Solved: Re: how to monitor the services and restart the se...

Kaushikkatta03 · ‎10-13-2016

we have services going down on our splunk server instances , we just want to set up an alert when the service failure occurs and also automatic restart of the services .And for information we dont have clustered Environment . we have 2 forwarders and 5 indexer instances .

Last week there was service down on indexer but we haven't got any alert as out server instances were being monitored by "tivoli" . Kindly help us if we can do this on splunk itself.

inventsekar · ‎10-14-2016

Tivoli should be able to do this. (we use HPOM/HPOV for this).
or, unix cronjob can do this.

splunk on splunk(SOS) can not help for this case.

View solution in original post

inventsekar · ‎10-14-2016

Tivoli should be able to do this. (we use HPOM/HPOV for this).
or, unix cronjob can do this.

splunk on splunk(SOS) can not help for this case.

somesoni2 · ‎10-13-2016

If the Splunk service is down, it can't run any alert action by itself to get restarted. You would need to use some external means to monitor and restart Splunk service. A simple crontab job will do the job.

Kaushikkatta03 · ‎10-14-2016

well if i get splunk on splunk add on , will it help me .

how to monitor the services and restart the services ,we also need an alert when the service goes down

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases