Splunk Search

Splunk maintenance

teddyidc1101
Communicator

Is there maintenance procedure that Splunk Enterprise/deployment/instance requires periodically to ensure high performance?

Is there an app that can be used to this?

Please share. thanks!

0 Karma
1 Solution

HiroshiSatoh
Champion

Is it the maintenance of "Splunk Enterprise"? Or is it a deployment server maintenance?

Splunk does not need maintenance in particular, and I think that it is enough to restart the server at regular intervals.

If you need advanced performance, please refer to the administrator's manual etc.

Capacity Planning Manual
http://docs.splunk.com/Documentation/Splunk/7.1.0/Capacity/Referencehardware

Optimize Splunk for peak performance
https://docs.splunk.com/Documentation/Splunk/7.1.0/Admin/OptimizeSplunkforpeakperformance

Splunk Sizing and Performance
https://www.splunk.com/blog/2014/05/07/splunk-sizing-and-performance-doing-more-with-more.html

View solution in original post

HiroshiSatoh
Champion

Is it the maintenance of "Splunk Enterprise"? Or is it a deployment server maintenance?

Splunk does not need maintenance in particular, and I think that it is enough to restart the server at regular intervals.

If you need advanced performance, please refer to the administrator's manual etc.

Capacity Planning Manual
http://docs.splunk.com/Documentation/Splunk/7.1.0/Capacity/Referencehardware

Optimize Splunk for peak performance
https://docs.splunk.com/Documentation/Splunk/7.1.0/Admin/OptimizeSplunkforpeakperformance

Splunk Sizing and Performance
https://www.splunk.com/blog/2014/05/07/splunk-sizing-and-performance-doing-more-with-more.html

teddyidc1101
Communicator

Thanks for sharing!
To answer your question, i would say for both.

So that would mean a that if the hardware and software are performing well and being maintained on a regular basis, Splunk Enterprise will be ok already?

0 Karma

HiroshiSatoh
Champion

We monitor server monitoring, process monitoring, resource monitoring, log reception monitoring as normal operation confirmation.

0 Karma

teddyidc1101
Communicator

ok thanks! this clears up things 🙂

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...