<  Back |HomeNext  >

  • Most frequently used splunk commands.

1. check splunk status or check if splunk is running in linux

./splunk status

2. start splunk

/.splunk start

3. stop splunk

 ./splunk stop

4. start splunk in debug mode

./splunk start --debug

5. check on what port splunk is running or listening

netstat -an | grep splunk

6.check cpu usage by splunk

top

7. What splunk thinks of configurations (Using Btool)

./splunk cmd btool list
./splunk cmd btool list --debug
./splunk cmd btool web list --debug
--debug tells where it is reading the configuration from

8. Deployment Server commands

./splunk list deploy-clients
./splunk reload
./splunk reload deploy-server -class <ServerClass>

9.monitor files in a directory i.e. add logs to splunk from a directory

./splunk add monitor /path to log file

                                                                                                    <  Back |HomeNext  >

Comment Box is loading comments...