Splunk Cloud Platform
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How create reports to monitor web applications?

ThelmaJ
Loves-to-Learn
‎07-13-2022 10:54 AM

Hello,

I'm new working with Splunk and I want to create reports and email notification to me  when  any systems go down. Can any of you help me with any search string for that?

Thank you!

Thelma

Labels (1)
Labels
0 Karma
Reply

VatsalJagani
SplunkTrust
SplunkTrust
‎07-13-2022 11:39 AM

@ThelmaJ - There could be multiple ways to do that.

One way is if you are monitoring log files from the web application then you can do something like the below:

index=<your-index> sourcetype=<web-logs-sourcetype>
| stats count by host
| append [| inputlookup list_of_web_server_host_names.csv | eval count=0]
| stats sum(count) as count by host
| where count=0

You can run this alert every 15 minutes or 1 hour depending on the requirement.

If the host did not send any logs then you can get an alert.

This is one of the way, but depending on what setup you have there could be lot of ways you can achieve the same.

 

I hope this helps!!!

0 Karma
Reply

ThelmaJ
Loves-to-Learn
‎07-15-2022 08:18 AM
Thank you!
Could you share another way to do that?
I appreciate your help.
Thank you,
Thelma
 
Tags (1)
0 Karma
Reply

VatsalJagani
SplunkTrust
SplunkTrust
‎07-17-2022 02:09 AM

If you have a log that tells "Service is shutting down", then you can create an alert on that.

 

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Mobile: Your Brand-New Home Screen

Meet Your New Mobile Hub  Hello Splunk Community!  Staying connected to your data—no matter where you are—is ...

Introducing Value Insights (Beta): Understand the Business Impact your organization ...

Real progress on your strategic priorities starts with knowing the business outcomes your teams are delivering ...

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

As of today, Enterprise Security (ES) Essentials 8.3 is now generally available, helping SOC teams simplify ...