Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How create reports to monitor web applications?

ThelmaJ
Loves-to-Learn
‎07-13-2022 10:54 AM

Hello,

I'm new working with Splunk and I want to create reports and email notification to me  when  any systems go down. Can any of you help me with any search string for that?

Thank you!

Thelma

Labels (1)
Labels
0 Karma
Reply

VatsalJagani
SplunkTrust
SplunkTrust
‎07-13-2022 11:39 AM

@ThelmaJ - There could be multiple ways to do that.

One way is if you are monitoring log files from the web application then you can do something like the below:

index=<your-index> sourcetype=<web-logs-sourcetype>
| stats count by host
| append [| inputlookup list_of_web_server_host_names.csv | eval count=0]
| stats sum(count) as count by host
| where count=0

You can run this alert every 15 minutes or 1 hour depending on the requirement.

If the host did not send any logs then you can get an alert.

This is one of the way, but depending on what setup you have there could be lot of ways you can achieve the same.

 

I hope this helps!!!

0 Karma
Reply

ThelmaJ
Loves-to-Learn
‎07-15-2022 08:18 AM
Thank you!
Could you share another way to do that?
I appreciate your help.
Thank you,
Thelma
 
Tags (1)
0 Karma
Reply

VatsalJagani
SplunkTrust
SplunkTrust
‎07-17-2022 02:09 AM

If you have a log that tells "Service is shutting down", then you can create an alert on that.

 

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...