Monitoring Splunk

Discussions

Thread Info

Error listing accelerated data models - ResponseNotReady

All, We are having an issue where one of our Splunk indexers is crashing occasionally. The error we see in the log...

by Contributor in

Splunk web throws "ResponseNotReady" error

Several times of the past few weeks we have tried to log into Splunk and have been greeted by a 500 Internal Server E...

by Splunk Employee in

Splunk 5.0.1 - Cannot "Create Dashboard Panel"

I cannot create a dashboard panel. I am using Splunk 5.0.1. After running a saved search and getting the results, I c...

by Explorer in

Monitoring lookup file, adding duplicate records - Sideview Utils The lookup Updater

Hi All, I have a lookup file which changes frequently. Currently, we are have a base csv file physically on the se...

by Revered Legend in

sh: btool: command not found

I have just installed Splunk 6.0.2 on Mac OS X 10.7.5 and am getting the following error when starting splunk: bas...

by Path Finder in

How does Splunk indexer perform on a Sparc T5 machine

Old Sparc HW, specially the T1,T2 and T4 CPUs is known to be not well suited for Splunk as it has a rather poor singl...

by Contributor in

How do I trend resource consumption of realtime (scheduled) searches?

Any suggestions on techniques (or KPIs) for trending realtime searches within a Splunk environment? I'm doing some...

by Super Champion in

Ignoring events during indexing Vs ignoring events during search

Hi, We use splunk 5.0.4. We have customers with daily log volume ranging from 10GB to 50GB. Our customers do no...

by Influencer in

received event for unconfigured/disabled/deleted index='firewall' with source='source::udp:5447' host='host::x.x.x.x' sourcetype='sourcetype::cisco:asa' (1 missing total)

Can't get this working with Splunk for Cisco ASA Set ASA 5505 to forward syslog to usp/5447 with timestamps enable...

by New Member in

How to get a good measure of load or cpu utilization in windows?

I would like to generate a plot of cpu utilization over time. I have some permon events coming in that look like ...

by Communicator in

Getting this error - then Splunkd crashes..

Error in 'databasePartitionPolicy': Failed to read 1 event(s) from rawdata in bucket '_internal~235~8AD95516-6DE5-4CC...

by Path Finder in

Best distributed search Architecture for Big amount of data per Day

Hi All, Currently we are running a stand alone Enterprise version of Splunk(500M/day) on a Windows server. Since O...

by Path Finder in

splunk clean eventdata crashes splunk.exe

I am executing the following command on a Windows Server 2012 R2 machine with Splunk 6.0.1: C:\Program Files\Splun...

by Builder in

[Splunk Log Management] Is there a performance sheet available to check on how many concurrent clients can connect to splunk server?

Need fact sheets for splunk server

by Engager in

Splunk and Cisco ASA No Event Data

Hello, I have DL'd and installed the following: Splunk App for Cisco ASA ver 1.0 Splunk for Cisco ASA Technolog...

by New Member in

getting error in splunk 4.2 reagarding indexers

hi i am getting an error in splunk as soon as i login the error is "skipped indexing of internal audit event will kee...

by Explorer in

Deployment Monitor Issue - no data in summary indexes

I just added a new Universal Forwarder to our Splunk deployment (we previously were running everything on a single se...

by Explorer in

Search Head out of disk space due to HUGE audit and _internaldb DBs

I am out of disk space on my oldest search head because of this: cd ${SPLUNK_HOME}/var/lib/splunk; du -sh ./* 2> /...

by Esteemed Legend in

How to measure memory consumed by a summary search result?

I have a summary search. I get errors. I need to know how much memory my search consumes. How do I achieve that? ...

by Path Finder in

behavior of a "*"

Hi all, I wanted to know the behavior of *. When I do index = *, does it get me all the indexes? I have the fo...

by Path Finder in

Get Updates on the Splunk Community!

Monitoring Splunk

Discussions

Error listing accelerated data models - ResponseNotReady

Splunk web throws "ResponseNotReady" error

Splunk 5.0.1 - Cannot "Create Dashboard Panel"

Monitoring lookup file, adding duplicate records - Sideview Utils The lookup Updater

sh: btool: command not found

How does Splunk indexer perform on a Sparc T5 machine

How do I trend resource consumption of realtime (scheduled) searches?

Ignoring events during indexing Vs ignoring events during search

received event for unconfigured/disabled/deleted index='firewall' with source='source::udp:5447' host='host::x.x.x.x' sourcetype='sourcetype::cisco:asa' (1 missing total)

How to get a good measure of load or cpu utilization in windows?

Getting this error - then Splunkd crashes..

Best distributed search Architecture for Big amount of data per Day

splunk clean eventdata crashes splunk.exe

[Splunk Log Management] Is there a performance sheet available to check on how many concurrent clients can connect to splunk server?

Splunk and Cisco ASA No Event Data

getting error in splunk 4.2 reagarding indexers

Deployment Monitor Issue - no data in summary indexes

Search Head out of disk space due to HUGE audit and _internaldb DBs

How to measure memory consumed by a summary search result?

behavior of a "*"

Splunk Life | Happy Pride Month!

SplunkTrust | Where Are They Now - Michael Uschmann

Admin Your Splunk Cloud, Your Way

Do we have splunk alert if ingest across indexes/s...

display first column against nth column

How to send Envoy proxy access logs on Splunk serv...

Has anyone worked on "microsoft teams rooms pro ma...

Why is httpclientpollingthread dutycycle ratio alw...