Monitoring Splunk

Thread Info

Splunk - monitoring a wireshark file

i'm newbie to splunk and i'm trying to get splunk monitor a capture file from Wireshark. i set wireshark to capture t...

by Engager in

Monitor,transforms?

I am trying to monitor a file on a forwarder. I don't wish to send all the contents, as there is unnecessary data in ...

by Contributor in

Monitor multi directory and using whitelisting

I have to monitorize multiple log such access_log, error_log and xferlog_regular files in a different categories. The...

by New Member in

Interpreting execution costs on the Job Inspector page.

Are there any docs or other helpful resources to help explain the Execution costs chart on the Job Inspector page? ...

by Super Champion in

why is the windows app generating crash reports in my windows event logs ?

Since I deployed the windows app on my forwarder, I am seeing crashes reported in my windows event logs. But splunk i...

by Splunk Employee in

Crash with error "/opt/splunk/p4/splunk/branches/prince/src/search/processors/SortProcessor.cpp:297: bool rescomp_t::operator<(rescomp_t) const: Assertion `first.size() == other.first.size()' failed."

Whenever do a particular search, Splunk always crashes with error "/opt/splunk/p4/splunk/branches/prince/src/sear...

by Splunk Employee in

where to save rotated logs?

my question exactly means that suppose my logs are rotated constantly. for example access.log becomes access.log1 aft...

by Explorer in

where the rotated logs get save in splunk

where the rotated logs get saved in splunk.

by Explorer in

Sending to different index based on host from syslog stream

Ok, so I'm not sure what I'm doing wrong here. I need to send data coming in on the standard syslog UDP 514 stream ba...

by Engager in

inputs.conf precendence

I am having problems with splunk configuration file precedence. I have two inputs.conf in my splunk app. One in de...

by Explorer in

Is RAID controller driver necessary for Redhat 5.6

Hi, We shall install SPLUNK on new IBM x3650M3 server with 12 SAS HD, 8 GB RAM and 2 E5630 CPU. OS is Redhat 5.6. RAI...

by Engager in

What is the 'stash' sourcetype for in the PCI Application

I have been monitoring our license consumption and the 'stash' sourcetype is showing up consistently. I've poked arou...

by Communicator in

Is there an app to analyize splunks logs?

I was wondering if anyone has put an app together that watches Splunks logs? There are many details in the log, espec...

by Builder in

How to configure Field Perf Benchmark App

What actually needs to be configured within Perf Test's tasks.conf file. Also do the following global values need ...

by Path Finder in

How to use ‘Field Perf Benchmark’ App

I just installed the ‘Field Perf Benchmark’ and I always have a ‘No results found’ in each pan of the App. When I ...

by Engager in

btool relocation error

I get following error when trying to execute btool root@usmaster: # btool Warning: program compiled against libxml...

by Contributor in

Monitoring a file in windows forwarder on Splunk instance on Linux

Hi, I have a Windows server 2003 which forwards data to Splunk instance on a Linux box. I want the file c:\Program Fi...

by New Member in

Strange behavior when searching on large events

I'm running Splunk 4.1.6 (89596) 64-bit on Windows 7. I'm using Chrome as my browser. If I search on a sourcetype ...

by Communicator in

Error updating saved search dhcpd_alert_new_mac_address_15m

I'm trying to make this search not email out (to example.com) so I've gone into the searches and reports and have unt...

by Explorer in

How do I configure Splunk to use multiple locations to store index data?

We are starting to run low on disk space on our Splunk server. We have a 500GB disk dedicated to Splunk data, and it'...

by Splunk Employee in

SplunkD service never starts successfully after a clean install

SplunkD never starts successfully. This is the first time Splunk has ever been installed on this machine. The machine...

by New Member in

Any concern to use Splunk directly on the servers where the critical applications are running?

Hiya Thinking of using Splunk but worry Splunk takes too much PC resources if use it directly on the servers where...

by New Member in

How to search usage of "view"?

I know I can monitor the usage of saved search by saved_search_name from _audit index. However, I can't find equivale...

by Path Finder in

ERROR DatabaseDirectoryManager::Bucket

11-09-2010 00:00:57.985 INFO WatchedFile - File too small to check seekcrc, probably truncated. Will re-read entire...

by Path Finder in

How to embed google analytics code to all splunk pages?

Hi, I want to use google analytics to get user trace. In which template should I put the google analytics code so ...

by Motivator in

Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Monitoring Splunk

Discussions

Splunk - monitoring a wireshark file

Monitor,transforms?

Monitor multi directory and using whitelisting

Interpreting execution costs on the Job Inspector page.

why is the windows app generating crash reports in my windows event logs ?

Crash with error "/opt/splunk/p4/splunk/branches/prince/src/search/processors/SortProcessor.cpp:297: bool rescomp_t::operator<(rescomp_t) const: Assertion `first.size() == other.first.size()' failed."

where to save rotated logs?

where the rotated logs get save in splunk

Sending to different index based on host from syslog stream

inputs.conf precendence

Is RAID controller driver necessary for Redhat 5.6

What is the 'stash' sourcetype for in the PCI Application

Is there an app to analyize splunks logs?

How to configure Field Perf Benchmark App

How to use ‘Field Perf Benchmark’ App

btool relocation error

Monitoring a file in windows forwarder on Splunk instance on Linux

Strange behavior when searching on large events

Error updating saved search dhcpd_alert_new_mac_address_15m

How do I configure Splunk to use multiple locations to store index data?

SplunkD service never starts successfully after a clean install

Any concern to use Splunk directly on the servers where the critical applications are running?

How to search usage of "view"?

ERROR DatabaseDirectoryManager::Bucket

How to embed google analytics code to all splunk pages?

AppDynamics Summer Webinars

SOCin’ it to you at Splunk University

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

MSSP reporting

Splunk UBA

Talos Cisco IoCs Splunk ES

Problems with SA-Hydra

How to pause and resume the Splunk RUM agent

Monitoring Splunk

Are you a member of the Splunk Community?

Discussions