Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Applications

jovnice
Explorer
‎02-02-2024 11:30 AM

I am very new to Splunk and having a hard time finding how to monitor applications. Can someone help? 

Labels (1)
Labels
0 Karma
Reply

jovnice
Explorer
‎02-02-2024 12:00 PM

Thanks for the information. For the application I wanted to put an email alert on it for when someone is logging in and out of the application. Is that possible.

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎02-02-2024 12:24 PM

Again - it's not how it works.

First, the application itself has to be able to generate - as we say - an "event" which will be either written to a file which Splunk's forwarder will be able to read or sent via network (there are also other ways to receive or pull data into Splunk but these are the most popular ones).

Then you have to ingest that data into Splunk.

When you have this data in Splunk, yes you can schedule a report which will - for example - every 5 minutes check if/how many users logged into your system.

But still, first and foremost, the application itself has to report this action somewhere so that Splunk can get such event. It's not a fortune teller you know 😉

0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎02-02-2024 11:55 AM

Splunk on its own is not a "monitoring tool" meaning that Splunk is not meant to do - for example - active checks against an application as monitoring suites do (it probably can be forced to do that but it's not gonna be an optimal solution). Its forte is data analysis. So as long as you have data from external sources, you can put this data into Splunk, search it and analyze. Then - if you have events describing - for example - results of such checks, you can schedule an alert if there are too many failed probes or calculate whether the SLA levels were met or not.

0 Karma
Reply
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...