Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why do I see no results when I run "index=_introspection host=hostname" search?

kotig
Path Finder
‎03-15-2017 12:49 PM

I am trying to get the data from the disk_objects.log file running the search: index=_introspection host=hostname but nothing is returned. Can someone help?

Is there anything that need to be done so that we can search on the _introspection index?
Is the _introspection index available for the Linux boxes as well?

Thanks
Koti

0 Karma
Reply

lguinn2
Legend
‎03-15-2017 12:57 PM

The _introspection index is only viewable by admins. It is available for any Splunk instance, regardless of OS.
If you don't see anything from your query, try a broader search like "index=_introspection" and check to see what hosts appear in the results. Perhaps your host name is wrong.

Many of the reports in the Monitoring Console (formerly the DMC) are based on the introspection data. Hopefully, you have set up the MC for your environment. You can see a lot of the disk usage information there as well.

0 Karma
Reply

kotig
Path Finder
‎03-15-2017 02:58 PM

Appreciate your help on responding to my question. But as I am pretty new to this, I am not clear on what does it mean by MC. I am not sure if that was done by our Admins. I am not sure if I am an admin. Is there any other way to find out the disk usage other than the introspection?

0 Karma
Reply
Get Updates on the Splunk Community!

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI! Discover how Splunk’s agentic AI ...