Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I check if some servers are calling into splunk?

egreg7
Engager
‎07-13-2017 03:02 PM

Please what is the Splunk search command to find out if a Server is calling into Splunk. I am trying to find out the number of Servers calling into splunk.

Tags (1)
0 Karma
Reply

mattymo
Splunk Employee
Splunk Employee
‎07-13-2017 05:36 PM

do you mean forwarders forwarding data? or forwarders calling the deployment server?

for forwarders forwarding:

fast answer: index=_internal source=*metrics.log tcpin_connections
| stats count by hostname

best practice: use the monitoring console to monitor your deployment with forwarder management dash - https://docs.splunk.com/Documentation/Splunk/6.6.2/DMC/ForwardersDeployment

another option: check out the meta woot app! https://splunkbase.splunk.com/app/2949/

If you are talking about the delpoyment server:

Use the forwarder MGMT page on the deployment server: https://docs.splunk.com/Documentation/Splunk/6.6.2/Updating/Forwardermanagementoverview

If you are talking about any server talking to a splunk instance. Use splunk stream! https://splunkbase.splunk.com/app/1809/

- MattyMo
0 Karma
Reply
*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!

Review:





Or Learn More in Our Blog >>

Get Updates on the Splunk Community!