Set Up Splunk Multi-Instance Monitoring Console (Part-II)

Set Up Splunk Multi-Instance Monitoring Console (Part-II)

In our previous blog, we have discussed monitoring console setup, if you have not checked yet then click Set Up Splunk Multi-Instance Monitoring Console (Part-I).

This blog is going to be very short compared to the previous blog. In this one, we are gonna discuss the “forwarder setup in monitoring console”, “health check”, “platform alerts” and a few more. It’s going to be very easy to do if all of your forwarders are connected correctly in your environment.

1.Forwarder setup in monitoring console:

So let’s follow these below steps,
First, go to your newly set up monitoring console and click on forwarders and forwarders: instance.

Now click on setup, to configure this page.

Now enable, forwarder monitoring and choose data collection intervals.
Then click on save and continue.

Then this process or search will fetch all of your forwarder assets and will build a forwarder management dashboard within the monitoring console by running a scheduled search named “DMC Forwarder – Build Asset Table”.
After doing those above steps you will avail to see all of your forwarder’s information as shown below.

2. Platform Alerts:

Platform alerts in the monitoring console are saved searches to notify if anything going wrong or anything happening disturbing or abnormal, which can cause problems or can compromise the environment. So that a Splunk engineer can identify the problem and diagnose it according to the requirement for the benefit of the Splunk environment.
All the required alerts have already been created, so we need to enable or disable them based on our needs.
So go to the overview page and scroll down and click on Enable or Disable.
NOTE: This is the panel where you can see all of your triggered alerts.

Then you can see a list of alerts that have already been created.

You can also know about :  Difference between User and Power User in Splunk

You can enable or disable based on the request, even you can edit alerts also if you want to do so.
3. Health Check:
Splunk monitoring console also comes with a customizable health check interface.
Click on Health Check from the navigation of the monitoring console.

And then click on Start to perform the health check.

And it will show whether your items are performing abnormally or not, or even you download the results by clicking on the export sign.

4. Color mapping:
We can customize the color mapping also based on the company color pallets if any.
For that go to the Settings and Overview preferences.

Here you can change the color mapping by clicking on edit if you want.

I hope these two blogs (Set-Up Splunk Monitoring Console Part- I & II) are helpful for you people. Stay tuned with us. We will come up with many more exciting worthy blogs for all of you.

Happy learning & happy splunking!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.