Monitoring Splunk

Monitoring Splunk
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Community Activity
mpounsett

Splunk startup failure: "Fatal error 'kse_create() failed'" on FreeBSD 8.0

I'm running the splunk 32-bit package for FreeBSD 6.x on FreeBSD 8.0 i386 with the compat6x package installed. I und...
by mpounsett Explorer in Monitoring Splunk 06-29-2011
0 2
0
2
EricPartington

splunk web interface fqdn

How do i get the url to show the fqdn of the server where the splunk webinterface is available at? curently it says ...
by EricPartington Communicator in Monitoring Splunk 05-30-2011
1 2
1
2
nls21

Splunkd error message from: FileClassifierManager

Keep getting loads of these messages: WARN FileClassifierManager - The file '/var/log/sa/sa25' is invalid. Reason: b...
by nls21 Explorer in Monitoring Splunk 05-25-2011
1 1
1
1
Lowell

Anyone know what a STMgr "out of memory failure" is about?

Last night I started seeing a massive flood of errors like this in my splunkd.log on my central indexer. Does anyone...
by Lowell Super Champion in Monitoring Splunk 05-17-2011
0 2
0
2
elusive

I violated my license and now I can't search. Read about reset license in one of the answers. Where can I get it?

Splunk can provide a one time forgiveness reset license key that is valid for 24 hours. Submit a case here and provi...
by elusive Splunk Employee Splunk Employee in Monitoring Splunk 05-12-2011
1 4
1
4
wmosher

DISTRIBUTED SEARCH: performance -vs- highavailability

We'd like to do a distributed search setup but it doesn't look like we'll be able to afford a second cluster of searc...
by wmosher Path Finder in Monitoring Splunk 05-12-2011
0 2
0
2
Jason

Settings to improve Splunk performance on high-spec boxes?

Are there any settings that can be set to help Splunk make better use of a high-end box? (I'm currently working with ...
by Jason Motivator in Monitoring Splunk 05-11-2011
1 3
1
3
brettski

What is the frequency with which log files are read?

I am trying to determine what the frequency is that Splunk reads log files. I have Data Inputs setup against 5 web s...
by brettski Explorer in Monitoring Splunk 05-09-2011
1 4
1
4
nurtdi

Large number of errors processing data from forwarders over SSL

The data is being indexed, but a lot of errors in splunkd.log this is a snippet of log after running splunk indexer ...
by nurtdi Path Finder in Monitoring Splunk 05-04-2011
1 2
1
2
howyagoin

Can splunk-optimize kill my box?

Last night around 2345 a splunk-optimize process seems to have kicked off, and my server has essentially been unrespo...
by howyagoin Contributor in Monitoring Splunk 04-26-2011
0 2
0
2
sthao

How does indexing affect hard drive space?

I am indexing to the main index and it has a max size of 500000 MB defined. So far, I have indexed about 14,000 MB o...
by sthao New Member in Monitoring Splunk 04-26-2011
0 3
0
3
gobofo

Deployment Monitor upgrade

Tried to update Deployment Monitor to newer version via the application manager, had a comment a new version was avai...
by gobofo New Member in Monitoring Splunk 04-25-2011
0 1
0
1
albert_newton

Low in disk space. Indexing has been paused.

I am getting this message, when I start splunk (version 4.2): 'You are low in disk space on partition "/opt/splunk/v...
by albert_newton New Member in Monitoring Splunk 04-14-2011
0 3
0
3
vbumgarner

How many files does ignoreOlderThan help with?

I have a couple of directories with 120,000 files in each. This is a file every 5 minutes or so for the last 6 months...
by vbumgarner Contributor in Monitoring Splunk 04-14-2011
1 1
1
1
mctester

Why is Splunk writing errors to splunkd.log when I set memory limits above the minimum requirement?

As an alternative to relying on the Splunk 4.1.7 Light Forwarder to set and manage its own upper memory usage limit I...
by mctester Communicator in Monitoring Splunk 04-13-2011
0 1
0
1
jambajuice

Inputlookup vs. summary index performance

If I have a bunch of events in a tabular format that I wish to search for various charts on a dashboard, is it faster...
by jambajuice Communicator in Monitoring Splunk 04-12-2011
1 2
1
2
Nicholas_Key

Monitor doesn't work with env variable in inputs.conf

I observed that none of the log files are not indexed into Splunk when I used the environment variable, in my case it...
by Nicholas_Key Splunk Employee Splunk Employee in Monitoring Splunk 04-11-2011
0 5
0
5
cfalzone

Splunk Daemon Crashing

Just downloaded Splunk 4.1.3 for windows 32 bit. Running Windows 7 32 bit Enterprise Edition. This is what I am get...
by cfalzone New Member in Monitoring Splunk 04-01-2011
0 2
0
2
maverick

Can I make my LWF (lightwieght forwarder) even MORE lightweight that it is out-of-the-box (i.e. Super LightWeight)?

If so, how? What else can I disable or streamline such that my LWF takes up even less local resources?
by maverick Splunk Employee Splunk Employee in Monitoring Splunk 03-28-2011
1 4
1
4
offtheboxuser

Splunk - monitoring a wireshark file

i'm newbie to splunk and i'm trying to get splunk monitor a capture file from Wireshark. i set wireshark to capture t...
by offtheboxuser Engager in Monitoring Splunk 03-25-2011
2 3
2
3
jgauthier

Monitor,transforms?

I am trying to monitor a file on a forwarder. I don't wish to send all the contents, as there is unnecessary data in...
by jgauthier Contributor in Monitoring Splunk 03-24-2011
0 4
0
4
roccotocco

Monitor multi directory and using whitelisting

I have to monitorize multiple log such access_log, error_log and xferlog_regular files in a different categories. The...
by roccotocco New Member in Monitoring Splunk 03-23-2011
0 1
0
1
Lowell

Interpreting execution costs on the Job Inspector page.

Are there any docs or other helpful resources to help explain the Execution costs chart on the Job Inspector page? H...
by Lowell Super Champion in Monitoring Splunk 03-22-2011
6 4
6
4
yannK

why is the windows app generating crash reports in my windows event logs ?

Since I deployed the windows app on my forwarder, I am seeing crashes reported in my windows event logs. But splunk i...
by yannK Splunk Employee Splunk Employee in Monitoring Splunk 03-18-2011
1 3
1
3
zliu

Crash with error "/opt/splunk/p4/splunk/branches/prince/src/search/processors/SortProcessor.cpp:297: bool rescomp_t::operator<(rescomp_t) const: Assertion `first.size() == other.first.size()' failed."

Whenever do a particular search, Splunk always crashes with error "/opt/splunk/p4/splunk/branches/prince/src/search...
by zliu Splunk Employee Splunk Employee in Monitoring Splunk 03-18-2011
0 2
0
2
Get Updates on the Splunk Community!

The OpenTelemetry Certified Associate (OTCA) Exam

What’s this OTCA exam? The Linux Foundation offers the OpenTelemetry Certified Associate (OTCA) credential to ...

From Manual to Agentic: Level Up Your SOC at Cisco Live

Welcome to the Era of the Agentic SOC   Are you tired of being a manual alert responder? The security ...

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 4)

Welcome back to Splunk Classroom Chronicles, our ongoing series where we shine a light on what really happens ...