Splunk Server Restart Duration

As titled, the following Splunk search query will show the restart duration (using the transaction command) of the Splunk service itself.  

Continue Reading →

Failed Attempts to Logon to Splunk Web

The following Splunk Search Query will return all users who have failed to logon to the Splunk Web console. This query will also include an average (from eventstats).  

Continue Reading →