Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Reg. running a daily check aside from the MC do you have a check list you run to make sure all components are healthy?

SamHTexas
Builder
‎12-30-2021 06:53 AM

Aside from the MC in distributed mode checks do you have a comprehensive check list you run making sure all counters & components are healthy in the Ent. & the ES. I know a lot of us love the MC. Just wondering what else the champs do in their environment please? Thank u & happy 2022.

Labels (1)
Labels
Tags (1)
0 Karma
Reply

tscroggins
Influencer
‎01-02-2022 10:29 AM

@SamHTexas 

You might want to look over my response in May: https://community.splunk.com/t5/Monitoring-Splunk/Please-share-a-short-Splunk-preventative-tasks-lis...

The should cover KV store issues. ES is reasonably good at posting messages for its own health checks, and that's generally a good way to monitor problems from the monitoring console instance as a scheduled search:

| rest splunk_server=*/servicesNS/-/-/messages

and filter as needed.

Likewise, you can search deployment and splunkd health for colors other than green:

| rest splunk_server=* /services/server/health/deployment/details

| rest splunk_server=* /services/server/health/splunkd/details

The latter search should be transposed to show health by feature.

Reply

isoutamo
SplunkTrust
SplunkTrust
‎01-04-2022 08:56 AM

Here is some thoughts from last conf https://conf.splunk.com/files/2021/slides/PLA1410C.pdf

r. Ismo

Reply
Get Updates on the Splunk Community!

.conf25 Registration is OPEN!

Ready. Set. Splunk! Your favorite Splunk user event is back and better than ever. Get ready for more technical ...

Detecting Cross-Channel Fraud with Splunk

This article is the final installment in our three-part series exploring fraud detection techniques using ...

Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside

Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk ...
Top