Monitoring Splunk

Community Activity

What does "Ignoring path due to: Could not checksum file" mean? In the splunkd.log file on my Light Forwarder server I have been seeing these errors for all the DHCP log files that ... by williamche Path Finder in Monitoring Splunk 08-26-2013 1 8	1	8
CPU alert when it exceeds a threshold index=os host=* sourcetype=cpu \| lookup chipotl fqdn as host \| search application_name="New Apps*" AND physical_envi... by sunilsk1 Path Finder in Monitoring Splunk 08-25-2013 0 5	0	5
DB Connect - OutOfMemoryError for db input Hi, I am experiencing an OutOfMemory Error for a specific Oracle DB input. It is one of three dbmon-tail inputs conf... by flle Path Finder in Monitoring Splunk 08-22-2013 0 6	0	6
Performance issue with large number of sources - even after cleaning the index Hi, this is a tricky question about the internals of Splunk. We had an issue with our installation: basically a sin... by grundsch Communicator in Monitoring Splunk 08-22-2013 0 7	0	7
Scaling out splunk environment Hi! I would like to ask question for the scale-out process for splunk. I am considering to build the splunk on sing... by yuwtennis Communicator in Monitoring Splunk 08-21-2013 0 1	0	1
Splunkbaseに画像をUploadする方法スクリーンショットをUploadするにはどうすればいいですか？＊自己回答です。以下のボタンをおして、画像を選択してもうまくUploadされない場合がありますが、 Uploadする画像を選択すると、自動的にURLのテキストボックス... by melonman Motivator in Monitoring Splunk 08-20-2013 0 2	0	2
500 -Splunk Daemon is not responding: I am getting this error when I load some of my dashboards: 500 -Splunk Daemon is not responding:([Errno 73] Connecti... by kmaynard616 Engager in Monitoring Splunk 08-17-2013 0 2	0	2
forward _internal index from deployment server Hi, I have the following outputs.conf set in deployment server but the _internal index doesn't seem to be forwarded t... by ch_goh Explorer in Monitoring Splunk 08-14-2013 0 3	0	3
An error occurred while rendering the page template. See web_service.log for more details Hi there, When i did splunk start, everything goes well. There was no error. but when i try to go to the url in my b... by lionel319 Explorer in Monitoring Splunk 08-12-2013 0 2	0	2
use field value to extract new field Hello, is possible to use field value to extract new field with splunk. for example i have a field Message whon cont... by ambemou New Member in Monitoring Splunk 08-09-2013 0 3	0	3
Which 'should' perform better? Multiple smaller searches time frames or single large search time frames I have a search performance issue that i'm running into with larger time frame searches in which the time taken is no... by Lucas_K Motivator in Monitoring Splunk 08-08-2013 0 4	0	4
Crash logs galore :( Trying to figure out what these crash logs mean, I get some every minute, sometimes multiple times: [build 149561] ... by jonathan_cooper Communicator in Monitoring Splunk 08-07-2013 1 5	1	5
restart_splunkd showing up in audit.log every minute -- I am not restarting Splunk every minute. I'm seeing the following entry every minute in audit.log: Audit:[timestamp=08-05-2013 18:10:09.376, user=admin, acti... by the_wolverine Champion in Monitoring Splunk 08-05-2013 0 1	0	1
"df" ave(used) not giving consistent results I have this search to find disk space use over time; `index="os" sourcetype="df" host=All_My_Servers \| multikv field... by hartfoml Motivator in Monitoring Splunk 08-05-2013 0 3	0	3
Knowledge Bundle Cache? I had two large apps causing my knowledge bundle to time out. I deleted both app folders in etc apps and in etc user ... by Strype Path Finder in Monitoring Splunk 08-01-2013 0 4	0	4
Running Splunk on a VM - CPU contention Let me preface this question by stating that we currently do not have any major performance issues at this time. Ou... by Branden Builder in Monitoring Splunk 08-01-2013 1 6	1	6
Saved search performance question We have around 80 saved searches that run per minute on our search head. Each night we see the search dispatch times... by mookiie2005 Communicator in Monitoring Splunk 07-31-2013 1 12	1	12
Multiple SearchHeads (one per DC) – How to take advantage of report acceleration data? Hi, hoping this is a basic question, the lead-in is long, however the questions are brief. We have Multiple Data-Cen... by t9445 Path Finder in Monitoring Splunk 07-31-2013 0 2	0	2
How does Splunk choose events to scan? How does Splunk determine which events to scan in order to find results? For example, say I run a query to find a pa... by danielrusso1 Path Finder in Monitoring Splunk 07-30-2013 0 3	0	3
How can I set a custom splunk banner/warning? I'd like to set a custom banner to notify users of outages, for example, a single indexer is down and OPS is working ... by the_wolverine Champion in Monitoring Splunk 07-30-2013 2 2	2	2
How to open the .tsidx file I seen several file is shown .tsidx under the C:\Program Files\Splunk folder. I want to know how to open that file. by muthukrishnan New Member in Monitoring Splunk 07-25-2013 0 5	0	5
Splunk DB Connect jbridge failing We had a working installation of the Splunk DB Connect app until Friday. While no changes were made to the configura... by aholzer Motivator in Monitoring Splunk 07-25-2013 2 11	2	11
Role "restrict search terms" Performance Issue Hi Everyone, Looks for a few best practices or suggestions. I have installed search term restrictions based on a use... by behymejt2012 Path Finder in Monitoring Splunk 07-25-2013 1 2	1	2
URL Monitoring using Webmon I am trying splunk and wanted to see the URL monitoring using Webmon. I have installed Webmon and added the following... by binuj Explorer in Monitoring Splunk 07-21-2013 2 17	2	17
Deployment monitor causing "maximum historical concurrent searches" warning? I started seeing the following message at the top of the Splunk Web page after installing the Deployment Monitor app.... by Lowell Super Champion in Monitoring Splunk 07-18-2013 4 1	4	1