I am operating in an environment with a standalone Splunk Enterprise instance running v8.1.3 on RHEL. In my environment I have around 350 Universal Forwarders that have been up and running for ...
I upgraded from 7.2 to 8.0 and then 8.0 to 8.2
After the upgrade to our distributed deployment, I am getting bombarded with email Health Alerts.
"sum_top3_cpu_percs__max_last_3m" is r...
Hi I'm Splunk newbie.
I'm confused about MC, CM, and LM, so I'm asking a question.
1. Is it true that the monitoring console exists to check the indexer's health or CPU usage?
2. If number 1 i...
I need details about what to check before I upgrade so I know if my deployment is ready to upgrade. What do I monitor, and how do I benchmark system health before the upgrade?
As per the below screenshot my server is not giving any healthstatus of hec port 8088. Due to this I am not able to publish anything by using hec token in Splunk for an example : curl -k "A...
...ew IOWait feature in the health report is extremely "chatty" even though all other aspects of the deployment are in great shape. Even though we can successfully disable the IOWait feature in the c...
....conf file: [feature:iowait] alert:sum_top3_cpu_percs__max_last_3m.disabled = 1 However, I am still getting the appearing in SplunkWeb on the Monitoring Console server. Why is this? Am I...
Is it possible to send over Kubernetes/Racher/RKE healthstatuses/checks over to Splunk to create some kind of dashboard for visualization. We have utilized the fluentd feature to send over logs to s...