:...
by preben12 Communicator in Monitoring Splunk 01-26-2016
0 6
0
6
twinspop

In introspection data, what does data.normalized_pct_cpu represent exactly? How does it relate to data.pct_cpu? data.elapsed?

For any one search id, there are many, sometimes hundreds, of log entries in introspection. Not all of these have CPU...
by twinspop Influencer in Monitoring Splunk 01-22-2016
0 1
0
1
mataharry

Splunk will not start and is waiting for config lock

My Splunk instance crashed and it won't restart with this error in splunkd.log: 01-30-2013 18:29:05.094 +0000 WARN l...
by mataharry Communicator in Monitoring Splunk 01-20-2016
8 8
8
8
hagjos43

Any reason why Btool might be continuously logging in DEBUG mode?

One of my windows indexers is constantly writing to the btool log in DEBUG mode. I didn't build this environment, but...
by hagjos43 Contributor in Monitoring Splunk 01-20-2016
0 4
0
4
gfreitas

Why are special characters in Splunk Mobile showing as "/Xn" and how do I fix this?

Hi, I'm using Splunk Mobile to connect from an iPad to my Splunk server and it's working properly. There are some pa...
by gfreitas Builder in Monitoring Splunk 01-15-2016
1 2
1
2
jrubio1

Are there maintenance steps or best practices around managing the size of the defaultdb folder?

Hello everyone, I'm fairly new to Splunk and currently have the issue where the Splunk server is above 93% disk util...
by jrubio1 New Member in Monitoring Splunk 01-13-2016
0 1
0
1
mgaraventa_splu

The minimum free disk space (5000MB) reached for /opt/splunk/var/run/splunk/dispatch

On our cluster master server, we saw the following message: The minimum free disk space (5000MB) reached for /opt/s...
by mgaraventa_splu Splunk Employee Splunk Employee in Monitoring Splunk 01-13-2016
6 2
6
2
Get Updates on the Splunk Community!

SOK it to Me: Top 3 Benefits of Using Splunk Operator on Kubernetes that’ll Make ...

    Thursday, July 9, 2026  |  11:00AM–12:00PM PDT Duration: 1 hour (includes Q&A) Managing can feel like a ...

Upgrade Prep for 10.4, Network Observability Deep Dives, and More from Splunk Lantern

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...

Splunk Developer Day announcements: AI agents, MCP tools, Forecasting, and Custom ...

Splunk Developer Day was packed with product and platform updates for developers building in the AI ...