Count of Splunk Errors Per Host

The following Splunk query will list the number of errors associated with each host over a given time range:

Continue Reading →

List Ports Forwarders are Using

Use the following Splunk Search Query to list what ports your Universal Forwarders are using to communicate to the Indexer:

Continue Reading →

List of Universal Forwarders with Version

The following Splunk query will return results of any host using a universal forwarder to transmit data back to a Splunk indexer. The query will return hostname, version, as well as architecture (64-bit vs 32-bit).  

Continue Reading →

Detailed list of Universal Forwarders Reporting to Indexer

The following query will list in detail information on the universal forwarders checking into the indexer. I’ve renamed some of the fields to be more user-friendly.

Continue Reading →