An option to monitor Splunk itself (even in the most complicated environments) is the Splunk Deployment Monitor app. This app is designed to help manage and troubleshoot medium- to large-scale deployments. It also keeps track of all your Splunk instances and delivers early warning signals of the potential failures.

The Splunk Deployment Monitor app provides you with out-of-the-box dashboards and drilldowns—giving you information that will help you monitor your Splunk environment's health, such as the following:

  • Index throughput (based on time)
  • Forwarder connections to the indexer over time
  • Indexer and forwarder abnormalities
  • Status and forwarding volume over time
  • Source types being indexed by the system
  • License usage

Where is this app?

Prior to ...

Get Mastering Splunk now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.