Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to check if a windows/unix server is reporting to splunk?

bsuresh1
Path Finder
‎05-20-2015 05:41 AM

Hi Guys,

I am completely new to Splunk. Finding ways to learn as much quickly. Please help me out.

Question:
How to check if a windows/unix server is reporting to splunk? - I am aware if a Forwarder is installed on client server, then it will contact splunk servers. But I want to make sure if the forwarder is actively communicating with splunk servers? Can we see a list of servers which are reporting to Splunk on a glance?

Tags (2)
0 Karma
Reply

Yasaswy
Contributor
‎05-20-2015 06:36 AM

Hi,
You should be able to lookup all data received from forwaders by querying the internal index... 

index=_internal metrics  group=per_host_thruput earliest=@d

above should give you all data received from hosts for the day. If you are using a deployment sever you can see all the clients phoning in under settings->forwarder management.

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

Tuesday, May 14, 2024  |  11AM PT / 2PM ET Register to Attend Join us for this Tech Talk and learn how to ...