Splunk® Enterprise

Monitoring Splunk Enterprise

Splunk Enterprise version 9.0 will no longer be supported as of June 14, 2024. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.

Summary

This topic is a reference for the Summary dashboard in the Monitoring Console. See About the Monitoring Console in this manual.

What does this dashboard show?

The Summary dashboard integrates the splunkd health report with monitoring console features, such as Health Check, to provide a dynamic environment for troubleshooting issues with your Splunk Enterprise deployment.

You can use the Summary dashboard to monitor the health status of deployment components, track key deployment metrics, and investigate critical health issues detected by the splunkd health report.

For more information on the splunkd health report, see About pro-active Splunk component monitoring.

The Summary dashboard includes the following panels:

Anomalies

The Anomalies panel shows splunkd health report features that are currently in the red or yellow state, which indicates a problem. You can use this panel to review descriptions of each issue, and access health checks to investigate root cause and suggested fixes. For a detailed troubleshooting example, see Troubleshoot with integrated splunkd health report.

The screen image shows the anomalies panel in the summary dashboard. The panel is populated by the splunkd health report and shows Splunk Enterprise features that are currently in the red or yellow state.

For more information on health checks, see Access and customize health check.

Deployment Topology

The Deployment Topology panel shows the number and type of components that your deployment contains, including indexers, search heads, license manager, and so on. It also shows the current Splunk Enterprise version of each component, as well as other configuration details, such as the number of indexes and the indexer cluster replication factor and search factor setting.

Deployment Metrics

The Deployment Metrics panel displays the value of key metrics over a time range that you select. You can edit the panel to add or remove specific metrics from your monitoring view. You can use deployment metrics to monitor resource usage, indexing rate, search latency, and other metrics that can provide insight into the root cause of performance issues.

You can also add your own custom metrics to the Deployment Metrics panel in splunk_monitoring_console_assets.conf.

Deployment Components

The Deployment Components panel shows the current health status of high-level feature categories in the splunkd health tree. Use this panel for a quick view into the health status of your components.

For more information on the splunkd health status tree, see Splunkd health report.

Add Deployment

The Add Deployment side panel lets you bookmark the location (URL) of separate monitoring console instances. Adding deployment bookmarks is useful for quickly traversing between the monitoring consoles of multiple Splunk Enterprise deployments that might be under your purview as an administrator.

To add a deployment bookmark to the Summary dashboard:

  1. In the Summary dashboard sidebar, click Add Deployment.
  2. Enter the URL of a monitoring console dashboard in a separate Splunk Enterprise Deployment. The URL must begin with http:// or https:// and contain 'splunk_monitoring_console'.
  3. Click Submit.

To add a deployment, a role must have the edit_bookmark_mc capability.

Last modified on 14 August, 2021
Access and customize health check   Indexing: Performance

This documentation applies to the following versions of Splunk® Enterprise: 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.1.6, 9.1.7, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.3.0, 9.3.1, 9.3.2


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters