Category: Splunk

What is Splunk Deployment? Splunk Deployment is the process of managing configuration files among different Splunk instances. Depending on the role of each instance, certain

All Splunk instances in a distributed environment including Search Heads, Indexers, Heavy & Universal Forwarders require configuration updates to meet customers’ requirements. For example, if

There are three (3) main components that define the Architecture of Splunk. Those three components work together to accomplish Splunk functionality. The three components are

Troubleshooting cloud applications has made security, application performance monitoring (APM), and DevOps impossible to manage. Most cloud providers do not allow you to install your

What is Splunk Diag? Splunk diag (also known as “Splunk Diagnostic File”) is a diagnostic report. It is used to disseminate system information and logs

How does Splunk keep track of log files that it is monitoring? With Fishbucket.  What is Fishbucket?  Fishbucket in Splunk is a sub-directory that maintains

What is Splunk SmartStore? SmartStore is Splunk’s implementation of the S3 Object Storage Service. It primarily operates with Amazon S3 but works with block storage

What is CloudWatch?  Amazon CloudWatch is a tool that provides monitoring and management services for system data from many of the AWS instances like Elastic

What is Splunk DB Connect?   Splunk DB Connect is a Splunk App that enables easy integration of Splunk with relational databases. By Integrating Splunk with

This blog article explains how Splunk receives Syslog events, indexes them, and makes it available for users to view. First, let’s go over the basics