<div>Mining Splunk's Internal Logs</div>

Splunk is great about logging its warnings and errors, but it won’t tell you about them – you have to ask!

As the leading machine-generated data analysis software, it’s not surprising that Splunk excels at creating robust logs. The current version of Splunk Enterprise (v 8.05) generates 22 different logs (for a complete current list see: What Splunk logs about itself). These logs don’t consume license usage, so other than disk space, there is no downside to all this logging, and the information the logs provide can be eye opening. The challenge for the Splunk administrator is getting a handle on these logs and using them to troubleshoot issues, find unknown errors, and improve performance.

By admin