Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
Alerts For Splunk Admins app icon

Alerts For Splunk Admins

This application accompanies the Splunk conf 2017 presentation "How did you get so big? Tips and tricks for growing your Splunk installation from 50GB/day to 1TB/day" The 2017 conf presentation is linked from the detailed notes, the overall idea behind this application is to provide a variety of alerts that detect issues or potential issues within the splunk log files and then advise via an alert that this has occurred. This application was built as there were a variety of messages in the Splunk console and logs in Splunk that if acted upon could have prevented an issue within the environment. In addition to the alerts there are a few dashboards that relate to troubleshooting indexer/heavy forwarder performance issues. Many of the alerts are informational and the description and comments inside the alert explain which alerts are likely to generate the most noise. All alerts are disabled by default so you can choose which alerts may be appropriate for your environment. Feedback is welcome!

Built by Gareth Anderson
splunk product badge
screenshot
Latest Version 4.0.3
February 22, 2025
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2
Rating

0

(0)

Log in to rate this app
Support
Alerts For Splunk Admins support icon
Developer Supported app
Learn more
Ranking

#16

in Utilities

#43

in IT Operations
This application accompanies the Splunk conf 2017 presentation "How did you get so big? Tips and tricks for growing your Splunk installation from 50GB/day to 1TB/day" The 2017 conf presentation is linked from the detailed notes, the overall idea behind this application is to provide a variety of alerts that detect issues or potential issues within the splunk log files and then advise via an alert that this has occurred. This application was built as there were a variety of messages in the Splunk console and logs in Splunk that if acted upon could have prevented an issue within the environment. In addition to the alerts there are a few dashboards that relate to troubleshooting indexer/heavy forwarder performance issues. Many of the alerts are informational and the description and comments inside the alert explain which alerts are likely to generate the most noise. All alerts are disabled by default so you can choose which alerts may be appropriate for your environment. Feedback is welcome!

Categories

Created By

Gareth Anderson

Source Code

Type

app

Downloads

41,815

Licensing

Splunk Answers

Resources

Login to report this app listing