Splunk

 What is Splunk?...

Splunk is ‘Google’ for our machine-generated data. It’s a software/engine that can be used for searching, visualizing, monitoring, reporting, etc. of our enterprise data. Splunk takes valuable machine data and turns it into powerful operational intelligence by providing real-time insights into our data through charts, alerts, reports, etc.

How to extract IP addresses from logs?...

rex field=_raw  "(?<ip_address>\d+\.\d+\.\d+\.\d+)"

How to troubleshoot splunk performance?...

  • Check splunkd.log for errors
  • Check server performance issues, i.e., CPU, memory usage, disk I/O, etc.
  • Install the SOS (Splunk on Splunk) app and check for warnings and errors in its dashboard
  • Check the number of saved searches currently running and their consumption of system resources
  • Install and enable Firebug, a Firefox extension. Log into Splunk (using Firefox) and open Firebug’s panels. Then, switch to the ‘Net’ panel (we will have to enable it). The Net panel will show us the HTTP requests and responses, along with the time spent in each. This will give us a lot of information quickly such as which requests are hanging Splunk, which requests are blameless, etc.

Command for restarting the Splunk Daemon?...

splunk start splunkd


Comments

Post a Comment

Popular posts from this blog

General information about Netezza : Default Error details

General information about Netezza : Default Error details     There are around 140 default error details available in Netezza. For your reference please find below details. ERRORCODE ERRORTEXT 1 Operation failed 2 Interaction aborted 3 Statement aborted 4 Could not serialize - transaction aborted 5 Transaction no longer active 6 Out of memory 7 Incorrect data type 8 Illegal value 9 Internal: SPUs crosstalking 10 Internal pipe I/O failed 11 Cannot determine hostname 12 Rogue SPU trying to register 13 No such table exists 14 No such field exists in table 15 Table already exists 16 Plan already exists in plan dictionary 17 F...
Read more

Minus in Teradata?...

Minus : It will provide the result which one is not matching from both tables... Note: It will provide the not matching result from first select table only. Select Emp_No from Emp Minus Select Emp_no from Emp_Dep;
Read more