Chapter 8. Monitoring and Alerting

This chapter will explain the monitoring and alerting capabilities of the Splunk technology at a desktop level and will compare Splunk with other monitoring tools.

The following topics will be covered in this chapter:

  • What to monitor
  • Advanced monitoring
  • Splunk Deployment Monitor
  • All about alerts
  • Expanded functionalities

What to monitor

Let's start by describing what we are referring to when we talk about monitoring in Splunk. So, Splunk tells us that monitoring in Splunk can be defined as follows:


"The act of watching a file, directory, script, or network port for new data. Also used to refer to a configured Splunk data input of the aforementioned types. When you configure a data input for an ongoing incoming data source, ...

Get Mastering Splunk now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.