Search Head appears to have a rogue python process ( appserver.py) that slowly eats away all memory on the system, then eventually causes an OOM, which requires a manual restart of splunkd, t...
Hi Folks,
I'm running into trouble excluding new process creation events for Teams from being indexed. It's an expected application and starts at logon so we're not super worried about it.
I've l...
I have gotten 3 error on the search head. The errors are:
Failed to start KV Store process. See mongod.log and splunkd.log for details.
KV Store changed status to failed. KVStore process t...
Hi Guru,
How do we exclude 0% process usage from Hostmetrics? We would like to capture those process have >0% usage only..
Appreciate if you can provide the sample.
h...
I have been trying to create an alert that triggers whenever the process ID of a process on linux is null. Because it is not sending data, I assume the process is not running, and if it has a process...
I've been working on a project with JSON in the event where Tags are stored similar to this... { "Name": "example", "Tags": [ {"Key": "Building", "Value": "1"}, {"Key": "Floor", "Value": "2"}...
...ost, _time, cpu_load_percent From there, I would like a report generated, wherein for each host a timechart is provided for the last 60 minutes, showing CPU %s for each of the processes run on that h...
This is my JSON data. How should I write a query syntax to directly traverse to the last parentProcess, and then provide the complete process chain? Like This time username processInfo process...
Hello
we've been advised to "Disable the ability to process ANSI escape codes in terminal applications" and I honestly don't know what that really means and can't find much guidance around that....