Monitoring Splunk

Thread Info

How to configure Field Perf Benchmark App

What actually needs to be configured within Perf Test's tasks.conf file. Also do the following global values need ...

by Path Finder in

How to use ‘Field Perf Benchmark’ App

I just installed the ‘Field Perf Benchmark’ and I always have a ‘No results found’ in each pan of the App. When I ...

by Engager in

btool relocation error

I get following error when trying to execute btool root@usmaster: # btool Warning: program compiled against libxml...

by Contributor in

Monitoring a file in windows forwarder on Splunk instance on Linux

Hi, I have a Windows server 2003 which forwards data to Splunk instance on a Linux box. I want the file c:\Program Fi...

by New Member in

Strange behavior when searching on large events

I'm running Splunk 4.1.6 (89596) 64-bit on Windows 7. I'm using Chrome as my browser. If I search on a sourcetype ...

by Communicator in

Error updating saved search dhcpd_alert_new_mac_address_15m

I'm trying to make this search not email out (to example.com) so I've gone into the searches and reports and have unt...

by Explorer in

How do I configure Splunk to use multiple locations to store index data?

We are starting to run low on disk space on our Splunk server. We have a 500GB disk dedicated to Splunk data, and it'...

by Splunk Employee in

SplunkD service never starts successfully after a clean install

SplunkD never starts successfully. This is the first time Splunk has ever been installed on this machine. The machine...

by New Member in

Any concern to use Splunk directly on the servers where the critical applications are running?

Hiya Thinking of using Splunk but worry Splunk takes too much PC resources if use it directly on the servers where...

by New Member in

How to search usage of "view"?

I know I can monitor the usage of saved search by saved_search_name from _audit index. However, I can't find equivale...

by Path Finder in

ERROR DatabaseDirectoryManager::Bucket

11-09-2010 00:00:57.985 INFO WatchedFile - File too small to check seekcrc, probably truncated. Will re-read entire...

by Path Finder in

How to embed google analytics code to all splunk pages?

Hi, I want to use google analytics to get user trace. In which template should I put the google analytics code so ...

by Motivator in

How to minimize splunk's memory usage

Is it possible to explicitly define how much memory splunk (splunkd and splunkweb) is allowed to use? Thanks

by Engager in

rotate input data

Hello, It looks like I'm running out of space on my splunk server. Here is the error that I received when running ...

by New Member in

Performance difference between using SEDCMD and older REGEX/TRANSFORMS method

Is there a performance difference between using the SEDCMD syntax in just props.conf versus using the older method wh...

by Splunk Employee in

Sizing a Splunk installation- and a license question too.

We're considering moving our Splunk environment from AIX to a Linux x86 box for performance reasons. My particular de...

by Builder in

A FusionIO ioDrive card with splunk?

Has anyone used an ioDrive for their splunk? I'm really curious if anyone can speak to the crazy high IOPS & throughp...

by Communicator in

Does fschange use inotify / ReadDirectoryChangesW or similar?

Does Splunk make full use of operating system specific features when monitoring for changed files? In particular, ...

by Motivator in

With coldToFrozenScript, what is responsible for deleting the bucket?

When you specify a coldToFrozenScript in indexes.conf, what is responsible for deleting the cold bucket from the inde...

by SplunkTrust in

Migrating colddb buckets to new storage.

Hi, In an attempt to increase the available storage for indexes, I am looking at moving the colddb indexes to an a...

by Explorer in

monitor latest file only

I write a script to blacklist the oldest file but splunk don't reload inputs.conf until someone restart the services ...

by Path Finder in

Looking for "high performance Splunk"

A client is looking for advice on tuning splunk for what they call "high performance" - defined as minimizing cpu, ne...

by Motivator in

Monitoring Logfiles with random number as part of the name

Our logfiles are named in the format Log.Activity.prod.###.txt where ### is random number. Also we want to leave out ...

by Explorer in

Delay of monitoring thousands of file

I monitored several thousands of file in splunk but I find it indexes the new events for more than 30 minutes. I have...

by Path Finder in

Splunk helpers.. what is it?

Hi, 'Splunk Helpers' what is this process & what does it do? Can it be stopped/started via cmdline. Obviously if c...

by Explorer in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

How to configure Field Perf Benchmark App

How to use ‘Field Perf Benchmark’ App

btool relocation error

Monitoring a file in windows forwarder on Splunk instance on Linux

Strange behavior when searching on large events

Error updating saved search dhcpd_alert_new_mac_address_15m

How do I configure Splunk to use multiple locations to store index data?

SplunkD service never starts successfully after a clean install

Any concern to use Splunk directly on the servers where the critical applications are running?

How to search usage of "view"?

ERROR DatabaseDirectoryManager::Bucket

How to embed google analytics code to all splunk pages?

How to minimize splunk's memory usage

rotate input data

Performance difference between using SEDCMD and older REGEX/TRANSFORMS method

Sizing a Splunk installation- and a license question too.

A FusionIO ioDrive card with splunk?

Does fschange use inotify / ReadDirectoryChangesW or similar?

With coldToFrozenScript, what is responsible for deleting the bucket?

Migrating colddb buckets to new storage.

monitor latest file only

Looking for "high performance Splunk"

Monitoring Logfiles with random number as part of the name

Delay of monitoring thousands of file

Splunk helpers.. what is it?

Aligning Observability Costs with Business Value: Practical Strategies

Mastering Data Pipelines: Unlocking Value with Splunk

Splunk Up Your Game: Why It's Time to Embrace Python 3.9+ and OpenSSL 3.0

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions