Splunk® Enterprise

Distributed Deployment Manual

Splunk Enterprise version 9.0 will no longer be supported as of June 14, 2024. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.

Monitor your distributed deployment

You can use the monitoring console to monitor most aspects of your deployment. This topic describes the console dashboards that provide an overview of the entire deployment.

The primary documentation for the monitoring console is Monitoring Splunk Enterprise.

Deployment-wide dashboards

The monitoring console includes dashboards that provide an overview of the entire deployment, as well as others that drill down deeply into your deployment, focusing on specific features of the deployment, such as indexing or search head clustering. This topic describes the overview dashboards. The manuals that describe specific features cover the dashboards relevant to those features.

For example, for search head clusters alone, the monitoring console provides five dashboards that cover activities such as artifact replication, configuration replication, and app deployment. These dashboards are discussed in the documentation on search head clustering, in Distributed Search. Similarly, dashboards pertinent to indexer clusters or indexing performance are described in Managing Indexers and Clusters of Indexers.

There are three types of dashboards or pages that provide a deployment-wide view:

  • Overview
  • Instances
  • Resource Usage

Overview dashboards

The dashboards that provide an overview of the deployment are located under the Overview menu. They are also the dashboards that appear when you initially start up the console. There are two dashboards:

  • Overview
  • Topology

You toggle between these dashboards by clicking on the Overview or Topology button.

The Overview dashboard specifies the number of indexers, search heads, cluster managers, and license managers. It also includes information on usage and alerts.

The Topology dashboard shows the instances for each component type, and the connections between indexers and search heads. It also provides some high-level information about each instance, such as the indexing rate for indexers and whether an instance is up or down.

Instances page

The Instances dashboard lists all Splunk Enterprise instances in your deployment. For each instance, it also provides information about its basic characteristics and status. You can access it through the Instances menu.

Resource Usage dashboards

There are several Resource Usage dashboards, which you access through the Resource Usage menu. The Resource Usage: Deployment dashboard provides deployment-wide resource information, such as CPU usage, physical memory usage, and disk usage. The other dashboards provide usage information by instance or machine.

See Resource usage dashboards in Monitoring Splunk Enterprise.

Last modified on 14 August, 2021
Post-deployment activities  

This documentation applies to the following versions of Splunk® Enterprise: 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.2.0, 9.2.1

Was this topic useful?

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters