Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Reg. running a daily check aside from the MC do you have a check list you run to make sure all components are healthy?

SamHTexas
Builder
‎12-30-2021 06:53 AM

Aside from the MC in distributed mode checks do you have a comprehensive check list you run making sure all counters & components are healthy in the Ent. & the ES. I know a lot of us love the MC. Just wondering what else the champs do in their environment please? Thank u & happy 2022.

Labels (1)
Labels
Tags (1)
0 Karma
Reply

tscroggins
Influencer
‎01-02-2022 10:29 AM

@SamHTexas 

You might want to look over my response in May: https://community.splunk.com/t5/Monitoring-Splunk/Please-share-a-short-Splunk-preventative-tasks-lis...

The should cover KV store issues. ES is reasonably good at posting messages for its own health checks, and that's generally a good way to monitor problems from the monitoring console instance as a scheduled search:

| rest splunk_server=*/servicesNS/-/-/messages

and filter as needed.

Likewise, you can search deployment and splunkd health for colors other than green:

| rest splunk_server=* /services/server/health/deployment/details

| rest splunk_server=* /services/server/health/splunkd/details

The latter search should be transposed to show health by feature.

Reply

isoutamo
SplunkTrust
SplunkTrust
‎01-04-2022 08:56 AM

Here is some thoughts from last conf https://conf.splunk.com/files/2021/slides/PLA1410C.pdf

r. Ismo

Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Introducing Splunk 10.0: Smarter, Faster, and More Powerful Than Ever

Now On Demand Whether you're managing complex deployments or looking to future-proof your data ...

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...